Refactored LFS auth logic when using SSH to use its own API endpoint `/lfs_authenticate` and added tests.

author: Patricio Cano <suprnova32@gmail.com> 2016-08-30 21:38:22 +0300
committer: Patricio Cano <suprnova32@gmail.com> 2016-09-15 20:21:00 +0300
commit: 48f1a61fd5c6aac395be0ce5d59aee61bbb69fe9 (patch)
tree: 1cc737a70838d527d2e089d938474057877f695f /lib
parent: cb85cf1f0a7047c485d7b29b2792b8965e270898 (diff)
3 files changed, 25 insertions, 17 deletions
diff --git a/lib/api/internal.rb b/lib/api/internal.rb
index 760f69663ab..1b3388347a8 100644
--- a/lib/api/internal.rb
+++ b/lib/api/internal.rb
@@ -69,12 +69,26 @@ module API
             else
               project.repository.path_to_repo
             end
+        end
+
+        response
+      end
+
+      post "/lfs_authenticate" do
+        status 200
+
+        key = Key.find(params[:key_id])
+        user = key.user
 
-          # Return HTTP full path, so that gitlab-shell has this information
-          # ready for git-lfs-authenticate
-          response[:repository_http_path] = project.http_url_to_repo
+        if user
+          token = Gitlab::LfsToken.new(user).generate
+          response = { username: user.username, lfs_token: token }
+        else
+          token = Gitlab::LfsToken.new(key).generate
+          response = { username: "lfs-deploy-key-#{key.id}", lfs_token: token }
         end
 
+        response[:repository_http_path] = project.http_url_to_repo
         response
       end
 
@@ -87,15 +101,7 @@ module API
       #
       get "/discover" do
         key = Key.find(params[:key_id])
-        user = key.user
-
-        if user
-          token = Gitlab::LfsToken.new(user).set_token
-          { name: user.name, username: user.username, lfs_token: token }
-        else
-          token = Gitlab::LfsToken.new(key).set_token
-          { username: "lfs-deploy-key-#{key.id}", lfs_token: token }
-        end
+        present key.user, with: Entities::UserSafe
       end
 
       get "/check" do
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb
index e43f8119658..1b0398d18ee 100644
--- a/lib/gitlab/auth.rb
+++ b/lib/gitlab/auth.rb
@@ -119,11 +119,11 @@ module Gitlab
       def lfs_token_check(login, password)
         if login.include?('lfs-deploy-key')
           key = DeployKey.find(login.gsub('lfs-deploy-key-', ''))
-          token = Gitlab::LfsToken.new(key).get_value
+          token = Gitlab::LfsToken.new(key).value
           Result.new(key, :lfs_deploy_token) if key && token == password
         else
           user = User.by_login(login)
-          token = Gitlab::LfsToken.new(user).get_value
+          token = Gitlab::LfsToken.new(user).value
           Result.new(user, :lfs_token) if user && token == password
         end
       end
diff --git a/lib/gitlab/lfs_token.rb b/lib/gitlab/lfs_token.rb
index 0685eb775ef..63656f0b4f1 100644
--- a/lib/gitlab/lfs_token.rb
+++ b/lib/gitlab/lfs_token.rb
@@ -6,15 +6,17 @@ module Gitlab
       @actor = actor
     end
 
-    def set_token
+    def generate
       token = Devise.friendly_token(50)
+
       Gitlab::Redis.with do |redis|
-        redis.set(redis_key, token, ex: 3600)
+        redis.set(redis_key, token, ex: 600)
       end
+
       token
     end
 
-    def get_value
+    def value
       Gitlab::Redis.with do |redis|
         redis.get(redis_key)
       end
author	Patricio Cano <suprnova32@gmail.com>	2016-08-30 21:38:22 +0300
committer	Patricio Cano <suprnova32@gmail.com>	2016-09-15 20:21:00 +0300
commit	48f1a61fd5c6aac395be0ce5d59aee61bbb69fe9 (patch)
tree	1cc737a70838d527d2e089d938474057877f695f /lib
parent	cb85cf1f0a7047c485d7b29b2792b8965e270898 (diff)