fix: basic bug does not cache info by user name hash

shaj13 · Feb 6, 2021 · cba155f · cba155f
1 parent e733a3d
commit cba155f
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 1 deletion.
diff --git a/auth/strategies/basic/cached.go b/auth/strategies/basic/cached.go
@@ -35,7 +35,7 @@ type cachedBasic struct {
 
 func (c *cachedBasic) authenticate(ctx context.Context, r *http.Request, userName, pass string) (auth.Info, error) { // nolint:lll
 	hash := c.hasher.Hash(userName)
-	v, ok := c.cache.Load(userName)
+	v, ok := c.cache.Load(hash)
 
 	// if info not found invoke user authenticate function
 	if !ok {

diff --git a/auth/strategies/basic/cached_test.go b/auth/strategies/basic/cached_test.go
@@ -88,6 +88,28 @@ func TestNewCached(t *testing.T) {
 	}
 }
 
+func TestCachedUserNameHash(t *testing.T) {
+	count := 0
+	user := "test"
+	cache := libcache.LRU.New(0)
+	opt := SetUserNameHash(crypto.SHA256, []byte("key"))
+	fn := func(ctx context.Context, r *http.Request, userName, password string) (auth.Info, error) {
+		count++
+		return auth.NewDefaultUser(user, "10", nil, nil), nil
+	}
+	basic := NewCached(fn, cache, opt)
+	r, _ := http.NewRequest("GET", "/", nil)
+	r.SetBasicAuth(user, user)
+	for i := 0; i < 10; i++ {
+		info, err := basic.Authenticate(r.Context(), r)
+		assert.NoError(t, err)
+		assert.Equal(t, info.GetUserName(), user)
+		assert.False(t, cache.Contains(user))
+	}
+	assert.Equal(t, 1, cache.Len())
+	assert.Equal(t, 1, count)
+}
+
 func BenchmarkCachedBasic(b *testing.B) {
 	r, _ := http.NewRequest("GET", "/", nil)
 	r.SetBasicAuth("test", "test")