feat: add api to invalid request in diff b/w server & req time #173
Conversation
Signed-off-by: Akash Kumar <meakash7902@gmail.com>
There was a problem hiding this comment.
Pull Request Overview
This PR adds a new API endpoint to validate client-server time synchronization by comparing a client-provided timestamp with server time. The implementation rejects requests when the time difference exceeds 1 second and includes Docker configuration updates for AMD64 architecture.
- Adds
/check-timeendpoint that validates timestamp synchronization between client and server - Updates Docker configuration from ARM64 to AMD64 architecture with faketime build tags
- Implements time difference validation with 1-second tolerance threshold
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| go-jwt/main.go | Adds CheckTimeHandler function and registers new /check-time endpoint |
| go-jwt/Dockerfile | Updates architecture from ARM64 to AMD64 and adds faketime build tag |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| log.Printf( | ||
| "Server Time: %s", | ||
| serverTime.String(), | ||
|
|
||
| ) |
There was a problem hiding this comment.
The log.Printf call has mismatched format specifiers and arguments. There's a trailing newline on line 171 and the format string expects one argument but the call structure is malformed.
| log.Printf( | |
| "Server Time: %s", | |
| serverTime.String(), | |
| ) | |
| log.Printf("Server Time: %s", serverTime.String()) |
| time.Sleep(1 * time.Second) | ||
|
|
There was a problem hiding this comment.
The 1-second sleep artificially delays all valid time check requests, which will significantly impact API response times and throughput. Consider removing this sleep or making it configurable for testing purposes only.
| time.Sleep(1 * time.Second) |
|
|
||
| // 6. Check if the difference is greater than 1 second | ||
| if diff > time.Second { | ||
| c.Status(http.StatusBadRequest) |
There was a problem hiding this comment.
When rejecting requests due to time difference, the response body is empty. Consider providing an error message explaining why the request was rejected, similar to other error cases in this handler.
| c.Status(http.StatusBadRequest) | |
| c.JSON(http.StatusBadRequest, gin.H{"error": "Time difference between client and server is too large (must be <= 1 second)"}) |
Signed-off-by: Akash Kumar <meakash7902@gmail.com>
AkashKumar7902
force-pushed
the
add-time-api
branch
from
048410c to
d3049f6
Compare
Signed-off-by: kapish <upadhyaykapish@gmail.com>
Signed-off-by: gouravkrosx <gouravgreatkr@gmail.com>
gouravkrosx
force-pushed
the
add-time-api
branch
from
f8deb61 to
416bf06
Compare
Signed-off-by: gouravkrosx <gouravgreatkr@gmail.com>
Signed-off-by: gouravkrosx <gouravgreatkr@gmail.com>
Signed-off-by: kapish <upadhyaykapish@gmail.com>
Signed-off-by: kapish <upadhyaykapish@gmail.com>
|
@AkashKumar7902 is this PR being maintained? |
Yogeshjindal
force-pushed
the
add-time-api
branch
from
1ddca1a to
b9b9a66
Compare
This pull request updates the
go-jwtservice to improve time validation functionality and Docker build configuration. The main changes include switching to theamd64version of thego_freeze_timebinary, introducing a new endpoint to check time synchronization between client and server, and updating the Go build command to include thefaketimetag.Docker build configuration updates:
go_freeze_time_amd64binary instead ofgo_freeze_time_arm64, and updated all related commands and paths accordingly.-tags=faketimeflag, enabling faketime support in the built binary.New time synchronization endpoint:
CheckTimeHandlerfunction inmain.gothat validates if a client-provided Unix timestamp is within one second of the server time, logging the time difference and returning appropriate HTTP status codes./check-timeendpoint in the Gin router to expose the time check functionality.Codebase maintenance:
strconvpackage inmain.goto support parsing string timestamps in the new handler.