diff options
| author | Jaime Martinez <jmartinez@gitlab.com> | 2020-05-21 03:52:19 +0300 |
|---|---|---|
| committer | Jaime Martinez <jmartinez@gitlab.com> | 2020-05-28 04:10:14 +0300 |
| commit | f6dfa5d0043aeaa616c16f8babb64c0d0e8f72dd (patch) | |
| tree | f8cbab7f2c4a30c07f827a50d7877c388e18616f /internal/auth/auth.go | |
| parent | 559311801a1e9114f8dee71faa388dcefab3dcbe (diff) | |
Add .golangci.yml linter configuration
As part of https://gitlab.com/gitlab-org/gitlab-pages/-/issues/385
we have introduced the use of a custom `.golangci.yml` file with some
custom rules for linting.
This replaces the need of downloading and using `golint`, `gofmt`
`go vet` and `gocyclo` manually. We take advantage of the custom
`golangci-lint` docker image as stated in the [Automatic lintinb]
(https://docs.gitlab.com/ee/development/go_guide/#automatic-linting)
section of the Go standards and style guidelines.
This iteration enables a subset of linters, with the remaining
of them enabled on a separate MR as described in the issue above.
The main changes introduced by this linter include:
- gosec: potential hardcoded credentials
- goconst: DRY by declaring and using constants
- gosimple: reduce statements complexity and improve return statements
Diffstat (limited to 'internal/auth/auth.go')
| -rw-r--r-- | internal/auth/auth.go | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/internal/auth/auth.go b/internal/auth/auth.go index c582d96b..a89dd599 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -26,6 +26,9 @@ import ( "golang.org/x/crypto/hkdf" ) +// nolint: gosec +// gosec: G101: Potential hardcoded credentials +// auth constants, not credentials const ( apiURLUserTemplate = "%s/api/v4/user" apiURLProjectTemplate = "%s/api/v4/projects/%d/pages_access" @@ -433,10 +436,7 @@ func destroySession(session *sessions.Session, w http.ResponseWriter, r *http.Re // IsAuthSupported checks if pages is running with the authentication support func (a *Auth) IsAuthSupported() bool { - if a == nil { - return false - } - return true + return a != nil } func (a *Auth) checkAuthentication(w http.ResponseWriter, r *http.Request, projectID uint64) bool { @@ -513,11 +513,7 @@ func (a *Auth) GetTokenIfExists(w http.ResponseWriter, r *http.Request) (string, // RequireAuth will trigger authentication flow if no token exists func (a *Auth) RequireAuth(w http.ResponseWriter, r *http.Request) bool { - session := a.checkSessionIsValid(w, r) - if session == nil { - return true - } - return false + return a.checkSessionIsValid(w, r) == nil } // CheckAuthentication checks if user is authenticated and has access to the project |