search

Ptt-official-app / Ptt-backend

PTT APP 的後端
BSD 3-Clause "New" or "Revised" License
208 stars 68 forks source link

[BUG] 在測試 /v1/token 時伺服器 Crash 了 #211

Closed PichuChen closed 3 years ago

PichuChen commented 3 years ago

發生了什麼事? / The Problem

在傳送 /v1/token 取得 token 時,如果只傳送 POST 而沒有傳送正確的參數的話,伺服器會出現錯誤。

如何重現 / To Reproduce

  1. 首先建置好含 home bbs 資料的環境
  2. curl 'localhost:8081/v1/token' -d ''
  3. 接著就會伺服器端就會什麼都沒回應,如果是 nginx 做中介的場合會得到 500 Server Error

預期的行為 / Expected behavior

不應該出現 Server Error, 應該要出現缺少參數的 Error 以及明確指出缺少什麼參數

螢幕截圖 / Screenshots

2021/06/04 22:05:43 postToken parse form err: %!w(<nil>)
2021/06/04 22:05:43 found user: &{0xc000178c40}
2021/06/04 22:05:43 password
2021/06/04 22:05:43 http: panic serving [::1]:51211: runtime error: slice bounds out of range [:2] with length 0
goroutine 14 [running]:
net/http.(*conn).serve.func1(0xc00011b040)
    /usr/local/Cellar/go/1.16.2/libexec/src/net/http/server.go:1824 +0x153
panic(0x136a8c0, 0xc0000144c8)
    /usr/local/Cellar/go/1.16.2/libexec/src/runtime/panic.go:971 +0x499
github.com/Ptt-official-app/go-bbs/pttbbs.(*Userec).VerifyPassword(0xc000178c40, 0x0, 0x0, 0x0, 0x0)
    /Users/tih/go/pkg/mod/github.com/!ptt-official-app/go-bbs@v0.3.3/pttbbs/passwd.go:157 +0x219
github.com/Ptt-official-app/Ptt-backend/internal/delivery/http.(*Delivery).verifyPassword(0xc000022880, 0x1400188, 0xc000013d10, 0x0, 0x0, 0x1400188, 0xc000013d10)
    /Users/tih/localgitrepos/Ptt-backend/internal/delivery/http/route_token.go:77 +0xd0
github.com/Ptt-official-app/Ptt-backend/internal/delivery/http.(*Delivery).postToken(0xc000022880, 0x13fd970, 0xc000180540, 0xc00010eb00)
    /Users/tih/localgitrepos/Ptt-backend/internal/delivery/http/route_token.go:43 +0x209
github.com/Ptt-official-app/Ptt-backend/internal/delivery/http.(*Delivery).routeToken(...)
    /Users/tih/localgitrepos/Ptt-backend/internal/delivery/http/route.go:22
net/http.HandlerFunc.ServeHTTP(0xc000194120, 0x13fd970, 0xc000180540, 0xc00010eb00)
    /usr/local/Cellar/go/1.16.2/libexec/src/net/http/server.go:2069 +0x44
net/http.(*ServeMux).ServeHTTP(0xc00005a7c0, 0x13fd970, 0xc000180540, 0xc00010eb00)
    /usr/local/Cellar/go/1.16.2/libexec/src/net/http/server.go:2448 +0x1ad
net/http.serverHandler.ServeHTTP(0xc0001800e0, 0x13fd970, 0xc000180540, 0xc00010eb00)
    /usr/local/Cellar/go/1.16.2/libexec/src/net/http/server.go:2887 +0xa3
net/http.(*conn).serve(0xc00011b040, 0x13fe080, 0xc00005ac40)
    /usr/local/Cellar/go/1.16.2/libexec/src/net/http/server.go:1952 +0x8cd
created by net/http.(*Server).Serve
    /usr/local/Cellar/go/1.16.2/libexec/src/net/http/server.go:3013 +0x39b

截圖 2021-06-04 下午10 12 40

開發環境 / Environment

PichuChen commented 3 years ago

以這樣的參數傳入時也會 Crash

curl 'localhost:8081/v1/token'  -d  'grant_type=password' -d 'username=' -d 'password='
y2468101216 commented 3 years ago

我以為這是正常的,不是 bug