change user's password logic

author: MS <ms@taler.net> 2021-01-26 15:00:33 +0100
committer: MS <ms@taler.net> 2021-01-26 15:00:33 +0100
commit: 8087940d06ffbdcde81f69213de5f9891be643a1 (patch)
tree: f07c685acfff562effe2bdcba742c6741e912c12 /nexus
parent: 9910092b65de5e6ab7b63dc2c3fb88e41ac5bdb8 (diff)
download: libeufin-8087940d06ffbdcde81f69213de5f9891be643a1.tar.gz
libeufin-8087940d06ffbdcde81f69213de5f9891be643a1.tar.bz2
libeufin-8087940d06ffbdcde81f69213de5f9891be643a1.zip
2 files changed, 24 insertions, 0 deletions
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt
index 23dccf31..bee90bb1 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt
@@ -109,6 +109,9 @@ data class NexusErrorDetailJson(
 data class NexusErrorJson(
     val error: NexusErrorDetailJson
 )
+data class NexusMessage(
+    val message: String
+)
 
 data class BankConnectionInfo(
     val name: String,
@@ -294,6 +297,11 @@ data class CreateUserRequest(
     val password: String
 )
 
+data class ChangeUserPassword(
+    val username: String,
+    val newPassword: String
+)
+
 data class UserInfo(
     val username: String,
     val superuser: Boolean
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
index 9e2fab70..273980d9 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
@@ -333,6 +333,22 @@ fun serverMain(dbName: String, host: String, port: Int) {
                 return@get
             }
 
+            // change a user's password
+            post("/users/password") {
+                val body = call.receiveJson<ChangeUserPassword>()
+                val requestedUsername = requireValidResourceName(body.username)
+                transaction {
+                    val user = authenticateRequest(call.request)
+                    if (requestedUsername != user.username) throw NexusError(
+                        HttpStatusCode.Unauthorized,
+                        "Insufficient rights to change password for '${requestedUsername}'"
+                    )
+                    user.passwordHash = CryptoUtil.hashpw(body.newPassword)
+                }
+                call.respond(NexusMessage(message = "Password successfully changed"))
+                return@post
+            }
+
             // Add a new ordinary user in the system (requires superuser privileges)
             post("/users") {
                 val body = call.receiveJson<CreateUserRequest>()
author	MS <ms@taler.net>	2021-01-26 15:00:33 +0100
committer	MS <ms@taler.net>	2021-01-26 15:00:33 +0100
commit	8087940d06ffbdcde81f69213de5f9891be643a1 (patch)
tree	f07c685acfff562effe2bdcba742c6741e912c12 /nexus
parent	9910092b65de5e6ab7b63dc2c3fb88e41ac5bdb8 (diff)
download	libeufin-8087940d06ffbdcde81f69213de5f9891be643a1.tar.gz libeufin-8087940d06ffbdcde81f69213de5f9891be643a1.tar.bz2 libeufin-8087940d06ffbdcde81f69213de5f9891be643a1.zip