[libeufin] branch master updated: pick username from auth

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libeufin] branch master updated: pick username from auth

From:	gnunet
Subject:	[libeufin] branch master updated: pick username from auth
Date:	Tue, 26 Jan 2021 15:04:08 +0100

This is an automated email from the git hooks/post-receive script.

ms pushed a commit to branch master
in repository libeufin.

The following commit(s) were added to refs/heads/master by this push:
     new df649e6  pick username from auth
df649e6 is described below

commit df649e65dedec5b28e0efb98b9a77fee0a83bde4
Author: MS <ms@taler.net>
AuthorDate: Tue Jan 26 15:04:03 2021 +0100

    pick username from auth
---
 nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt        | 1 -
 nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt | 5 -----
 2 files changed, 6 deletions(-)

diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt 
b/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt
index bee90bb..0ee5bbe 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/server/JSON.kt
@@ -298,7 +298,6 @@ data class CreateUserRequest(
 )
 
 data class ChangeUserPassword(
-    val username: String,
     val newPassword: String
 )
 
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt 
b/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
index 273980d..a5ca7d0 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
@@ -336,13 +336,8 @@ fun serverMain(dbName: String, host: String, port: Int) {
             // change a user's password
             post("/users/password") {
                 val body = call.receiveJson<ChangeUserPassword>()
-                val requestedUsername = requireValidResourceName(body.username)
                 transaction {
                     val user = authenticateRequest(call.request)
-                    if (requestedUsername != user.username) throw NexusError(
-                        HttpStatusCode.Unauthorized,
-                        "Insufficient rights to change password for 
'${requestedUsername}'"
-                    )
                     user.passwordHash = CryptoUtil.hashpw(body.newPassword)
                 }
                 call.respond(NexusMessage(message = "Password successfully 
changed"))

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[libeufin] branch master updated: pick username from auth, gnunet <=

Prev by Date: [libeufin] branch master updated: change user's password logic
Next by Date: [libeufin] branch master updated: test password change
Previous by thread: [libeufin] branch master updated: change user's password logic
Next by thread: [libeufin] branch master updated: test password change
Index(es):
- Date
- Thread