diff --git a/README.md b/README.md index 6354701..0f51fd4 100644 --- a/README.md +++ b/README.md @@ -77,9 +77,18 @@ Data "Password": "" } ``` - This API call will return a JWT token that must be present for any other API calls to succeed. The validity duration of this token is based on the configured TOKEN_HOUR_LIFESPAN value. JWT token is returned as value of `access_token`. +#### List Roles +GET `/api/admin/roles` + +This operation can only be performed by a user with a role that is admin enabled. Lists currently defined roles. + +#### List Users +GET `/api/admin/users` + +This operation can only be performed by a user with a role that is admin enabled. Lists currently defined users. + ### Secrets Operations #### Store @@ -129,4 +138,9 @@ Data } ``` -Users with ReadOnly role will receive Forbidden error when calling this API endpoint. The values specified in deviceName and deviceCategory must match exactly one existing secret record for the RoleId of the currently logged in user. Wildcards are supported for deviceName and deviceCategory. \ No newline at end of file +Users with ReadOnly role will receive Forbidden error when calling this API endpoint. The values specified in deviceName and deviceCategory must match exactly one existing secret record for the RoleId of the currently logged in user. Wildcards are supported for deviceName and deviceCategory. + +#### List +GET `/api/secret/list` + +Not yet implemented. Will generate a list of device names and categories but not username or secret data. \ No newline at end of file diff --git a/controllers/auth.go b/controllers/auth.go index a188706..8e6e4c1 100644 --- a/controllers/auth.go +++ b/controllers/auth.go @@ -96,13 +96,15 @@ func Login(c *gin.Context) { u.UserName = input.Username u.Password = input.Password - log.Printf("Login checking username '%s' and password '%s'\n", u.UserName, u.Password) + log.Printf("Login checking username '%s' and password length '%d'\n", u.UserName, len(u.Password)) token, err := models.LoginCheck(u.UserName, u.Password) if err != nil { c.JSON(http.StatusBadRequest, gin.H{"error": "username or password is incorrect."}) return + } else { + log.Printf("Login verified, returning token '%s'\n", token) } c.JSON(http.StatusOK, gin.H{"access_token": token})