commit 2befa711f29e7c4b3f2299dabdc51ec23419b2a1
parent e5c64e7b494d19e7ebdc4124fc17cdd9d104715a
Author: MS <ms@taler.net>
Date: Fri, 22 Sep 2023 17:38:02 +0200
401 on non-existing user trying to authenticate.
Diffstat:
2 files changed, 10 insertions(+), 13 deletions(-)
diff --git a/bank/src/main/kotlin/tech/libeufin/bank/helpers.kt b/bank/src/main/kotlin/tech/libeufin/bank/helpers.kt
@@ -86,10 +86,7 @@ fun doBasicAuth(db: Database, encodedCredentials: String): Customer? {
)
val login = userAndPassSplit[0]
val plainPassword = userAndPassSplit[1]
- val maybeCustomer = db.customerGetFromLogin(login) ?: throw notFound(
- "User not found",
- TalerErrorCode.TALER_EC_END // FIXME: define EC.
- )
+ val maybeCustomer = db.customerGetFromLogin(login) ?: throw unauthorized()
if (!CryptoUtil.checkpw(plainPassword, maybeCustomer.passwordHash)) return null
return maybeCustomer
}
diff --git a/bank/src/test/kotlin/LibeuFinApiTest.kt b/bank/src/test/kotlin/LibeuFinApiTest.kt
@@ -244,7 +244,7 @@ class LibeuFinApiTest {
basicAuth("not", "not")
expectSuccess = false
}
- assert(shouldNot.status == HttpStatusCode.NotFound)
+ assert(shouldNot.status == HttpStatusCode.Unauthorized)
}
}
@@ -287,14 +287,6 @@ class LibeuFinApiTest {
)
}
assert(resp.status == HttpStatusCode.Created)
- // Creating the administrator.
- db.customerCreate(
- Customer(
- "admin",
- CryptoUtil.hashpw("pass"),
- "CFO"
- )
- )
}
}
@@ -326,6 +318,14 @@ class LibeuFinApiTest {
)
}
assert(resp.status == HttpStatusCode.Unauthorized)
+ // Creating the administrator.
+ assert(db.customerCreate(
+ Customer(
+ "admin",
+ CryptoUtil.hashpw("pass"),
+ "CFO"
+ )
+ ) != null)
assert(maybeCreateAdminAccount(db, ctx)) // customer exists, this makes only the bank account.
resp = client.post("/accounts") {
expectSuccess = false
