CipherLabs
/
blockscout
mirror of https://github.com/blockscout/blockscout
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: Move auth routes to general router (#10153)

Browse Source 
* fix: Move auth routes to general router

* Move account routes to the separate router
pull/10188/head
Qwerty5Uiop 6 months ago committed by GitHub
parent 0e7f09a5f0
commit ba49416709
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 202 additions and 166 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      apps/block_scout_web/lib/block_scout_web.ex
  2. 83
      apps/block_scout_web/lib/block_scout_web/api_router.ex
  3. 3
      apps/block_scout_web/lib/block_scout_web/router.ex
  4. 173
      apps/block_scout_web/lib/block_scout_web/routers/account_router.ex
  5. 71
      apps/block_scout_web/lib/block_scout_web/web_router.ex
  6. 34
      apps/block_scout_web/test/block_scout_web/controllers/account/custom_abi_controller_test.exs
  7. 1
      apps/block_scout_web/test/support/conn_case.ex

3
apps/block_scout_web/lib/block_scout_web.ex
Unescape View File

@ -27,6 +27,7 @@ defmodule BlockScoutWeb do
import BlockScoutWeb.WebRouter.Helpers, except: [static_path: 2]
import BlockScoutWeb.Gettext
import BlockScoutWeb.ErrorHelper
import BlockScoutWeb.Routers.AccountRouter.Helpers, except: [static_path: 2]
import Plug.Conn
alias BlockScoutWeb.AdminRouter.Helpers, as: AdminRoutes
@ -56,6 +57,8 @@ defmodule BlockScoutWeb do
WeiHelper
}
import BlockScoutWeb.Routers.AccountRouter.Helpers, except: [static_path: 2]
import Explorer.Chain.CurrencyHelper, only: [divide_decimals: 2]
import BlockScoutWeb.WebRouter.Helpers, except: [static_path: 2]

83
apps/block_scout_web/lib/block_scout_web/api_router.ex
Unescape View File

@ -14,7 +14,8 @@ defmodule BlockScoutWeb.ApiRouter do
"""
use BlockScoutWeb, :router
alias BlockScoutWeb.{AddressTransactionController, APIKeyV2Router, SmartContractsApiV2Router, UtilsApiV2Router}
alias BlockScoutWeb.Plug.{CheckAccountAPI, CheckApiV2, RateLimit}
alias BlockScoutWeb.Plug.{CheckApiV2, RateLimit}
alias BlockScoutWeb.Routers.AccountRouter
@max_query_string_length 5_000
@ -36,23 +37,6 @@ defmodule BlockScoutWeb.ApiRouter do
plug(:accepts, ["json"])
end
pipeline :account_api do
plug(
Plug.Parsers,
parsers: [:urlencoded, :multipart, :json],
length: 100_000,
query_string_length: @max_query_string_length,
pass: ["*/*"],
json_decoder: Poison
)
plug(BlockScoutWeb.Plug.Logger, application: :api)
plug(:accepts, ["json"])
plug(:fetch_session)
plug(:protect_from_forgery)
plug(CheckAccountAPI)
end
pipeline :api_v2 do
plug(
Plug.Parsers,
@ -98,70 +82,9 @@ defmodule BlockScoutWeb.ApiRouter do
plug(RateLimit, graphql?: true)
end
alias BlockScoutWeb.Account.Api.V2.{AuthenticateController, EmailController, TagsController, UserController}
alias BlockScoutWeb.API.V2
scope "/account/v2", as: :account_v2 do
pipe_through(:account_api)
get("/authenticate", AuthenticateController, :authenticate_get)
post("/authenticate", AuthenticateController, :authenticate_post)
get("/get_csrf", UserController, :get_csrf)
scope "/email" do
get("/resend", EmailController, :resend_email)
end
scope "/user" do
get("/info", UserController, :info)
get("/watchlist", UserController, :watchlist)
delete("/watchlist/:id", UserController, :delete_watchlist)
post("/watchlist", UserController, :create_watchlist)
put("/watchlist/:id", UserController, :update_watchlist)
get("/api_keys", UserController, :api_keys)
delete("/api_keys/:api_key", UserController, :delete_api_key)
post("/api_keys", UserController, :create_api_key)
put("/api_keys/:api_key", UserController, :update_api_key)
get("/custom_abis", UserController, :custom_abis)
delete("/custom_abis/:id", UserController, :delete_custom_abi)
post("/custom_abis", UserController, :create_custom_abi)
put("/custom_abis/:id", UserController, :update_custom_abi)
get("/public_tags", UserController, :public_tags_requests)
delete("/public_tags/:id", UserController, :delete_public_tags_request)
post("/public_tags", UserController, :create_public_tags_request)
put("/public_tags/:id", UserController, :update_public_tags_request)
scope "/tags" do
get("/address/", UserController, :tags_address)
get("/address/:id", UserController, :tags_address)
delete("/address/:id", UserController, :delete_tag_address)
post("/address/", UserController, :create_tag_address)
put("/address/:id", UserController, :update_tag_address)
get("/transaction/", UserController, :tags_transaction)
get("/transaction/:id", UserController, :tags_transaction)
delete("/transaction/:id", UserController, :delete_tag_transaction)
post("/transaction/", UserController, :create_tag_transaction)
put("/transaction/:id", UserController, :update_tag_transaction)
end
end
end
scope "/account/v2" do
pipe_through(:api)
pipe_through(:account_api)
scope "/tags" do
get("/address/:address_hash", TagsController, :tags_address)
get("/transaction/:transaction_hash", TagsController, :tags_transaction)
end
end
forward("/account", AccountRouter)
scope "/v2/import" do
pipe_through(:api_v2_no_session)

3
apps/block_scout_web/lib/block_scout_web/router.ex
Unescape View File

@ -3,6 +3,7 @@ defmodule BlockScoutWeb.Router do
alias BlockScoutWeb.Plug.{GraphQL, RateLimit}
alias BlockScoutWeb.{ApiRouter, WebRouter}
alias BlockScoutWeb.Routers.AccountRouter
@max_query_string_length 5_000
@ -55,6 +56,8 @@ defmodule BlockScoutWeb.Router do
plug(RateLimit, graphql?: true)
end
match(:*, "/auth/*path", AccountRouter, [])
forward("/api", ApiRouter)
scope "/graphiql" do

173
apps/block_scout_web/lib/block_scout_web/routers/account_router.ex
Unescape View File

@ -0,0 +1,173 @@
defmodule BlockScoutWeb.Routers.AccountRouter do
@moduledoc """
Router for account-related requests
"""
use BlockScoutWeb, :router
alias BlockScoutWeb.Account.Api.V2.{AuthenticateController, EmailController, TagsController, UserController}
alias BlockScoutWeb.Plug.{CheckAccountAPI, CheckAccountWeb}
@max_query_string_length 5_000
pipeline :account_web do
plug(
Plug.Parsers,
parsers: [:urlencoded, :multipart, :json],
length: 100_000,
query_string_length: @max_query_string_length,
pass: ["*/*"],
json_decoder: Poison
)
plug(BlockScoutWeb.Plug.Logger, application: :block_scout_web)
plug(:accepts, ["html"])
plug(:fetch_session)
plug(:fetch_flash)
plug(CheckAccountWeb)
plug(:protect_from_forgery)
plug(BlockScoutWeb.CSPHeader)
plug(BlockScoutWeb.ChecksumAddress)
end
pipeline :account_api do
plug(
Plug.Parsers,
parsers: [:urlencoded, :multipart, :json],
length: 100_000,
query_string_length: @max_query_string_length,
pass: ["*/*"],
json_decoder: Poison
)
plug(BlockScoutWeb.Plug.Logger, application: :api)
plug(:accepts, ["json"])
plug(:fetch_session)
plug(:protect_from_forgery)
plug(CheckAccountAPI)
end
pipeline :api do
plug(
Plug.Parsers,
parsers: [:urlencoded, :multipart, :json],
length: 20_000_000,
query_string_length: @max_query_string_length,
pass: ["*/*"],
json_decoder: Poison
)
plug(BlockScoutWeb.Plug.Logger, application: :api)
plug(:accepts, ["json"])
end
scope "/auth", BlockScoutWeb do
pipe_through(:account_web)
get("/profile", Account.AuthController, :profile)
get("/logout", Account.AuthController, :logout)
get("/:provider", Account.AuthController, :request)
get("/:provider/callback", Account.AuthController, :callback)
end
scope "/", BlockScoutWeb do
pipe_through(:account_web)
resources("/tag_address", Account.TagAddressController,
only: [:index, :new, :create, :delete],
as: :tag_address
)
resources("/tag_transaction", Account.TagTransactionController,
only: [:index, :new, :create, :delete],
as: :tag_transaction
)
resources("/watchlist", Account.WatchlistController,
only: [:show],
singleton: true,
as: :watchlist
)
resources("/watchlist_address", Account.WatchlistAddressController,
only: [:new, :create, :edit, :update, :delete],
as: :watchlist_address
)
resources("/api_key", Account.ApiKeyController,
only: [:new, :create, :edit, :update, :delete, :index],
as: :api_key
)
resources("/custom_abi", Account.CustomABIController,
only: [:new, :create, :edit, :update, :delete, :index],
as: :custom_abi
)
resources("/public_tags_request", Account.PublicTagsRequestController,
only: [:new, :create, :edit, :update, :delete, :index],
as: :public_tags_request
)
end
scope "/v2", as: :account_v2 do
pipe_through(:account_api)
get("/authenticate", AuthenticateController, :authenticate_get)
post("/authenticate", AuthenticateController, :authenticate_post)
get("/get_csrf", UserController, :get_csrf)
scope "/email" do
get("/resend", EmailController, :resend_email)
end
scope "/user" do
get("/info", UserController, :info)
get("/watchlist", UserController, :watchlist)
delete("/watchlist/:id", UserController, :delete_watchlist)
post("/watchlist", UserController, :create_watchlist)
put("/watchlist/:id", UserController, :update_watchlist)
get("/api_keys", UserController, :api_keys)
delete("/api_keys/:api_key", UserController, :delete_api_key)
post("/api_keys", UserController, :create_api_key)
put("/api_keys/:api_key", UserController, :update_api_key)
get("/custom_abis", UserController, :custom_abis)
delete("/custom_abis/:id", UserController, :delete_custom_abi)
post("/custom_abis", UserController, :create_custom_abi)
put("/custom_abis/:id", UserController, :update_custom_abi)
get("/public_tags", UserController, :public_tags_requests)
delete("/public_tags/:id", UserController, :delete_public_tags_request)
post("/public_tags", UserController, :create_public_tags_request)
put("/public_tags/:id", UserController, :update_public_tags_request)
scope "/tags" do
get("/address/", UserController, :tags_address)
get("/address/:id", UserController, :tags_address)
delete("/address/:id", UserController, :delete_tag_address)
post("/address/", UserController, :create_tag_address)
put("/address/:id", UserController, :update_tag_address)
get("/transaction/", UserController, :tags_transaction)
get("/transaction/:id", UserController, :tags_transaction)
delete("/transaction/:id", UserController, :delete_tag_transaction)
post("/transaction/", UserController, :create_tag_transaction)
put("/transaction/:id", UserController, :update_tag_transaction)
end
end
end
scope "/v2" do
pipe_through(:api)
pipe_through(:account_api)
scope "/tags" do
get("/address/:address_hash", TagsController, :tags_address)
get("/transaction/:transaction_hash", TagsController, :tags_transaction)
end
end
end

71
apps/block_scout_web/lib/block_scout_web/web_router.ex
Unescape View File

@ -5,7 +5,7 @@ defmodule BlockScoutWeb.WebRouter do
use BlockScoutWeb, :router
require Ueberauth
alias BlockScoutWeb.Plug.CheckAccountWeb
alias BlockScoutWeb.Routers.AccountRouter
@max_query_string_length 5_000
@ -28,78 +28,11 @@ defmodule BlockScoutWeb.WebRouter do
plug(BlockScoutWeb.ChecksumAddress)
end
pipeline :account do
plug(
Plug.Parsers,
parsers: [:urlencoded, :multipart, :json],
length: 100_000,
query_string_length: @max_query_string_length,
pass: ["*/*"],
json_decoder: Poison
)
plug(BlockScoutWeb.Plug.Logger, application: :block_scout_web)
plug(:accepts, ["html"])
plug(:fetch_session)
plug(:fetch_flash)
plug(CheckAccountWeb)
plug(:protect_from_forgery)
plug(BlockScoutWeb.CSPHeader)
plug(BlockScoutWeb.ChecksumAddress)
end
if Mix.env() == :dev do
forward("/sent_emails", Bamboo.SentEmailViewerPlug)
end
scope "/auth", BlockScoutWeb do
pipe_through(:account)
get("/profile", Account.AuthController, :profile)
get("/logout", Account.AuthController, :logout)
get("/:provider", Account.AuthController, :request)
get("/:provider/callback", Account.AuthController, :callback)
end
scope "/account", BlockScoutWeb do
pipe_through(:account)
resources("/tag_address", Account.TagAddressController,
only: [:index, :new, :create, :delete],
as: :tag_address
)
resources("/tag_transaction", Account.TagTransactionController,
only: [:index, :new, :create, :delete],
as: :tag_transaction
)
resources("/watchlist", Account.WatchlistController,
only: [:show],
singleton: true,
as: :watchlist
)
resources("/watchlist_address", Account.WatchlistAddressController,
only: [:new, :create, :edit, :update, :delete],
as: :watchlist_address
)
resources("/api_key", Account.ApiKeyController,
only: [:new, :create, :edit, :update, :delete, :index],
as: :api_key
)
resources("/custom_abi", Account.CustomABIController,
only: [:new, :create, :edit, :update, :delete, :index],
as: :custom_abi
)
resources("/public_tags_request", Account.PublicTagsRequestController,
only: [:new, :create, :edit, :update, :delete, :index],
as: :public_tags_request
)
end
forward("/account", AccountRouter)
# Disallows Iframes (write routes)
scope "/", BlockScoutWeb do

34
apps/block_scout_web/test/block_scout_web/controllers/account/custom_abi_controller_test.exs
Unescape View File

@ -18,7 +18,7 @@ defmodule BlockScoutWeb.Account.CustomABIControllerTest do
test "custom ABI page opens correctly", %{conn: conn} do
result_conn =
conn
|> get(custom_abi_path(conn, :index))
|> get("/account/custom_abi")
assert html_response(result_conn, 200) =~ "Create a Custom ABI to interact with contracts."
end
@ -34,7 +34,7 @@ defmodule BlockScoutWeb.Account.CustomABIControllerTest do
result_conn =
conn
|> post(custom_abi_path(conn, :create, %{"custom_abi" => custom_abi}))
|> post("/account/custom_abi", %{"custom_abi" => custom_abi})
assert html_response(result_conn, 200) =~ "Add Custom ABI"
assert html_response(result_conn, 200) =~ to_string(contract_address.hash)
@ -42,7 +42,7 @@ defmodule BlockScoutWeb.Account.CustomABIControllerTest do
result_conn_1 =
conn
|> post(custom_abi_path(conn, :create, %{"custom_abi" => Map.put(custom_abi, "abi", "123")}))
|> post("/account/custom_abi", %{"custom_abi" => Map.put(custom_abi, "abi", "123")})
assert html_response(result_conn_1, 200) =~ "Add Custom ABI"
assert html_response(result_conn_1, 200) =~ to_string(contract_address.hash)
@ -50,7 +50,7 @@ defmodule BlockScoutWeb.Account.CustomABIControllerTest do
result_conn_2 =
conn
|> get(custom_abi_path(conn, :index))
|> get("/account/custom_abi")
assert html_response(result_conn_2, 200) =~ "Create a Custom ABI to interact with contracts."
refute html_response(result_conn_2, 200) =~ to_string(contract_address.hash)
@ -67,17 +67,17 @@ defmodule BlockScoutWeb.Account.CustomABIControllerTest do
result_conn =
conn
|> post(custom_abi_path(conn, :create, %{"custom_abi" => custom_abi}))
|> post("/account/custom_abi", %{"custom_abi" => custom_abi})
assert redirected_to(result_conn) == custom_abi_path(conn, :index)
assert redirected_to(result_conn) == "/account/custom_abi"
result_conn_2 = get(result_conn, custom_abi_path(conn, :index))
result_conn_2 = get(result_conn, "/account/custom_abi")
assert html_response(result_conn_2, 200) =~ to_string(contract_address.hash)
assert html_response(result_conn_2, 200) =~ "Create a Custom ABI to interact with contracts."
result_conn_1 =
conn
|> post(custom_abi_path(conn, :create, %{"custom_abi" => custom_abi}))
|> post("/account/custom_abi", %{"custom_abi" => custom_abi})
assert html_response(result_conn_1, 200) =~ "Add Custom ABI"
assert html_response(result_conn_1, 200) =~ to_string(contract_address.hash)
@ -95,7 +95,7 @@ defmodule BlockScoutWeb.Account.CustomABIControllerTest do
result_conn =
conn
|> post(custom_abi_path(conn, :create, %{"custom_abi" => custom_abi}))
|> post("/account/custom_abi", %{"custom_abi" => custom_abi})
assert html_response(result_conn, 200) =~ "Add Custom ABI"
assert html_response(result_conn, 200) =~ to_string(contract_address.hash)
@ -114,15 +114,15 @@ defmodule BlockScoutWeb.Account.CustomABIControllerTest do
}
assert conn
|> post(custom_abi_path(conn, :create, %{"custom_abi" => custom_abi}))
|> redirected_to() == custom_abi_path(conn, :index)
|> post("/account/custom_abi", %{"custom_abi" => custom_abi})
|> redirected_to() == "/account/custom_abi"
to_string(address.hash)
end)
assert abi_list =
conn
|> get(custom_abi_path(conn, :index))
|> get("/account/custom_abi")
|> html_response(200)
Enum.each(addresses, fn address -> assert abi_list =~ address end)
@ -137,7 +137,7 @@ defmodule BlockScoutWeb.Account.CustomABIControllerTest do
assert error_form =
conn
|> post(custom_abi_path(conn, :create, %{"custom_abi" => custom_abi}))
|> post("/account/custom_abi", %{"custom_abi" => custom_abi})
|> html_response(200)
assert error_form =~ "Add Custom ABI"
@ -146,7 +146,7 @@ defmodule BlockScoutWeb.Account.CustomABIControllerTest do
assert abi_list_new =
conn
|> get(custom_abi_path(conn, :index))
|> get("/account/custom_abi")
|> html_response(200)
Enum.each(addresses, fn address -> assert abi_list_new =~ address end)
@ -169,11 +169,11 @@ defmodule BlockScoutWeb.Account.CustomABIControllerTest do
result_conn =
conn
|> post(custom_abi_path(conn, :create, %{"custom_abi" => custom_abi}))
|> post("/account/custom_abi", %{"custom_abi" => custom_abi})
assert redirected_to(result_conn) == custom_abi_path(conn, :index)
assert redirected_to(result_conn) == "/account/custom_abi"
result_conn_2 = get(result_conn, custom_abi_path(conn, :index))
result_conn_2 = get(result_conn, "/account/custom_abi")
assert html_response(result_conn_2, 200) =~ to_string(contract_address.hash)
assert html_response(result_conn_2, 200) =~ "Create a Custom ABI to interact with contracts."

1
apps/block_scout_web/test/support/conn_case.ex
Unescape View File

@ -22,6 +22,7 @@ defmodule BlockScoutWeb.ConnCase do
import Phoenix.ConnTest
import BlockScoutWeb.Router.Helpers
import BlockScoutWeb.WebRouter.Helpers, except: [static_path: 2]
import BlockScoutWeb.Routers.AccountRouter.Helpers, except: [static_path: 2]
import Bureaucrat.Helpers
# The default endpoint for testing

Write Preview
Loading…
Cancel
Save