Fixes+Chores: avoid de-referencing nil ptrs + lint

- Avoid referencing conditions we know are false/true - Avoid using name of imported package as variable - Avoid broken (see list item 1) if else statement in `ipservice.go` by refactoring to switch statement - When assigning a pointer value to a variable along with an error, check that error before referencing that pointer. Thus avoiding de-referencing a nil and causing a panic. *** This item is the most important *** - Standard gofmt package sorting + linting; This includes fixing comment starts for go doc - Explicit non-handling of unhandled errors where appropriate (assigning errs to _ to reduce linter screaming) - Export ErrExpired in `netcache` package so that we can properly reference it using `errors.Is` instead of using `strings.Contains` against an `error.Error()` value
2025-10-05 16:57:51 +08:00 · 2022-12-06 20:11:20 -08:00
parent 0d9b47f212
commit e878e4820a
17 changed files with 219 additions and 188 deletions
--- a/logic/auth.go
+++ b/logic/auth.go
@@ -6,14 +6,15 @@ import (
 	"fmt"
 	"time"

-	validator "github.com/go-playground/validator/v10"
+	"github.com/go-playground/validator/v10"
+	"golang.org/x/crypto/bcrypt"
+
 	"github.com/gravitl/netmaker/database"
 	"github.com/gravitl/netmaker/logger"
 	"github.com/gravitl/netmaker/logic/pro"
 	"github.com/gravitl/netmaker/models"
 	"github.com/gravitl/netmaker/models/promodels"
 	"github.com/gravitl/netmaker/servercfg"
-	"golang.org/x/crypto/bcrypt"
 )

 // HasAdmin - checks if server has an admin
@@ -176,7 +177,7 @@ func VerifyAuthRequest(authRequest models.UserAuthParams) (string, error) {
 	} else if authRequest.Password == "" {
 		return "", errors.New("password can't be empty")
 	}
-	//Search DB for node with Mac Address. Ignore pending nodes (they should not be able to authenticate with API until approved).
+	// Search DB for node with Mac Address. Ignore pending nodes (they should not be able to authenticate with API until approved).
 	record, err := database.FetchRecord(database.USERS_TABLE_NAME, authRequest.UserName)
 	if err != nil {
 		return "", errors.New("error retrieving user from db: " + err.Error())
@@ -192,7 +193,7 @@ func VerifyAuthRequest(authRequest models.UserAuthParams) (string, error) {
 		return "", errors.New("incorrect credentials")
 	}

-	//Create a new JWT for the node
+	// Create a new JWT for the node
 	tokenString, _ := CreateProUserJWT(authRequest.UserName, result.Networks, result.Groups, result.IsAdmin)
 	return tokenString, nil
 }
@@ -254,7 +255,7 @@ func UpdateUserNetworks(newNetworks, newGroups []string, isadmin bool, currentUs

 // UpdateUser - updates a given user
 func UpdateUser(userchange models.User, user models.User) (models.User, error) {
-	//check if user exists
+	// check if user exists
 	if _, err := GetUser(user.UserName); err != nil {
 		return models.User{}, err
 	}
@@ -403,13 +404,17 @@ func SetState(state string) error {
 // deletes state after call is made to clean up, should only be called once per sign-in
 func IsStateValid(state string) (string, bool) {
 	s, err := GetState(state)
-	if s.Value != "" {
-		delState(state)
-	}
 	if err != nil {
 		logger.Log(2, "error retrieving oauth state:", err.Error())
+		return "", false
 	}
-	return s.Value, err == nil
+	if s.Value != "" {
+		if err = delState(state); err != nil {
+			logger.Log(2, "error deleting oauth state:", err.Error())
+			return "", false
+		}
+	}
+	return s.Value, true
 }

 // delState - removes a state from cache/db
@@ -438,7 +443,7 @@ func AdjustGroupPermissions(user *models.ReturnUser) error {
 	return nil
 }

-// AdjustGroupPermissions - adjusts a given user's network access based on group changes
+// AdjustNetworkUserPermissions - adjusts a given user's network access based on group changes
 func AdjustNetworkUserPermissions(user *models.ReturnUser, network *models.Network) error {
 	networkUser, err := pro.GetNetworkUser(
 		network.NetID,