From f8ec43dbc7ca10e456ddf0cf739d2f5035dea879 Mon Sep 17 00:00:00 2001 From: zeripath Date: Sat, 20 Nov 2021 15:33:18 +0000 Subject: [PATCH] Extract constant names out for the ReverseProxy and Basic authentication methods (#17735) In order to reduce load on the GC extract out the constant names of the Basic and ReverseProxy methods. As mentioned in https://github.com/go-gitea/gitea/pull/15119#discussion_r730352176 Signed-off-by: Andrew Thornton --- modules/context/api.go | 2 +- modules/context/context.go | 2 +- routers/api/v1/api.go | 2 +- services/auth/basic.go | 5 ++++- services/auth/reverseproxy.go | 5 ++++- 5 files changed, 11 insertions(+), 5 deletions(-) diff --git a/modules/context/api.go b/modules/context/api.go index c978835af8..07ceeeea15 100644 --- a/modules/context/api.go +++ b/modules/context/api.go @@ -245,7 +245,7 @@ func APIAuth(authMethod auth.Method) func(*APIContext) { // Get user from session if logged in. ctx.User = authMethod.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session) if ctx.User != nil { - ctx.IsBasicAuth = ctx.Data["AuthedMethod"].(string) == new(auth.Basic).Name() + ctx.IsBasicAuth = ctx.Data["AuthedMethod"].(string) == auth.BasicMethodName ctx.IsSigned = true ctx.Data["IsSigned"] = ctx.IsSigned ctx.Data["SignedUser"] = ctx.User diff --git a/modules/context/context.go b/modules/context/context.go index 8adf1f306b..1ea53c7d3b 100644 --- a/modules/context/context.go +++ b/modules/context/context.go @@ -614,7 +614,7 @@ func Auth(authMethod auth.Method) func(*Context) { return func(ctx *Context) { ctx.User = authMethod.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session) if ctx.User != nil { - ctx.IsBasicAuth = ctx.Data["AuthedMethod"].(string) == new(auth.Basic).Name() + ctx.IsBasicAuth = ctx.Data["AuthedMethod"].(string) == auth.BasicMethodName ctx.IsSigned = true ctx.Data["IsSigned"] = ctx.IsSigned ctx.Data["SignedUser"] = ctx.User diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go index 67f88cf000..099559caad 100644 --- a/routers/api/v1/api.go +++ b/routers/api/v1/api.go @@ -217,7 +217,7 @@ func reqExploreSignIn() func(ctx *context.APIContext) { func reqBasicOrRevProxyAuth() func(ctx *context.APIContext) { return func(ctx *context.APIContext) { - if ctx.IsSigned && setting.Service.EnableReverseProxyAuth && ctx.Data["AuthedMethod"].(string) == new(auth.ReverseProxy).Name() { + if ctx.IsSigned && setting.Service.EnableReverseProxyAuth && ctx.Data["AuthedMethod"].(string) == auth.ReverseProxyMethodName { return } if !ctx.Context.IsBasicAuth { diff --git a/services/auth/basic.go b/services/auth/basic.go index d7f889cbdc..9cfbd0f644 100644 --- a/services/auth/basic.go +++ b/services/auth/basic.go @@ -23,6 +23,9 @@ var ( _ Named = &Basic{} ) +// BasicMethodName is the constant name of the basic authentication method +const BasicMethodName = "basic" + // Basic implements the Auth interface and authenticates requests (API requests // only) by looking for Basic authentication data or "x-oauth-basic" token in the "Authorization" // header. @@ -31,7 +34,7 @@ type Basic struct { // Name represents the name of auth method func (b *Basic) Name() string { - return "basic" + return BasicMethodName } // Verify extracts and validates Basic data (username and password/token) from the diff --git a/services/auth/reverseproxy.go b/services/auth/reverseproxy.go index 550fcabc1d..7cd24c302d 100644 --- a/services/auth/reverseproxy.go +++ b/services/auth/reverseproxy.go @@ -24,6 +24,9 @@ var ( _ Named = &ReverseProxy{} ) +// ReverseProxyMethodName is the constant name of the ReverseProxy authentication method +const ReverseProxyMethodName = "reverse_proxy" + // ReverseProxy implements the Auth interface, but actually relies on // a reverse proxy for authentication of users. // On successful authentication the proxy is expected to populate the username in the @@ -43,7 +46,7 @@ func (r *ReverseProxy) getUserName(req *http.Request) string { // Name represents the name of auth method func (r *ReverseProxy) Name() string { - return "reverse_proxy" + return ReverseProxyMethodName } // Verify extracts the username from the "setting.ReverseProxyAuthUser" header