0

I have written a Python Client for the Supply Chain. I can create a new agent like this:

client = SupplyChainClient()
client.create_agent('test')
client.post_user('test')

After that I can create a record type and finally a record. Now I don't want to create a client before creating a new record. So I'm trying to authenticate a client with the username and password like this:

import requests

resp = requests.post('http://localhost:3000/authorization', auth=('test', '<hash value of the password>'))
print(resp.json())

I have got the hash from the RethinkDB for testing.

Every time I got this error:

{'error': 'Authorization requires username and password'}

Any ideas?

Henrik
  • 43
  • 6

1 Answers1

0

As I can see in the source code of that part of the server, you're not providing the username and the password on the request.

// Checks an object with username and password keys.
// Returns an auth token and the user\'s private key if it passes.
 const authorize = ({ username, password }) => {
 if (!username || !password) {
  const message = 'Authorization requires username and password'
  return Promise.reject(new BadRequest(message))
 }

 return users.query(users => users.filter({ username }))
.then(matches => {
  if (matches.length === 0) throw new Error()
  const user = matches[0]

  return bcrypt.compare(password, user.password)
    .then(passValid => {
      if (!passValid) throw new Error()
      return createToken(user.publicKey)
        })
    .then(token => ({
      authorization: token,
      encryptedKey: user.encryptedKey
    }))
})
.catch(() => { throw new Unauthorized('Authorization Failed') })
 }

That one if for a login, the create user is in users -> create.

hidura
  • 681
  • 3
  • 11
  • 36