You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Create Middleware to guard user type changing and user creating
Context
We need to guard the endpoints that allow for user type-changing and creation as well as project creation
Requirements & Criteria
Middleware is added to the createUser, setUserType, and createProject methods in the api-gateway
This middleware checks the X-User-Email and X-User-Password headers to validate that the caller is a user with type superadmin. If not, the middleware fill fail and return a 401 response
Use the authenticate method within the auth-service to validate a user (Depends on Add user authentication functionality #31 to be able to use the authenticate method)
This method will fail if the user credentials are invalid or return the user information if valid.
Testing
Please ensure there are tests written for the following cases (at a minimum):
Calling each endpoint with no headers
Calling each endpoint with only one of the two headers
Calling each endpoint with both headers and invalid credentials
Calling each endpoint with valid credentials
The text was updated successfully, but these errors were encountered:
tmthecoder
changed the title
Middleware for user type-changing & creation endpoints
Middleware for User modification methods
Feb 6, 2024
tmthecoder
changed the title
Middleware for User modification methods
Middleware for User/Project modification methods
Feb 6, 2024
Create Middleware to guard user type changing and user creating
Context
We need to guard the endpoints that allow for user type-changing and creation as well as project creation
Requirements & Criteria
createUser
,setUserType
, andcreateProject
methods in the api-gatewayX-User-Email
andX-User-Password
headers to validate that the caller is a user with type superadmin. If not, the middleware fill fail and return a401
responseauthenticate
method within the auth-service to validate a user (Depends on Add user authentication functionality #31 to be able to use the authenticate method)Testing
The text was updated successfully, but these errors were encountered: