megre to main

rarimo · Sep 6, 2024 · 8acb14a · 8acb14a
2 parents 5a3cfec + 4a5046e
commit 8acb14a
Show file tree

Hide file tree

Showing 7 changed files with 16 additions and 15 deletions.
diff --git a/internal/service/handlers/daily_question_check.go b/internal/service/handlers/daily_question_check.go
@@ -29,7 +29,7 @@ func CheckDailyQuestion(w http.ResponseWriter, r *http.Request) {
 	option := req.Data.Attributes.Answer
 	dq := DailyQuestions(r)
 
-	if !auth.Authenticates(UserClaims(r), auth.VerifiedGrant(nullifier)) {
+	if !auth.Authenticates(UserClaims(r), auth.UserGrant(nullifier)) {
 		ape.RenderErr(w, problems.Unauthorized())
 		return
 	}

diff --git a/internal/service/handlers/daily_question_create.go b/internal/service/handlers/daily_question_create.go
@@ -59,7 +59,7 @@ func CreateDailyQuestion(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	question, err := DailyQuestionsQ(r).FilterDayQuestions(timeReq.UTC()).Get()
+	question, err := DailyQuestionsQ(r).FilterDayQuestions(timeReq).Get()
 	if err != nil {
 		Log(r).WithError(err).Error("Error on this day")
 		ape.RenderErr(w, problems.InternalError())

diff --git a/internal/service/handlers/daily_question_get.go b/internal/service/handlers/daily_question_get.go
@@ -19,7 +19,7 @@ func GetDailyQuestion(w http.ResponseWriter, r *http.Request) {
 	nullifier := strings.ToLower(chi.URLParam(r, "nullifier"))
 	dq := DailyQuestions(r)
 
-	if !auth.Authenticates(UserClaims(r), auth.VerifiedGrant(nullifier)) {
+	if !auth.Authenticates(UserClaims(r), auth.UserGrant(nullifier)) {
 		ape.RenderErr(w, problems.Unauthorized())
 		return
 	}

diff --git a/internal/service/handlers/daily_questions_select.go b/internal/service/handlers/daily_questions_select.go
@@ -74,7 +74,7 @@ func NewDailyQuestionModel(question data.DailyQuestion, loc *time.Location) (res
 			NumIncorrectAnswers: question.NumIncorrectAnswers,
 			Options:             options,
 			Reward:              question.Reward,
-			StartsAt:            question.StartsAt.In(loc).String(),
+			StartsAt:            question.StartsAt.In(loc).Format("2006-01-02"),
 			TimeForAnswer:       question.TimeForAnswer,
 			Title:               question.Title,
 		},

diff --git a/internal/service/handlers/daily_questions_status.go b/internal/service/handlers/daily_questions_status.go
@@ -16,7 +16,7 @@ import (
 func GetDailyQuestionsStatus(w http.ResponseWriter, r *http.Request) {
 	nullifier := strings.ToLower(chi.URLParam(r, "nullifier"))
 
-	if !auth.Authenticates(UserClaims(r), auth.VerifiedGrant(nullifier)) {
+	if !auth.Authenticates(UserClaims(r), auth.UserGrant(nullifier)) {
 		ape.RenderErr(w, problems.Unauthorized())
 		return
 	}
@@ -62,7 +62,7 @@ func newDailyQuestionsStatus(question *data.DailyQuestion) resources.DailyQuesti
 			Key: resources.NewKeyInt64(question.ID, resources.DAILY_QUESTIONS_STATUS),
 			Attributes: resources.DailyQuestionsStatusAttributes{
 				NextQuestionDate: question.StartsAt.Unix(),
-				Reward:           int64(question.Reward),
+				Reward:           question.Reward,
 				TimeForAnswer:    question.TimeForAnswer,
 			},
 		},

diff --git a/internal/service/handlers/fulfill_poll_event.go b/internal/service/handlers/fulfill_poll_event.go
@@ -4,12 +4,12 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"github.com/ethereum/go-ethereum/common/hexutil"
+	"github.com/rarimo/geo-auth-svc/pkg/auth"
 	"math/big"
 	"net/http"
 
-	"github.com/ethereum/go-ethereum/common/hexutil"
 	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/rarimo/geo-auth-svc/pkg/auth"
 	"github.com/rarimo/geo-points-svc/internal/config"
 	"github.com/rarimo/geo-points-svc/internal/data"
 	"github.com/rarimo/geo-points-svc/internal/data/evtypes"
@@ -27,14 +27,7 @@ func FulfillPollEvent(w http.ResponseWriter, r *http.Request) {
 	}
 
 	proof := req.Data.Attributes.Proof
-
 	nullifier := UserClaims(r)[0].Nullifier
-	if !auth.Authenticates(UserClaims(r), auth.VerifiedGrant(nullifier)) ||
-		new(big.Int).SetBytes(hexutil.MustDecode(nullifier)).String() != proof.PubSignals[config.PollChallengedNullifier] {
-		ape.RenderErr(w, problems.Unauthorized())
-		return
-	}
-
 	proposalID, _ := new(big.Int).SetString(req.Data.Attributes.ProposalId, 10)
 	proposalEventID, _ := new(big.Int).SetString(proof.PubSignals[config.PollParticipationEventID], 10)
 
@@ -45,6 +38,13 @@ func FulfillPollEvent(w http.ResponseWriter, r *http.Request) {
 		"proposal_event_id": proposalEventID,
 	})
 
+	if !auth.Authenticates(UserClaims(r), auth.UserGrant(nullifier)) ||
+		new(big.Int).SetBytes(hexutil.MustDecode(nullifier)).String() != proof.PubSignals[config.PollChallengedNullifier] {
+		log.Debug("failed to authenticate user")
+		ape.RenderErr(w, problems.Unauthorized())
+		return
+	}
+
 	balance, err := BalancesQ(r).FilterByNullifier(nullifier).Get()
 	if err != nil {
 		log.WithError(err).Error("Failed to get balance by nullifier")

diff --git a/internal/service/handlers/middleware.go b/internal/service/handlers/middleware.go
@@ -23,6 +23,7 @@ func AuthMiddleware(auth *auth.Client, log *logan.Entry) func(http.Handler) http
 			}
 
 			if len(claims) == 0 {
+				log.Debug("Claims are empty")
 				ape.RenderErr(w, problems.Unauthorized())
 				return
 			}
-Original file line number
+Diff line change
@@ Expand Up @@
     			}
     			if len(claims) == 0 {
+    				log.Debug("Claims are empty")
     				ape.RenderErr(w, problems.Unauthorized())
     				return
     			}
@@ Expand Down @@