Pass down SignedUserName down to AccessLogger context (#16605)

* Pass down SignedUserName down to AccessLogger context

Unfortunately when the AccessLogger was moved back before the contexters the
SignedUserName reporting was lost. This is due to Request.WithContext leading to a
shallow copy of the Request and the modules/context/Context being within that request.

This PR adds a new context variable of a string pointer which is set and handled
in the contexters.

Fix #16600

Signed-off-by: Andrew Thornton <art27@cantab.net>
* handle nil ptr issue

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

diff --git a/modules/context/access_log.go b/modules/context/access_log.go
index 97bb32f4c538290bf6eaf8f0abb1da40ba2bd0e2..1a10c4763a8184ecd57d9d4ab429074a6c14e5ed 100644 (file)
--- a/modules/context/access_log.go
+++ b/modules/context/access_log.go
@@ -6,6 +6,7 @@ package context
 
 import (
        "bytes"
+       "context"
        "html/template"
        "net/http"
        "time"
@@ -22,6 +23,8 @@ type routerLoggerOptions struct {
        Ctx            map[string]interface{}
 }
 
+var signedUserNameStringPointerKey interface{} = "signedUserNameStringPointerKey"
+
 // AccessLogger returns a middleware to log access logger
 func AccessLogger() func(http.Handler) http.Handler {
        logger := log.GetLogger("access")
@@ -29,11 +32,10 @@ func AccessLogger() func(http.Handler) http.Handler {
        return func(next http.Handler) http.Handler {
                return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
                        start := time.Now()
-                       next.ServeHTTP(w, req)
                        identity := "-"
-                       if val := SignedUserName(req); val != "" {
-                               identity = val
-                       }
+                       r := req.WithContext(context.WithValue(req.Context(), signedUserNameStringPointerKey, &identity))
+
+                       next.ServeHTTP(w, r)
                        rw := w.(ResponseWriter)
 
                        buf := bytes.NewBuffer([]byte{})

diff --git a/modules/context/api.go b/modules/context/api.go
index a21e0d74028d0c4d956c2e22e3a7e1c893d05bfa..8f1ed3f2ce2dcc48d40a6a1247ea9ddb04f701ad 100644 (file)
--- a/modules/context/api.go
+++ b/modules/context/api.go
@@ -275,6 +275,17 @@ func APIContexter() func(http.Handler) http.Handler {
                        ctx.Data["CsrfToken"] = html.EscapeString(ctx.csrf.GetToken())
 
                        next.ServeHTTP(ctx.Resp, ctx.Req)
+
+                       // Handle adding signedUserName to the context for the AccessLogger
+                       usernameInterface := ctx.Data["SignedUserName"]
+                       identityPtrInterface := ctx.Req.Context().Value(signedUserNameStringPointerKey)
+                       if usernameInterface != nil && identityPtrInterface != nil {
+                               username := usernameInterface.(string)
+                               identityPtr := identityPtrInterface.(*string)
+                               if identityPtr != nil && username != "" {
+                                       *identityPtr = username
+                               }
+                       }
                })
        }
 }

diff --git a/modules/context/context.go b/modules/context/context.go
index b356e1eb1bbb64d53d9d63e2abf4f55aefd0a9f3..9d04fe3858886159cc17a9d319653d1c93071a3a 100644 (file)
--- a/modules/context/context.go
+++ b/modules/context/context.go
@@ -770,6 +770,17 @@ func Contexter() func(next http.Handler) http.Handler {
                        }
 
                        next.ServeHTTP(ctx.Resp, ctx.Req)
+
+                       // Handle adding signedUserName to the context for the AccessLogger
+                       usernameInterface := ctx.Data["SignedUserName"]
+                       identityPtrInterface := ctx.Req.Context().Value(signedUserNameStringPointerKey)
+                       if usernameInterface != nil && identityPtrInterface != nil {
+                               username := usernameInterface.(string)
+                               identityPtr := identityPtrInterface.(*string)
+                               if identityPtr != nil && username != "" {
+                                       *identityPtr = username
+                               }
+                       }
                })
        }
 }