6d748e8ea3c2a87f079e1e3dcd6b3f33c74ec76c
chmalee
  Tue Jan 14 15:29:31 2025 -0800
If someone calls generateApiKey without being logged in, generate an error message instead of just returning NULL

diff --git src/hg/hgHubConnect/trackHubWizard.c src/hg/hgHubConnect/trackHubWizard.c
index f1c88b5..b4a9c42 100644
--- src/hg/hgHubConnect/trackHubWizard.c
+++ src/hg/hgHubConnect/trackHubWizard.c
@@ -194,24 +194,27 @@
 /* Remove any api keys for the user */
 {
 char *userName = getUserName();
 struct sqlConnection *conn = hConnectCentral();
 struct dyString *query = sqlDyStringCreate("delete from %s where userName='%s'", HUBSPACE_AUTH_TABLE, userName);
 sqlUpdate(conn, dyStringCannibalize(&query));
 hDisconnectCentral(&conn);
 jsonWriteString(cj->jw, "revoke", "true");
 }
 
 void generateApiKey(struct cartJson *cj, struct hash *paramHash)
 /* Make a random (but not crypto-secure api key for use of hubtools to upload to hubspace */
 {
 char *userName = getUserName();
 if (!userName)
+    {
+    jsonWriteString(cj->jw, "error", "generateApiKey: not logged in");
     return;
+    }
 char *apiKey = makeRandomKey(256); // just needs some arbitrary length
 // save this key to the database for this user, the 'on duplicate' part automatically revokes old keys
 struct sqlConnection *conn = hConnectCentral();
 struct dyString *query = sqlDyStringCreate("insert into %s values ('%s', '%s') on duplicate key update apiKey='%s'", HUBSPACE_AUTH_TABLE, userName, apiKey, apiKey);
 sqlUpdate(conn, dyStringCannibalize(&query));
 jsonWriteString(cj->jw, "apiKey", apiKey);
 hDisconnectCentral(&conn);
 }