add opt-out mechanism via cookie

2024-10-18 12:10:25 +02:00 · 2019-06-24 22:26:50 +02:00 · 2019-06-24 22:26:50 +02:00 · 53bd8f39b2
commit 53bd8f39b2
parent b0c7f69271
3 changed files with 9 additions and 20 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -55,6 +55,7 @@ services:
    environment:
      - SERVER_HOST=http://localhost:8080
      - KMS_HOST=http://localhost:8081
+      - SCRIPT_HOST=http://localhost:9977
      - AUDITORIUM_HOST=http://localhost:9955

  script:
@ -69,7 +70,7 @@ services:
    ports:
      - 9966:9966
    environment:
-      - VAULT_HOST=http://localhost:9977
+      - VAULT_HOST=https://vault-alpha.offen.dev

  auditorium:
    build:
--- a/shared/http/middleware.go
+++ b/shared/http/middleware.go
@ -18,9 +18,9 @@ func ContentTypeMiddleware(next http.Handler, contentType string) http.Handler {
 	})
 }

-func DoNotTrackMiddleware(next http.Handler) http.Handler {
+func OptoutMiddleware(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if dnt := r.Header.Get("DNT"); dnt == "1" {
+		if _, err := r.Cookie("optout"); err == nil {
 			w.WriteHeader(http.StatusNoContent)
 			return
 		}
--- a/shared/http/middleware_test.go
+++ b/shared/http/middleware_test.go
@ -34,14 +34,16 @@ func TestContentTypeMiddleware(t *testing.T) {
 	})
 }

-func TestDoNotTrackMiddleware(t *testing.T) {
-	wrapped := DoNotTrackMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+func TestOptoutMiddleware(t *testing.T) {
+	wrapped := OptoutMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		w.Write([]byte("hey there"))
 	}))
 	t.Run("with header", func(t *testing.T) {
 		w := httptest.NewRecorder()
 		r := httptest.NewRequest(http.MethodGet, "/", nil)
-		r.Header.Set("DNT", "1")
+		r.AddCookie(&http.Cookie{
+			Name: "optout",
+		})
 		wrapped.ServeHTTP(w, r)

 		if w.Code != http.StatusNoContent {
@ -61,20 +63,6 @@ func TestDoNotTrackMiddleware(t *testing.T) {
 			t.Errorf("Unexpected status code %d", w.Code)
 		}

-		if w.Body.String() != "hey there" {
-			t.Errorf("Unexpected response body %s", w.Body.String())
-		}
-	})
-	t.Run("with header allowing", func(t *testing.T) {
-		w := httptest.NewRecorder()
-		r := httptest.NewRequest(http.MethodGet, "/", nil)
-		r.Header.Set("DNT", "0")
-		wrapped.ServeHTTP(w, r)
-
-		if w.Code != http.StatusOK {
-			t.Errorf("Unexpected status code %d", w.Code)
-		}
-
 		if w.Body.String() != "hey there" {
 			t.Errorf("Unexpected response body %s", w.Body.String())
 		}