pick username from auth

2 files changed, 0 insertions, 6 deletions

diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt
index bee90bb1..0ee5bbeb 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt
@@ -298,7 +298,6 @@ data class CreateUserRequest(
 )
 
 data class ChangeUserPassword(
-    val username: String,
     val newPassword: String
 )
 
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
index 273980d9..a5ca7d06 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
@@ -336,13 +336,8 @@ fun serverMain(dbName: String, host: String, port: Int) {
             // change a user's password
             post("/users/password") {
                 val body = call.receiveJson<ChangeUserPassword>()
-                val requestedUsername = requireValidResourceName(body.username)
                 transaction {
                     val user = authenticateRequest(call.request)
-                    if (requestedUsername != user.username) throw NexusError(
-                        HttpStatusCode.Unauthorized,
-                        "Insufficient rights to change password for '${requestedUsername}'"
-                    )
                     user.passwordHash = CryptoUtil.hashpw(body.newPassword)
                 }
                 call.respond(NexusMessage(message = "Password successfully changed"))