-
Notifications
You must be signed in to change notification settings - Fork 104
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add the feature to check the authorization header #170
Conversation
Hello @kyeongsoosoo, Thanks for your pull request! A Core Committer will review your pull request soon. For code contributions, you can learn more about the review process here. |
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## master #170 +/- ##
=========================================
+ Coverage 2.90% 2.93% +0.03%
=========================================
Files 14 14
Lines 1823 1838 +15
=========================================
+ Hits 53 54 +1
- Misses 1768 1782 +14
Partials 2 2
☔ View full report in Codecov by Sentry. |
Thanks @kyeongsoosoo 👍 |
I've tested this with a few different permutations, and it looks good other than one thing that seems odd to me:
This is more of an observation than anything - For the @hanzei What do you think? I'm thinking this and mattermost/mattermost#24391 are good to merge as is. |
@kyeongsoosoo Heads up that there is conflict to resolve |
@hanzei Conflicts resolved :) |
func (p *Plugin) handleCheckAuthHeader(w http.ResponseWriter, r *http.Request) { | ||
isAuthenticatedUser := r.Header.Get("Mattermost-User-ID") != "" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Passing the plugin.Context
to the handler became difficult, so I switched to using the Mattermost-User-Id
in the request header instead of the context's SessionId
.
@hanzei Do you think this is good to merge based on my comment above? |
Yep, I think we are good the merge both PRs. |
Summary
I added the feature that checks the Authorization header.
I implemented this feature to test this PR