diff --git a/src/main/kotlin/fr/dcproject/Application.kt b/src/main/kotlin/fr/dcproject/Application.kt index 26a95e4..202c080 100644 --- a/src/main/kotlin/fr/dcproject/Application.kt +++ b/src/main/kotlin/fr/dcproject/Application.kt @@ -33,6 +33,7 @@ import java.util.* import fr.dcproject.repository.Article as RepositoryArticle import fr.dcproject.repository.Citizen as RepositoryCitizen import fr.dcproject.repository.Constitution as RepositoryConstitution +import fr.dcproject.repository.User as UserRepository fun main(args: Array): Unit = io.ktor.server.jetty.EngineMain.main(args) @@ -104,7 +105,9 @@ fun Application.module() { verifier(JwtConfig.verifier) realm = "dc-project.fr" validate { - it.payload.getClaim("id").asInt()?.let { get() } + it.payload.getClaim("id").asString()?.let { id -> + get().findById(UUID.fromString(id)) + } } } } diff --git a/src/main/kotlin/fr/dcproject/repository/User.kt b/src/main/kotlin/fr/dcproject/repository/User.kt index 255d660..4d15c50 100644 --- a/src/main/kotlin/fr/dcproject/repository/User.kt +++ b/src/main/kotlin/fr/dcproject/repository/User.kt @@ -3,6 +3,7 @@ package fr.dcproject.repository import fr.postgresjson.connexion.Requester import fr.postgresjson.repository.RepositoryI import io.ktor.auth.UserPasswordCredential +import java.util.* import fr.dcproject.entity.User as UserEntity class User(override var requester: Requester) : RepositoryI { @@ -16,4 +17,16 @@ class User(override var requester: Requester) : RepositoryI { "plain_password" to credentials.password ) } + + fun findById(id: UUID): UserEntity { + return requester + .getFunction("find_user_by_id") + .selectOne( + "id" to id + ) ?: throw UserNotFound(id) + } + + class UserNotFound(override val message: String?, override val cause: Throwable?): Throwable(message, cause) { + constructor(id: UUID): this("No User with ID $id", null) + } } diff --git a/src/main/kotlin/fr/dcproject/routes/Article.kt b/src/main/kotlin/fr/dcproject/routes/Article.kt index 36cbc04..a31c142 100644 --- a/src/main/kotlin/fr/dcproject/routes/Article.kt +++ b/src/main/kotlin/fr/dcproject/routes/Article.kt @@ -1,7 +1,11 @@ package fr.dcproject.routes import Paths +import io.ktor.application.ApplicationCall import io.ktor.application.call +import io.ktor.auth.authenticate +import io.ktor.auth.authentication +import io.ktor.http.HttpStatusCode import io.ktor.locations.KtorExperimentalLocationsAPI import io.ktor.locations.get import io.ktor.locations.post @@ -9,8 +13,11 @@ import io.ktor.request.receive import io.ktor.response.respond import io.ktor.routing.Route import fr.dcproject.entity.Article as ArticleEntity +import fr.dcproject.entity.User as UserEntity import fr.dcproject.repository.Article as ArticleRepository +val ApplicationCall.user get() = authentication.principal() + @KtorExperimentalLocationsAPI fun Route.article(repo: ArticleRepository) { get { @@ -22,9 +29,17 @@ fun Route.article(repo: ArticleRepository) { call.respond(it.article) } - post() { - val article = call.receive() - repo.upsert(article) - call.respond(article) + authenticate(optional = true) { + post() { + // TODO replace to voter + val user = call.user + if (user == null) { + call.respond(HttpStatusCode.Unauthorized) + } else { + val article = call.receive() + repo.upsert(article) + call.respond(article) + } + } } } \ No newline at end of file