func()

in internal/auth/auth.go [516:569]

• 45 lines of code
• 8 McCabe index (conditional complexity)

func (a *Auth) checkAuthentication(w http.ResponseWriter, r *http.Request, domain internal.Domain) bool {
	logRequest(r).Debug("Authenticate request")

	if a == nil {
		logRequest(r).Error(errAuthNotConfigured)
		errortracking.CaptureErrWithReqAndStackTrace(errAuthNotConfigured, r)

		httperrors.Serve500(w)
		return true
	}

	session := a.checkSessionIsValid(w, r, domain)
	if session == nil {
		return true
	}

	projectID := domain.GetProjectID(r)
	req, err := a.buildAuthRequest(r, projectID, session)
	if err != nil {
		handleAuthError(r, err, failAuthErrMsg)
		httperrors.Serve500(w)
		return true
	}

	resp, err := a.apiClient.Do(req)
	if err != nil {
		if errors.Is(err, context.Canceled) {
			httperrors.Serve404(w)
		} else {
			handleAuthError(r, err, "Failed to retrieve info with token")
			domain.ServeNotFoundAuthFailed(w, r)
		}
		return true
	}
	defer resp.Body.Close()

	if checkResponseForInvalidToken(resp, session, w, r) {
		return true
	}

	if resp.StatusCode != http.StatusOK {
		// call serve404 handler when auth fails
		err := fmt.Errorf("unexpected response fetching access token status: %d", resp.StatusCode)
		logRequest(r).WithError(err).WithFields(log.Fields{
			"status":      resp.StatusCode,
			"status_text": resp.Status,
		}).Error("Unexpected response fetching access token")
		errortracking.CaptureErrWithReqAndStackTrace(err, r)
		domain.ServeNotFoundAuthFailed(w, r)
		return true
	}

	return false
}