gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libeufin] branch master updated: change user's password logic

From: gnunet
Subject: [libeufin] branch master updated: change user's password logic
Date: Tue, 26 Jan 2021 15:00:48 +0100 
This is an automated email from the git hooks/post-receive script.

ms pushed a commit to branch master
in repository libeufin.

The following commit(s) were added to refs/heads/master by this push:
     new 8087940  change user's password logic
8087940 is described below

commit 8087940d06ffbdcde81f69213de5f9891be643a1
Author: MS <ms@taler.net>
AuthorDate: Tue Jan 26 15:00:33 2021 +0100

    change user's password logic
---
 nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt |  8 ++++++++
 .../kotlin/tech/libeufin/nexus/server/NexusServer.kt     | 16 ++++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt 
b/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt
index 23dccf3..bee90bb 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt
@@ -109,6 +109,9 @@ data class NexusErrorDetailJson(
 data class NexusErrorJson(
     val error: NexusErrorDetailJson
 )
+data class NexusMessage(
+    val message: String
+)
 
 data class BankConnectionInfo(
     val name: String,
@@ -294,6 +297,11 @@ data class CreateUserRequest(
     val password: String
 )
 
+data class ChangeUserPassword(
+    val username: String,
+    val newPassword: String
+)
+
 data class UserInfo(
     val username: String,
     val superuser: Boolean
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt 
b/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
index 9e2fab7..273980d 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
@@ -333,6 +333,22 @@ fun serverMain(dbName: String, host: String, port: Int) {
                 return@get
             }
 
+            // change a user's password
+            post("/users/password") {
+                val body = call.receiveJson<ChangeUserPassword>()
+                val requestedUsername = requireValidResourceName(body.username)
+                transaction {
+                    val user = authenticateRequest(call.request)
+                    if (requestedUsername != user.username) throw NexusError(
+                        HttpStatusCode.Unauthorized,
+                        "Insufficient rights to change password for 
'${requestedUsername}'"
+                    )
+                    user.passwordHash = CryptoUtil.hashpw(body.newPassword)
+                }
+                call.respond(NexusMessage(message = "Password successfully 
changed"))
+                return@post
+            }
+
             // Add a new ordinary user in the system (requires superuser 
privileges)
             post("/users") {
                 val body = call.receiveJson<CreateUserRequest>()

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]