mirrors/nadeko_invidious
1
0
Fork 0
mirror of https://git.nadeko.net/Fijxu/invidious.git synced 2025-12-19 11:28:51 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Add backtraces to errors (#1498)

Browse Source 
Error handling has been reworked to always go through the new `error_template`,
`error_json` and `error_atom` macros.
They all accept a status code followed by a string message or an exception
object. `error_json` accepts a hash with additional fields as third argument.

If the second argument is an exception a backtrace will be printed, if it is a
string only the string is printed. Since up till now only the exception message
was printed a new `InfoException` class was added for situations where no
backtrace is intended but a string cannot be used.

`error_template` with a string message automatically localizes the message.
Missing error translations have been collected in https://github.com/iv-org/invidious/issues/1497
`error_json` with a string message does not localize the message. This is the
same as previous behavior. If translations are desired for `error_json` they
can be added easily but those error messages have not been collected yet.

Uncaught exceptions previously only printed a generic message ("Looks like
you've found a bug in Invidious. [...]"). They still print that message
but now also include a backtrace.
This commit is contained in:
saltycrys
2020-11-30 10:59:21 +01:00
committed by GitHub
parent fe73eccb90
commit 3dac33ffba
11 changed files with 250 additions and 378 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/invidious/helpers/tokens.cr
View File

@@ -70,33 +70,33 @@ def validate_request(token, session, request, key, db, locale = nil)
when JSON::Any
token = token.as_h
when Nil
raise translate(locale, "Hidden field \"token\" is a required field")
raise InfoException.new("Hidden field \"token\" is a required field")
end
expire = token["expire"]?.try &.as_i
if expire.try &.< Time.utc.to_unix
raise translate(locale, "Token is expired, please try again")
raise InfoException.new("Token is expired, please try again")
end
if token["session"] != session
raise translate(locale, "Erroneous token")
raise InfoException.new("Erroneous token")
end
scopes = token["scopes"].as_a.map { |v| v.as_s }
scope = "#{request.method}:#{request.path.lchop("/api/v1/auth/").lstrip("/")}"
if !scopes_include_scope(scopes, scope)
raise translate(locale, "Invalid scope")
raise InfoException.new("Invalid scope")
end
if !Crypto::Subtle.constant_time_compare(token["signature"].to_s, sign_token(key, token))
raise translate(locale, "Invalid signature")
raise InfoException.new("Invalid signature")
end
if token["nonce"]? && (nonce = db.query_one?("SELECT * FROM nonces WHERE nonce = $1", token["nonce"], as: {String, Time}))
if nonce[1] > Time.utc
db.exec("UPDATE nonces SET expire = $1 WHERE nonce = $2", Time.utc(1990, 1, 1), nonce[0])
else
raise translate(locale, "Erroneous token")
raise InfoException.new("Erroneous token")
end
end