Skip to content

rest api: Fix to Disable API authentication#6067

Merged
gmalouf merged 3 commits intoalgorand:masterfrom
algorandskiy:pavel/rest-api-no-token-fix
Jul 15, 2024
Merged

rest api: Fix to Disable API authentication#6067
gmalouf merged 3 commits intoalgorand:masterfrom
algorandskiy:pavel/rest-api-no-token-fix

Conversation

@algorandskiy
Copy link
Copy Markdown
Contributor

@algorandskiy algorandskiy commented Jul 12, 2024

Summary

Fix to #5625 where incorrect test with a client always using an adminToken lead to incorrect actual implementation.

Test Plan

Fixed an existing e2e test

@algorandskiy algorandskiy self-assigned this Jul 12, 2024
@codecov
Copy link
Copy Markdown

codecov bot commented Jul 12, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 0% with 6 lines in your changes missing coverage. Please review.

Project coverage is 56.17%. Comparing base (1493410) to head (c7ec69d).

Files Patch % Lines
daemon/algod/api/server/router.go 0.00% 6 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #6067      +/-   ##
==========================================
+ Coverage   55.77%   56.17%   +0.39%     
==========================================
  Files         488      488              
  Lines       69434    69437       +3     
==========================================
+ Hits        38730    39008     +278     
+ Misses      28017    27791     -226     
+ Partials     2687     2638      -49

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

gmalouf
gmalouf reviewed Jul 15, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@gmalouf gmalouf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks right to me. The auth middleware gets disabled on public AI endpoints if no token is passed at startup (noting that admin auth still gets enabled int he proper places). Small comments to look at before approving.

@gmalouf
Copy link
Copy Markdown
Contributor

gmalouf commented Jul 15, 2024

closes #5747

@gmalouf gmalouf linked an issue Jul 15, 2024 that may be closed by this pull request
New DisableAPIAuth option should ignore all passed API tokens #5747
Closed
@algorandskiy algorandskiy mentioned this pull request Jul 15, 2024
Merged
algorandskiy
algorandskiy commented Jul 15, 2024
View reviewed changes
@algorandskiy @gmalouf
Apply suggestions from code review
69d6ba9 
Co-authored-by: Gary Malouf <982483+gmalouf@users.noreply.github.com>
gmalouf
gmalouf previously approved these changes Jul 15, 2024
View reviewed changes
algorandskiy
algorandskiy commented Jul 15, 2024
View reviewed changes
@gmalouf gmalouf merged commit 8a44d87 into algorand:master Jul 15, 2024
@Algo-devops-service Algo-devops-service mentioned this pull request Sep 17, 2024
Merged
@Algo-devops-service Algo-devops-service mentioned this pull request Sep 26, 2024
Merged
@algorandskiy algorandskiy deleted the pavel/rest-api-no-token-fix branch March 16, 2026 20:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gmalouf gmalouf gmalouf approved these changes

@cce cce Awaiting requested review from cce

+1 more reviewer

@jasonpaulos jasonpaulos jasonpaulos approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@algorandskiy algorandskiy

Labels

Bug-Fix

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

New DisableAPIAuth option should ignore all passed API tokens

3 participants

@algorandskiy @gmalouf @jasonpaulos