admin authentication helper - libeufin - Integration and sandbox testing for FinTech APIs and data formats

commit 993dabf4b38a84245902f5ba123a5dfb595fd0c0
parent cba69c62e6ec651e291b3f6a710ec0e136f78fc7
Author: Marcello Stanisci <ms@taler.net>
Date:   Fri,  8 May 2020 18:09:57 +0200

admin authentication helper

Diffstat:
M nexus/src/main/kotlin/tech/libeufin/nexus/Helpers.kt  | 9 +++++++++
M nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt  | 2 ++

2 files changed, 11 insertions(+), 0 deletions(-)
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/Helpers.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/Helpers.kt
@@ -369,6 +369,15 @@ fun authenticateRequest(authorization: String?): String {
     return subscriber.id.value
 }
 
+fun authenticateAdminRequest(authorization: String?): String {
+    val userId = authenticateRequest(authorization)
+    if (!userId.equals("admin")) throw NexusError(
+        HttpStatusCode.Forbidden,
+        "Not the 'admin' user"
+    )
+    return userId
+}
+
 /**
  * Check if the subscriber has the right to use the (claimed) bank account.
  * @param subscriber id of the EBICS subscriber to check
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
@@ -150,6 +150,8 @@ fun main() {
              * Add a new ordinary user in the system (requires "admin" privileges)
              */
             post("/users") {
+                authenticateAdminRequest(call.request.headers["Authorization"])
+                
                 return@post
             }
             /**

	libeufin Integration and sandbox testing for FinTech APIs and data formats
	Log \| Files \| Refs \| Submodules \| README \| LICENSE

M	nexus/src/main/kotlin/tech/libeufin/nexus/Helpers.kt	\|	9	+++++++++
M	nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt	\|	2	++