From 518a99a132707ba0e2572b24ca18f6b9606d7334 Mon Sep 17 00:00:00 2001
From: Yigit Sever
Date: Sun, 11 Apr 2021 21:39:18 +0300
Subject: Implement User handling and authentication

New struct: User, corresponds to a student

Blocks and users are persistent (written to a text file)

PostgreSQL would've been overkill, we have 30 students

AuthRequest is the representation for incoming register requests and
User is the inner representation

Students who are enrolled to the class are hardcoded, only they can
register new accounts

There are two new tests, one checks if a priviliged (=enrolled) user can
create an account and the other checks if a unpriviliged one cannot

There are quick verbose error messages that I'm not married to, might
move on to something better honestly

There's nothing stopping a malicious user to pre-register everyone with
mock public keys and effectively lock everyone out, what's a good secret
we can use?
---
 tester.sh | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

(limited to 'tester.sh')

diff --git a/tester.sh b/tester.sh
index e6bb007..71e6ae6 100755
--- a/tester.sh
+++ b/tester.sh
@@ -2,6 +2,26 @@
 
 ## When in doubt just write a shell script
 
+## new registration request
+## should fail because foobar is not a student
+curl --request POST \
+    --header 'Content-Type: application/json' \
+    --data '{
+    "student_id": "foobar",
+    "public_key": "not_implemented_yet"
+}' \
+    http://localhost:8080/register
+
+## new registration request
+## should fail because foobar is not a student
+curl --request POST \
+    --header 'Content-Type: application/json' \
+    --data '{
+        "student_id": "e254275",
+        "public_key": "not_implemented_yet"
+    }' \
+    http://localhost:8080/register
+
 ## new transaction
 curl --request POST \
     --header 'Content-Type: application/json' \
@@ -72,4 +92,3 @@ curl localhost:8080/transaction
 
 printf "\n\nShould have only one block\n\n"
 curl localhost:8080/block
-
-- 
cgit v1.2.3-70-g09d2