hubert/SimpleNotes
1
0
Fork 0
Code Projects Releases Activity

Reduce cookie size

Browse Source
This commit is contained in:
Hubert Van De Walle
2020-08-22 17:46:32 +02:00
parent eeae982a71
commit 5573dd45d6
6 changed files with 17 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/src/main/kotlin/controllers/UserController.kt
+3 -3
View File
@@ -97,8 +97,8 @@ class UserController(
return this.cookie(
Cookie(
name = "Authorization",
value = "Bearer $token",
name = "Bearer",
value = token,
path = "/",
httpOnly = true,
sameSite = SameSite.Lax,
@@ -109,5 +109,5 @@ class UserController(
}
fun logout(@Suppress("UNUSED_PARAMETER") request: Request) = Response.redirect("/")
.invalidateCookie("Authorization")
.invalidateCookie("Bearer")
}
app/src/main/kotlin/filters/AuthFilter.kt
+1 -4
View File
@@ -37,9 +37,6 @@ class AuthFilter(
fun Request.jwtPayload(ctx: RequestContexts): JwtPayload? = ctx[this][authKey]
private fun Request.bearerToken(): String? = cookie("Authorization")
private fun Request.bearerToken(): String? = cookie("Bearer")
?.value
?.trim()
?.takeIf { it.startsWith("Bearer") }
?.substringAfter("Bearer")
?.trim()
app/src/test/kotlin/filters/AuthFilterTest.kt
+4 -4
View File
@@ -51,7 +51,7 @@ internal class AuthFilterTest {
@Test
fun `it should allow an invalid token`() {
val response = app(Request(GET, "/optional").cookie("Authorization", "Bearer nnkjnkjnk"))
val response = app(Request(GET, "/optional").cookie("Bearer", "nnkjnkjnk"))
assertThat(response, hasStatus(OK))
assertThat(response, hasBody("null"))
}
@@ -60,7 +60,7 @@ internal class AuthFilterTest {
fun `it should allow a valid token`() {
val jwtPayload = JwtPayload(1, "user")
val token = simpleJwt.sign(jwtPayload)
val response = app(Request(GET, "/optional").cookie("Authorization", "Bearer $token"))
val response = app(Request(GET, "/optional").cookie("Bearer", token))
assertThat(response, hasStatus(OK))
assertThat(response, hasBody("$jwtPayload"))
}
@@ -77,7 +77,7 @@ internal class AuthFilterTest {
@Test
fun `it shouldn't allow an invalid token`() {
val response = app(Request(GET, "/protected").cookie("Authorization", "Bearer nnkjnkjnk"))
val response = app(Request(GET, "/protected").cookie("Bearer", "nnkjnkjnk"))
assertThat(response, hasStatus(FOUND))
assertThat(response, hasHeader("Location"))
}
@@ -86,7 +86,7 @@ internal class AuthFilterTest {
fun `it should allow a valid token"`() {
val jwtPayload = JwtPayload(1, "user")
val token = simpleJwt.sign(jwtPayload)
val response = app(Request(GET, "/protected").cookie("Authorization", "Bearer $token"))
val response = app(Request(GET, "/protected").cookie("Bearer", token))
assertThat(response, hasStatus(OK))
assertThat(response, hasBody("$jwtPayload"))
}