forked from forgejo/forgejo
Backport #25701 by @CaiCandong we refactored `userIDFromToken` for the token parsing part into a new function `parseToken`. `parseToken` returns the string `token` from request, and a boolean `ok` representing whether the token exists or not. So we can distinguish between token non-existence and token inconsistency in the `verfity` function, thus solving the problem of no proper error message when the token is inconsistent. close #24439 related #22119 Co-authored-by: caicandong <50507092+CaiCandong@users.noreply.github.com> Co-authored-by: Jason Song <i@wolfogre.com>
This commit is contained in:
Giteabot
GitHub
parent
bd1946e372
commit
ee87b4e18c
3 changed files with 54 additions and 26 deletions
|
|
@ -41,6 +41,17 @@ func TestAPIUserReposNotLogin(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func TestAPIUserReposWithWrongToken(t *testing.T) {
|
||||
defer tests.PrepareTestEnv(t)()
|
||||
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
|
||||
wrongToken := fmt.Sprintf("Bearer %s", "wrong_token")
|
||||
req := NewRequestf(t, "GET", "/api/v1/users/%s/repos", user.Name)
|
||||
req = addTokenAuthHeader(req, wrongToken)
|
||||
resp := MakeRequest(t, req, http.StatusUnauthorized)
|
||||
|
||||
assert.Contains(t, resp.Body.String(), "user does not exist")
|
||||
}
|
||||
|
||||
func TestAPISearchRepo(t *testing.T) {
|
||||
defer tests.PrepareTestEnv(t)()
|
||||
const keyword = "test"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue