diff --git a/api/authentication.go b/api/authentication.go index 8e48d71..a7c2232 100644 --- a/api/authentication.go +++ b/api/authentication.go @@ -38,7 +38,7 @@ type Authenticator func(ctx context.Context, s *http.Server, r *http.Request) (e // SetAuthenticator sets an authenticator function for the API endpoint. If none is set, all requests will be permitted. func SetAuthenticator(fn Authenticator) error { if module.Online() { - return ErrAuthenticationAlreadySet + return ErrAuthenticationImmutable } authFnLock.Lock() @@ -114,6 +114,7 @@ func authMiddleware(next http.Handler) http.Handler { http.SetCookie(w, &http.Cookie{ Name: cookieName, Value: tokenString, + Path: "/", HttpOnly: true, SameSite: http.SameSiteStrictMode, MaxAge: int(cookieTTL.Seconds()), diff --git a/api/main.go b/api/main.go index e022f89..9b7fdc3 100644 --- a/api/main.go +++ b/api/main.go @@ -14,7 +14,8 @@ var ( // API Errors var ( - ErrAuthenticationAlreadySet = errors.New("the authentication function has already been set (or must be set earlier)") + ErrAuthenticationAlreadySet = errors.New("the authentication function has already been set") + ErrAuthenticationImmutable = errors.New("the authentication function can only be set before the api has started") ) func init() { diff --git a/run/main.go b/run/main.go index a319e08..f7c92be 100644 --- a/run/main.go +++ b/run/main.go @@ -74,9 +74,9 @@ signalLoop: fmt.Println(" ") log.Warning("main: program was interrupted, shutting down.") - forceCnt := 5 // catch signals during shutdown go func() { + forceCnt := 5 for { <-signalCh forceCnt-- diff --git a/utils/stablepool.go b/utils/stablepool.go index 68fb605..d253d65 100644 --- a/utils/stablepool.go +++ b/utils/stablepool.go @@ -104,8 +104,8 @@ func (p *StablePool) Get() interface{} { return nil } -// Cnt returns the amount of items the pool currently holds. -func (p *StablePool) Cnt() int { +// Size returns the amount of items the pool currently holds. +func (p *StablePool) Size() int { p.lock.Lock() defer p.lock.Unlock() diff --git a/utils/stablepool_test.go b/utils/stablepool_test.go index c3ffb7e..32d69d1 100644 --- a/utils/stablepool_test.go +++ b/utils/stablepool_test.go @@ -9,8 +9,7 @@ import ( "github.com/stretchr/testify/assert" ) -func TestStablePool(t *testing.T) { - +func TestStablePoolRealWorld(t *testing.T) { // "real world" simulation cnt := 0 @@ -55,7 +54,7 @@ func TestStablePool(t *testing.T) { // wait for round to finish testWorkerWg.Wait() } - t.Logf("real world simulation: cnt=%d p.cnt=%d p.max=%d\n", cnt, testPool.Cnt(), testPool.Max()) + t.Logf("real world simulation: cnt=%d p.cnt=%d p.max=%d\n", cnt, testPool.Size(), testPool.Max()) assert.GreaterOrEqual(t, 200, cnt, "should not use more than 200 values") assert.GreaterOrEqual(t, 100, testPool.Max(), "pool should have at most this max size") @@ -71,7 +70,9 @@ func TestStablePool(t *testing.T) { } } assert.Equal(t, 100, optPool.Max(), "pool should have exactly this max size") +} +func TestStablePoolFuzzing(t *testing.T) { // fuzzing test fuzzPool := &StablePool{} @@ -97,7 +98,9 @@ func TestStablePool(t *testing.T) { fuzzWg.Done() // wait for all to finish fuzzWorkerWg.Wait() +} +func TestStablePoolBreaking(t *testing.T) { // try to break it breakPool := &StablePool{}