refactor: improve checkAuthentication logic, check error first and log status code during an unexpected response

author: feistel <6742251-feistel@users.noreply.gitlab.com> 2021-08-09 06:27:51 +0300
committer: feistel <6742251-feistel@users.noreply.gitlab.com> 2021-08-09 06:27:51 +0300
commit: 27626cd8ddcd9cd8ff2046f306d88d4c78648eb1 (patch)
tree: dbc3ebda40a12a010629367593cdb0d2f542420f /internal/auth
parent: 4319f904fb3a6adb226976b67e5f1b72fcdd473c (diff)
1 files changed, 10 insertions, 8 deletions
diff --git a/internal/auth/auth.go b/internal/auth/auth.go
index 567f8180..daab3c8c 100644
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -508,20 +508,22 @@ func (a *Auth) checkAuthentication(w http.ResponseWriter, r *http.Request, domai
 	req.Header.Add("Authorization", "Bearer "+session.Values["access_token"].(string))
 	resp, err := a.apiClient.Do(req)
 
-	if err == nil {
-		defer resp.Body.Close()
+	if err != nil {
+		logRequest(r).WithError(err).Error("Failed to retrieve info with token")
+		// call serve404 handler when auth fails
+		domain.ServeNotFoundAuthFailed(w, r)
+		return true
 	}
 
-	if err == nil && checkResponseForInvalidToken(resp, session, w, r) {
+	defer resp.Body.Close()
+
+	if checkResponseForInvalidToken(resp, session, w, r) {
 		return true
 	}
 
-	if err != nil || resp.StatusCode != 200 {
-		if err != nil {
-			logRequest(r).WithError(err).Error("Failed to retrieve info with token")
-		}
-
+	if resp.StatusCode != 200 {
 		// call serve404 handler when auth fails
+		logRequest(r).WithField("status", resp.Status).Error("Unexpected response fetching access token")
 		domain.ServeNotFoundAuthFailed(w, r)
 		return true
 	}
author	feistel <6742251-feistel@users.noreply.gitlab.com>	2021-08-09 06:27:51 +0300
committer	feistel <6742251-feistel@users.noreply.gitlab.com>	2021-08-09 06:27:51 +0300
commit	27626cd8ddcd9cd8ff2046f306d88d4c78648eb1 (patch)
tree	dbc3ebda40a12a010629367593cdb0d2f542420f /internal/auth
parent	4319f904fb3a6adb226976b67e5f1b72fcdd473c (diff)