Summary

Use htpasswd for credential storage

Review Request #10004 — Created June 7, 2018 and submitted June 12, 2018, 12:29 a.m.

Information

Owner

brennie

Repository

rb-gateway

Branch

master

Bugs

Depends On

~~10002~~

Blocks

10007

Commit

47a4fb7...

Reviewers

Groups

rb-gateway

People

Description

Previously we were hardcoding our username and password into our
config.json file, which isn't exactly secure, as the username +
password with both be lying around in memory constantly and it will be
available on disk in the event of an intrusion.

We now use an htpasswd file, for which the path is stored in
config.json.

Additionally, some HTTP errors have their verbosity reduced in the case
of internal errors (such as why we can't create a new token). These
errors are now logged instead

Testing Done

Ran go fmt ./...
Ran go test ./...

flake8 passed.

JSHint passed.

Change Summary:

Rebase off /r/10006/

Commit:

ff9e18ff1683012ae47c64d60627c87979952ceb

f51aac7c66f8e4b216beb1c6e375ccebde2208ed

Diff:

Revision 2 (+172 -97)

Show changes

	.gitignore
	Gopkg.lock
	Gopkg.toml
	sample_config.json
	api/api.go
	api/routes.go
	api/routes_test.go
	config/config.go
	2 more

Checks run (2 succeeded)

flake8 passed.

JSHint passed.

Change Summary:

go fmt

Commit:

f51aac7c66f8e4b216beb1c6e375ccebde2208ed

1a02b64eef3df0ba70e4534557f4c7638ee57e01

Diff:

Revision 3 (+171 -97)

Show changes

	.gitignore
	Gopkg.lock
	Gopkg.toml
	sample_config.json
	api/api.go
	api/routes.go
	api/routes_test.go
	config/config.go
	2 more

Checks run (2 succeeded)

flake8 passed.

JSHint passed.

Change Summary:

Rebase

Commit:

1a02b64eef3df0ba70e4534557f4c7638ee57e01

5f55ad565f5d40143dab39d4ff2473e1853d8c03

Diff:

Revision 4 (+163 -86)

Show changes

	.gitignore
	Gopkg.lock
	Gopkg.toml
	sample_config.json
	api/api.go
	api/routes.go
	api/routes_test.go
	config/config.go
	2 more

Checks run (2 succeeded)

flake8 passed.

JSHint passed.

Change Summary:

Use our own secret provider to prevent panics

Commit:

5f55ad565f5d40143dab39d4ff2473e1853d8c03

90be4cb2e961f1385fec224added5a4d366ee3e8

Diff:

Revision 5 (+217 -99)

Show changes

	.gitignore
	Gopkg.lock
	Gopkg.toml
	sample_config.json
	api/api.go
	api/auth.go
	api/routes.go
	api/routes_test.go
	3 more

Checks run (2 succeeded)

flake8 passed.

JSHint passed.

Change Summary:

Always create a testing htpasswd since it is now required to create an API.

Commit:

90be4cb2e961f1385fec224added5a4d366ee3e8

bdd811079fa19074eb8c0c1edac6249a55ac23d3

Diff:

Revision 6 (+225 -99)

Show changes

	.gitignore
	Gopkg.lock
	Gopkg.toml
	sample_config.json
	api/api.go
	api/auth.go
	api/routes.go
	api/routes_test.go
	3 more

Checks run (2 succeeded)

flake8 passed.

JSHint passed.

Change Summary:

go fmt

Commit:

bdd811079fa19074eb8c0c1edac6249a55ac23d3

47a4fb787bd53fb3ea30af940e328c9ae3271f2e

Diff:

Revision 7 (+224 -99)

Show changes

	.gitignore
	Gopkg.lock
	Gopkg.toml
	sample_config.json
	api/api.go
	api/auth.go
	api/routes.go
	api/routes_test.go
	3 more

Checks run (2 succeeded)

flake8 passed.

JSHint passed.

Ship it!

```
Ship It!
```

Status:: Completed
Change Summary:: Pushed to master (169fd45)