Middleware for User/Project modification methods #32

tmthecoder · 2024-02-06T21:53:49Z

Create Middleware to guard user type changing and user creating

We need to guard the endpoints that allow for user type-changing and creation as well as project creation

Middleware is added to the createUser, setUserType, and createProject methods in the api-gateway
This middleware checks the X-User-Email and X-User-Password headers to validate that the caller is a user with type superadmin. If not, the middleware fill fail and return a 401 response
Use the authenticate method within the auth-service to validate a user (Depends on Add user authentication functionality #31 to be able to use the authenticate method)
- This method will fail if the user credentials are invalid or return the user information if valid.

Please ensure there are tests written for the following cases (at a minimum):
- Calling each endpoint with no headers
- Calling each endpoint with only one of the two headers
- Calling each endpoint with both headers and invalid credentials
- Calling each endpoint with valid credentials

The text was updated successfully, but these errors were encountered:

tmthecoder changed the title ~~Middleware for user type-changing & creation endpoints~~ Middleware for User modification methods Feb 6, 2024

tmthecoder changed the title ~~Middleware for User modification methods~~ Middleware for User/Project modification methods Feb 6, 2024

tmthecoder assigned UZ9 Feb 8, 2024

UZ9 linked a pull request Mar 11, 2024 that will close this issue

Middleware User Project #67

Open