-
Notifications
You must be signed in to change notification settings - Fork 715
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor: Harmonise Master’s auth signature with authenticateCredentials #539
refactor: Harmonise Master’s auth signature with authenticateCredentials #539
Conversation
There’s still one line missing coverage from when the wrapper is actually called during server initialisation. I started writing a test as follows: test('custom credential authentication', () => {
const game = {};
const authenticateCredentials = jest.fn();
const server = Server({ games: [game], authenticateCredentials });
}); But I’m not really sure what is testable here. In fact, I’m wondering whether instead of wrapping at this point, the internal API inside Are there any places that currently pass a custom |
I'm in favor of refactoring the signature of the |
User-provided and default `auth` functions are now called with (credentials, playerMetadata). Checks in the default `auth` implementation that established whether or not we should authenticate have been split into a separate `doesGameRequireAuthentication` method, that is always used regardless of user-defined `auth` functions.
If a user were to dispatch an action with a non-existent playerID, we might plausibly get an undefined `playerMetadata` argument.
authenticateCredentials
wrapperAccount for undefined parameters when getting player metadata to pass to auth method
OK, this should be ready for review. The summary:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work @delucis!
playerID, | ||
}); | ||
const playerMetadata = getPlayerMetadata(gameMetadata, playerID); | ||
isActionAuthentic = this.shouldAuth(gameMetadata) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not super critical to test, but in the interest of keeping the test coverage at 100%, can we add a test to cover both branches here? If you run npm run test:coverage
on the repo, you will notice that it complains about uncovered branches at line 115 here and line 66 in index.ts
. I'm happy to also follow up with these tests if you don't have time to add them here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I’m just realising that the executeSynchronously
branches aren’t being tested at all in the Master
tests, because they’re only used by LocalMaster
in the local transport implementation. Because there’s no game metadata in the LocalMaster
tests, the shouldAuth
branch always returns false. I don’t think I’m familiar enough with the local transport to fix this.
Seeing this though, I’ve tweaked the way shouldAuth
is initialised, because previously I had it calling doesGameRequireAuthentication
even if authentication hadn’t been enabled.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually, it’s not just that there’s no metadata, LocalMaster
creates an instance of Master
that has auth disabled. So there’s never currently a Master
that executes synchronously and uses authentication.
If the `auth` parameter is not passed as `true` or a custom function, there is no need for the `shouldAuth` function to do anything except always return `false`.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK, let's get this in first and I'll try to fix the testing coverage later.
Following on from #532, this adds a test for the wrapper used around users’
authenticateCredentials
methods.