Commit 09dbf0d3 authored by David Venhoek's avatar David Venhoek Committed by Sietse Ringers
Browse files

Implemented pin change in keyshareServerCore.

parent 6e9d0360
......@@ -66,7 +66,7 @@ func (db *keyshareMemoryDB) UpdateUser(user KeyshareUser) error {
// Check and update user.
_, exists := db.users[user.Username]
if exists {
if !exists {
return ErrUserNotFound
}
db.users[user.Username] = user.Coredata
......
......@@ -77,6 +77,7 @@ func (s *Server) Handler() http.Handler {
router.Post("/api/v1/client/register", s.handleRegister)
router.Post("/api/v1/users/isAuthorized", s.handleValidate)
router.Post("/api/v1/users/verify/pin", s.handleVerifyPin)
router.Post("/api/v1/users/change/pin", s.handleChangePin)
router.Post("/api/v1/prove/getCommitments", s.handleCommitments)
router.Post("/api/v1/prove/getResponse", s.handleResponse)
router.Mount("/irma/", s.sessionserver.HandlerFunc())
......@@ -282,6 +283,49 @@ func (s *Server) handleVerifyPin(w http.ResponseWriter, r *http.Request) {
}
}
func (s *Server) handleChangePin(w http.ResponseWriter, r *http.Request) {
// Extract request
body, err := ioutil.ReadAll(r.Body)
if err != nil {
s.conf.Logger.WithField("error", err).Info("Malformed request: could not read request body")
server.WriteError(w, server.ErrorInvalidRequest, "could not read request body")
return
}
var msg keyshareChangepin
err = json.Unmarshal(body, &msg)
if err != nil {
s.conf.Logger.WithField("error", err).Info("Malformed request: could not parse request body")
server.WriteError(w, server.ErrorInvalidRequest, "Invalid request")
return
}
// Fetch user
user, err := s.db.User(msg.Username)
if err != nil {
s.conf.Logger.WithFields(logrus.Fields{"username": msg.Username, "error": err}).Warn("Could not find user in db")
server.WriteError(w, server.ErrorUserNotRegistered, "")
return
}
// And change pin (TODO: count and block on pin checks)
user.Coredata, err = s.core.ChangePin(user.Coredata, msg.OldPin, msg.NewPin)
if err != nil {
server.WriteJson(w, keysharePinStatus{Status: "failure", Message: err.Error()})
return
}
// Write user back
err = s.db.UpdateUser(user)
if err != nil {
s.conf.Logger.WithField("error", err).Error("Could not write updated user to database")
server.WriteError(w, server.ErrorInternal, err.Error())
return
}
// And return success
server.WriteJson(w, keysharePinStatus{Status: "success"})
}
func (s *Server) handleRegister(w http.ResponseWriter, r *http.Request) {
// Extract request
body, err := ioutil.ReadAll(r.Body)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment