Yimaru/Yimaru-BackEnd
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix device registration error mapping for invalid user IDs.

Browse Source 
Validate device registration input and translate devices_user_fk violations into a clear bad-request response so invalid auth contexts no longer return opaque 500 errors.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Yared Yemane 2026-05-11 08:32:42 -07:00
parent 6a4fe68628
commit b2a72c2f6e
1 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
internal/web_server/handlers/notification_handler.go
View File

@ -6,6 +6,7 @@ import (
"bufio" "bufio"
"context" "context"
"encoding/json" "encoding/json"
"errors"
"fmt" "fmt"
"io" "io"
"net" "net"
@ -16,6 +17,7 @@ import (
"github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2"
"github.com/gorilla/websocket" "github.com/gorilla/websocket"
"github.com/jackc/pgx/v5/pgconn"
"github.com/resend/resend-go/v2" "github.com/resend/resend-go/v2"
"go.uber.org/zap" "go.uber.org/zap"
) )
@ -111,7 +113,7 @@ type hijackResponseWriter struct {
h http.Header h http.Header
} }
func (w *hijackResponseWriter) Header() http.Header { return w.h } func (w *hijackResponseWriter) Header() http.Header { return w.h }
func (w *hijackResponseWriter) WriteHeader(statusCode int) {} func (w *hijackResponseWriter) WriteHeader(statusCode int) {}
func (w *hijackResponseWriter) Write(b []byte) (int, error) { return w.conn.Write(b) } func (w *hijackResponseWriter) Write(b []byte) (int, error) { return w.conn.Write(b) }
func (w *hijackResponseWriter) Hijack() (net.Conn, *bufio.ReadWriter, error) { func (w *hijackResponseWriter) Hijack() (net.Conn, *bufio.ReadWriter, error) {
@ -662,6 +664,12 @@ func (h *Handler) RegisterDeviceToken(c *fiber.Ctx) error {
) )
return fiber.NewError(fiber.StatusBadRequest, "Invalid request body") return fiber.NewError(fiber.StatusBadRequest, "Invalid request body")
} }
if valErrs, ok := h.validator.Validate(c, req); !ok {
return c.Status(fiber.StatusBadRequest).JSON(domain.ErrorResponse{
Message: "Validation failed",
Error: firstValidationError(valErrs),
})
}
userID, ok := c.Locals("user_id").(int64) userID, ok := c.Locals("user_id").(int64)
if !ok || userID == 0 { if !ok || userID == 0 {
@ -673,6 +681,14 @@ func (h *Handler) RegisterDeviceToken(c *fiber.Ctx) error {
} }
if err := h.userSvc.RegisterDevice(c.Context(), userID, req.DeviceToken, req.Platform); err != nil { if err := h.userSvc.RegisterDevice(c.Context(), userID, req.DeviceToken, req.Platform); err != nil {
var pgErr *pgconn.PgError
if errors.As(err, &pgErr) && pgErr.Code == "23503" && pgErr.ConstraintName == "devices_user_fk" {
return c.Status(fiber.StatusBadRequest).JSON(domain.ErrorResponse{
Message: "Invalid authenticated user",
Error: "authenticated user does not exist in users table",
})
}
h.mongoLoggerSvc.Error("[NotificationHandler.RegisterDeviceToken] Failed to register device token", h.mongoLoggerSvc.Error("[NotificationHandler.RegisterDeviceToken] Failed to register device token",
zap.Int64("userID", userID), zap.Int64("userID", userID),
zap.String("platform", req.Platform), zap.String("platform", req.Platform),