From 39c5caf364550600ded374bcd84b2dae4e2b64f6 Mon Sep 17 00:00:00 2001 From: Kilian Klammt <s73072@beuth-hochschule.de> Date: Tue, 18 May 2021 15:50:19 +0200 Subject: [PATCH 1/3] B01 [MOD] add functionality update users --- UebungII/endpoints/user/UserService.js | 55 +++++++++++++------------- UebungII/endpoints/user/router_user.js | 18 ++++++++- UebungII/tests/userRoute.http | 8 ++-- UebungII/util/verification.js | 5 ++- 4 files changed, 51 insertions(+), 35 deletions(-) diff --git a/UebungII/endpoints/user/UserService.js b/UebungII/endpoints/user/UserService.js index 237939c..66f9c01 100644 --- a/UebungII/endpoints/user/UserService.js +++ b/UebungII/endpoints/user/UserService.js @@ -29,22 +29,7 @@ const createUser = async (body, callback) => { } } -// CHECK IF USER DOES ALREADY EXIST ( BASED ON MAIL + USERNAME ) -const userExists = async (body) => { - console.log('( UserService) userExists '); - try { - // let user = await User.find({ $or: [{ username: body.username }, { email: body.email }] }) - // or statement not working --- we need to make sure no user with email or username provided exists - let user = await User.findOne({ username: body.username }) - let user2 = await User.findOne({ email: body.email }) - if (user || user2) return true - return false - } catch (err) { - console.error(err); - callback(err, null); - } -} const getAllUsers = (callback) => { console.log('( User Service) getAllUsers '); @@ -133,23 +118,39 @@ const getUserbyEmail = async (email, callback) => { } } -const isAdministrator = async (email, callback) => { - console.log('( User Service) getUserByEmail '); +const updateUser = (userId, body, callback) => { + console.log('( User Service) updateUser '); - if (email) { + const filter = { userId: userId } - await User.findOne({ email: email }, (err, user) => { + User.findOneAndUpdate(filter, body, { + new: true, + }, (err, result) => { if (err) { - return callback(err) - } else if (!user) { - callback('Could not find user') + callback(err, null) } else { - callback(null, user) + callback(null, result) } - }) - } else { - console.log('Email is missing'); + }, + ) +} + + +// CHECK IF USER DOES ALREADY EXIST ( BASED ON MAIL + USERNAME ) +const userExists = async (body) => { + console.log('( UserService) userExists '); + try { + // let user = await User.find({ $or: [{ username: body.username }, { email: body.email }] }) + // or statement not working --- we need to make sure no user with email or username provided exists + let user = await User.findOne({ username: body.username }) + let user2 = await User.findOne({ email: body.email }) + if (user || user2) return true + return false + } catch (err) { + console.error(err); + callback(err, null); } + } -module.exports = { createUser, getAllUsers, getUserbyUsername, getUserById, deleteUserById, getUserbyEmail } \ No newline at end of file +module.exports = { createUser, getAllUsers, updateUser, getUserbyUsername, getUserById, deleteUserById, getUserbyEmail } \ No newline at end of file diff --git a/UebungII/endpoints/user/router_user.js b/UebungII/endpoints/user/router_user.js index dcfd2a6..5818f39 100644 --- a/UebungII/endpoints/user/router_user.js +++ b/UebungII/endpoints/user/router_user.js @@ -27,7 +27,7 @@ router_user.post('/new', (req, res) => { } }) -// GET ALL USERS ( not sure if needed ) +// GET ALL USERS ( not sure if needed in future project ) router_user.get('/', Verification.authenticateUser, (req, res) => { console.log('GET ( RouterUser ) /user') @@ -53,8 +53,22 @@ router_user.get('/:id', (req, res) => { }) }) -// DELETE USER BY ID +// UPDATE USER BY ID ( only if user is logged in and himself ) +router_user.put('/:id', Verification.authenticateUser, (req, res, next) => { + console.log('PUT ( RouterUser ) /user/:id') + UserService.updateUser(req.params.id, req.body, (err, result) => { + if (err) { + console.error(err); + res.send(err) + }else{ + console.info('Updated user!') + res.status(204).send(result) + } + }) +}) + +// DELETE USER BY ID router_user.delete('/:id', Verification.verifyAdmin, (req, res, next) => { console.log('DELETE ( RouterUser ) /user/:id') UserService.deleteUserById(req.params.id, (err, user) => { diff --git a/UebungII/tests/userRoute.http b/UebungII/tests/userRoute.http index 2a802f4..b7ecad6 100644 --- a/UebungII/tests/userRoute.http +++ b/UebungII/tests/userRoute.http @@ -36,8 +36,8 @@ GET http://localhost:8080/user/ authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSm9oblRoZUFkbWluIiwiaWF0IjoxNjIxMjU2OTQ1LCJleHAiOjE2MjEyNTY5OTV9.TWdfoOsvVXpc9f98yR3t4XOZ4GiK9T1CAZ3UV1qZWB8 ### GET ONE USER // (Logged in) -GET http://localhost:8080/user/-rbaWTCivFB7uBY_7ics1 -authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSm9oblRoZUFkbWluIiwiaWF0IjoxNjIxMjU2MzI1LCJleHAiOjE2MjEyNTYzNzV9.5fQBPAOwJVg9yyHqPFw4ckXjQCTYwrbqFTAgyGs76cg +GET http://localhost:8080/user/BZZ_Z-rzPr2ur3lBjyBS9 +authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmVmZlRoZUNhc3VhbCIsImlhdCI6MTYyMTM0Mjc2NCwiZXhwIjoxNjIxMzQyODE0fQ.rmCzEz8fXG9t6-_TTjckxqMnV_R5anDZC_GMAlmM90s ### DELETE USER BY ID // (Logged in + Admin) DELETE http://localhost:8080/user/xsj45RXki6HA2AE4yqvTu @@ -45,11 +45,11 @@ authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmFuZXR0 ### UPDATE USER // (Logged in) PUT http://localhost:8080/user/BZZ_Z-rzPr2ur3lBjyBS9 -authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmVmZlRoZUNhc3VhbCIsImlhdCI6MTYyMTI2NjM4NiwiZXhwIjoxNjIxMjY2NDM2fQ._ypH031WGfPCsEyrpDo4zK5B5FgwzSmFbIzxGfWH258 +authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmVmZlRoZUNhc3VhbCIsImlhdCI6MTYyMTM0NTczOCwiZXhwIjoxNjIxMzQ1Nzg4fQ.jOlyr0JDwsIJfXovO4sGZxO-5Sqry_SAvyLayN0FusY Content-type: application/json; charset=utf-8 { - "email": "jeff@beanfriends.com" + "email": "jeffbes@beanfriends.com" } ### LOGIN USER // (not admin) diff --git a/UebungII/util/verification.js b/UebungII/util/verification.js index 33cf2f3..0166189 100644 --- a/UebungII/util/verification.js +++ b/UebungII/util/verification.js @@ -1,10 +1,11 @@ const jwt = require('jsonwebtoken') -const { jwtKey } = require('../config/config') const UserService = require('../endpoints/user/UserService') const BeanService = require('../endpoints/bean/BeanService') - const CommentService = require('../endpoints/comment/CommentService') +const { jwtKey } = require('../config/config') +let jwtExpirySeconds = 50 + const authenticateUser = (req, res, next) => { console.log('(AuthService) authenticateUser()') if (typeof req.headers.authentication !== 'undefined') { -- GitLab From e5c5bfa33745d47941b8d607e6d506bee5ce9ac1 Mon Sep 17 00:00:00 2001 From: Kilian Klammt <s73072@beuth-hochschule.de> Date: Tue, 18 May 2021 17:07:09 +0200 Subject: [PATCH 2/3] B01 [MOD] add put functionality --- .../authentication/AuthenticationService.js | 2 +- UebungII/endpoints/user/UserService.js | 17 ++++++---- UebungII/endpoints/user/router_user.js | 6 ++-- UebungII/tests/userRoute.http | 4 +-- UebungII/util/verification.js | 34 +++++++++++++++---- 5 files changed, 44 insertions(+), 19 deletions(-) diff --git a/UebungII/endpoints/authentication/AuthenticationService.js b/UebungII/endpoints/authentication/AuthenticationService.js index d215307..76592e6 100644 --- a/UebungII/endpoints/authentication/AuthenticationService.js +++ b/UebungII/endpoints/authentication/AuthenticationService.js @@ -3,7 +3,7 @@ var Logger = require('../../util/Logger').logger const jwt = require('jsonwebtoken') const Verification = require('../../util/verification') const { jwtKey } = require('../../config/config') -let jwtExpirySeconds = 50 +let jwtExpirySeconds = 500 const createSessionToken = (userCredentials, callback) => { console.log('( AuthService ) createSessionToken() ') diff --git a/UebungII/endpoints/user/UserService.js b/UebungII/endpoints/user/UserService.js index 66f9c01..0026c95 100644 --- a/UebungII/endpoints/user/UserService.js +++ b/UebungII/endpoints/user/UserService.js @@ -119,19 +119,22 @@ const getUserbyEmail = async (email, callback) => { } const updateUser = (userId, body, callback) => { - console.log('( User Service) updateUser '); + console.log('( User Service ) updateUser '); - const filter = { userId: userId } + options = { + useFindAndModify: false, new: true + } + + filter = { userId: userId } - User.findOneAndUpdate(filter, body, { - new: true, - }, (err, result) => { + User.findOneAndUpdate(filter, body, options, (err, result) => { if (err) { callback(err, null) - } else { + }else { callback(null, result) } - }, + + } ) } diff --git a/UebungII/endpoints/user/router_user.js b/UebungII/endpoints/user/router_user.js index 5818f39..7a34621 100644 --- a/UebungII/endpoints/user/router_user.js +++ b/UebungII/endpoints/user/router_user.js @@ -28,7 +28,7 @@ router_user.post('/new', (req, res) => { }) // GET ALL USERS ( not sure if needed in future project ) -router_user.get('/', Verification.authenticateUser, (req, res) => { +router_user.get('/', (req, res) => { console.log('GET ( RouterUser ) /user') UserService.getAllUsers((err, result) => { @@ -54,7 +54,7 @@ router_user.get('/:id', (req, res) => { }) // UPDATE USER BY ID ( only if user is logged in and himself ) -router_user.put('/:id', Verification.authenticateUser, (req, res, next) => { +router_user.put('/:id', Verification.isSelf, (req, res, next) => { console.log('PUT ( RouterUser ) /user/:id') UserService.updateUser(req.params.id, req.body, (err, result) => { @@ -63,7 +63,7 @@ router_user.put('/:id', Verification.authenticateUser, (req, res, next) => { res.send(err) }else{ console.info('Updated user!') - res.status(204).send(result) + res.status(204).send('Updated user!') } }) }) diff --git a/UebungII/tests/userRoute.http b/UebungII/tests/userRoute.http index b7ecad6..677b892 100644 --- a/UebungII/tests/userRoute.http +++ b/UebungII/tests/userRoute.http @@ -45,11 +45,11 @@ authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmFuZXR0 ### UPDATE USER // (Logged in) PUT http://localhost:8080/user/BZZ_Z-rzPr2ur3lBjyBS9 -authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmVmZlRoZUNhc3VhbCIsImlhdCI6MTYyMTM0NTczOCwiZXhwIjoxNjIxMzQ1Nzg4fQ.jOlyr0JDwsIJfXovO4sGZxO-5Sqry_SAvyLayN0FusY +authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmVmZlRoZUNhc3VhbCIsImlhdCI6MTYyMTM0OTgxOCwiZXhwIjoxNjIxMzUwMzE4fQ.DxryWnaiHLMazD3w-_lyU6ebubdlj366NBjYAPP5eEA Content-type: application/json; charset=utf-8 { - "email": "jeffbes@beanfriends.com" + "email": "jeff@beanfriends.com" } ### LOGIN USER // (not admin) diff --git a/UebungII/util/verification.js b/UebungII/util/verification.js index 0166189..1b186c8 100644 --- a/UebungII/util/verification.js +++ b/UebungII/util/verification.js @@ -4,10 +4,10 @@ const BeanService = require('../endpoints/bean/BeanService') const CommentService = require('../endpoints/comment/CommentService') const { jwtKey } = require('../config/config') -let jwtExpirySeconds = 50 +let jwtExpirySeconds = 500 const authenticateUser = (req, res, next) => { - console.log('(AuthService) authenticateUser()') + console.log('(Verification) authenticateUser()') if (typeof req.headers.authentication !== 'undefined') { let token = req.headers.authentication.split(' ')[1] jwt.verify(token, jwtKey, { algorithm: 'HS256' }, (err, decoded) => { @@ -36,18 +36,39 @@ const authenticateUser = (req, res, next) => { } } -const getUsernameFromHeader = (headers) => { +const isSelf = (req, res, next) => { + console.log('(Verification) isSelf()') + UserService.getUserById(req.params.id, (err, user) => { + if (err) { + console.error(err); + }else{ + getUsernameFromHeader(req.headers, (err, username) => { + if (err) { + console.error(err); + }else{ + if (user.username == username) { + console.log('You are the logged in User!'); + next() + }else{ + console.error('Not Authorized') + } + } + }) + } + }) +} + +const getUsernameFromHeader = (headers, callback) => { console.log('(Verification) getUsernameFromHeader()') try { let token = headers.authentication.split(' ')[1] let encrypt = jwt.verify(token, jwtKey, { algorithm: 'HS256' }) console.log('--- Retrieved username from header', encrypt.user); - return encrypt.user + callback(null, encrypt.user) } catch (err) { console.error(err); + callback(err, null) } - console.error('Could not retrieve username from header'); - return null } const isAuthorOfComment = async (req, res, next) => { @@ -108,6 +129,7 @@ const verifyAdmin = (req, res, next) => { module.exports = { authenticateUser, getUsernameFromHeader, + isSelf, verifyAdmin, isAuthorOfComment, isAuthorOfBean -- GitLab From d5fdd75ba7905f05d74caa9af747a6fcaf90a6ff Mon Sep 17 00:00:00 2001 From: Kilian Klammt <s73072@beuth-hochschule.de> Date: Wed, 19 May 2021 09:52:53 +0200 Subject: [PATCH 3/3] B01 [MOD] add final CRUD Functionality DELETE --- UebungII/app.js | 3 +++ UebungII/endpoints/user/UserService.js | 9 +++++--- UebungII/endpoints/user/router_user.js | 10 ++++----- UebungII/package-lock.json | 5 +++++ UebungII/package.json | 1 + UebungII/tests/beanRoute.http | 8 +++++-- UebungII/tests/userRoute.http | 30 ++++++++++++-------------- 7 files changed, 40 insertions(+), 26 deletions(-) diff --git a/UebungII/app.js b/UebungII/app.js index 2413250..0592f7e 100644 --- a/UebungII/app.js +++ b/UebungII/app.js @@ -3,6 +3,7 @@ const key_cert = require('./config/config') const https = require('https') const dbConnection = require('./util/db_connection') const mongooseConnection = require('./util/mongoose_connection') +const helmet = require('helmet') const app = express(); @@ -23,6 +24,8 @@ const mg = mongooseConnection.initMGConnection() app.use(express.json()) app.use(express.urlencoded({ extended: false })) +// -- -- security -- -- +app.use(helmet()) // ROUTER HANDLING diff --git a/UebungII/endpoints/user/UserService.js b/UebungII/endpoints/user/UserService.js index 0026c95..0a95b51 100644 --- a/UebungII/endpoints/user/UserService.js +++ b/UebungII/endpoints/user/UserService.js @@ -70,11 +70,14 @@ const deleteUserById = async (userId, callback) => { await User.deleteOne({ userId: userId }, function (err, user) { if (err) { - callback(err); + console.error('An error occured: ', err) + callback(err, null); } else if (!user) { - callback('User not found'); + console.err('User not found'); + callback('User not found', null); } else { - callback('User deleted'); + console.log('Deleted User'); + callback(null, user); } }) diff --git a/UebungII/endpoints/user/router_user.js b/UebungII/endpoints/user/router_user.js index 7a34621..27ec9e5 100644 --- a/UebungII/endpoints/user/router_user.js +++ b/UebungII/endpoints/user/router_user.js @@ -7,8 +7,8 @@ const Verification = require('../../util/verification') var UserService = require('./UserService') // CREATE NEW USER -router_user.post('/new', (req, res) => { - console.log('POST ( RouterUser ) /user/new') +router_user.post('/', (req, res) => { + console.log('POST ( RouterUser ) /user/') if (req.body) { UserService.createUser(req.body, (err, user) => { if (err) { @@ -41,7 +41,7 @@ router_user.get('/', (req, res) => { }) // GET USER BY ID -router_user.get('/:id', (req, res) => { +router_user.get('/:id', Verification.authenticateUser, (req, res) => { console.log('GET ( RouterUser ) /user/:id') UserService.getUserById(req.params.id, (err, user) => { @@ -54,7 +54,7 @@ router_user.get('/:id', (req, res) => { }) // UPDATE USER BY ID ( only if user is logged in and himself ) -router_user.put('/:id', Verification.isSelf, (req, res, next) => { +router_user.patch('/:id', Verification.isSelf, (req, res, next) => { console.log('PUT ( RouterUser ) /user/:id') UserService.updateUser(req.params.id, req.body, (err, result) => { @@ -75,7 +75,7 @@ router_user.delete('/:id', Verification.verifyAdmin, (req, res, next) => { if (err) { res.status(404).send() } else { - res.status(204) + res.status(204).send() } }) }) diff --git a/UebungII/package-lock.json b/UebungII/package-lock.json index d2445e7..d9c9608 100644 --- a/UebungII/package-lock.json +++ b/UebungII/package-lock.json @@ -1041,6 +1041,11 @@ "resolved": "https://registry.npmjs.org/has-yarn/-/has-yarn-2.1.0.tgz", "integrity": "sha512-UqBRqi4ju7T+TqGNdqAO0PaSVGsDGJUBQvk9eUWNGRY1CFGDzYhLWoM7JQEemnlvVcv/YEmc2wNW8BC24EnUsw==" }, + "helmet": { + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/helmet/-/helmet-4.6.0.tgz", + "integrity": "sha512-HVqALKZlR95ROkrnesdhbbZJFi/rIVSoNq6f3jA/9u6MIbTsPh3xZwihjeI5+DO/2sOV6HMHooXcEOuwskHpTg==" + }, "http-cache-semantics": { "version": "4.1.0", "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.0.tgz", diff --git a/UebungII/package.json b/UebungII/package.json index 5748ba5..5967978 100644 --- a/UebungII/package.json +++ b/UebungII/package.json @@ -14,6 +14,7 @@ "dotenv": "^8.2.0", "ejs": "^3.1.6", "express": "^4.17.1", + "helmet": "^4.6.0", "jsonwebtoken": "^8.5.1", "mongodb": "^3.6.6", "mongoose": "^5.12.5", diff --git a/UebungII/tests/beanRoute.http b/UebungII/tests/beanRoute.http index 448719c..fb5d4b3 100644 --- a/UebungII/tests/beanRoute.http +++ b/UebungII/tests/beanRoute.http @@ -1,3 +1,9 @@ +### GET BEANS +GET http://localhost:8080/beans/ + +### GET SINGLE BEAN +GET http://localhost:8080/beans/wfOy-aJmJmeddljPmi5_n + ### POST NEW BEAN (user/admin) POST http://localhost:8080/beans/ HTTP/1.1 Content-type: application/json; charset=utf-8 @@ -13,5 +19,3 @@ authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmVmZlRo DELETE http://localhost:8080/beans/kKF3oVd8H_iCKR5lrg4Pb HTTP/1.1 authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmVmZlRoZUNhc3VhbCIsImlhdCI6MTYyMDI5NTA1OCwiZXhwIjoxNjIwMjk1MzU4fQ.c5hR-9dKqzs7urCKaZ_HbzdhXYU-UWCidhxEW_C0sp4 -### GET BEAN -GET http://localhost:8080/beans/wfOy-aJmJmeddljPmi5_n \ No newline at end of file diff --git a/UebungII/tests/userRoute.http b/UebungII/tests/userRoute.http index 677b892..2e13506 100644 --- a/UebungII/tests/userRoute.http +++ b/UebungII/tests/userRoute.http @@ -1,55 +1,53 @@ ### POST NEW USER (admin) -POST http://localhost:8080/user/new HTTP/1.1 +POST http://localhost:8080/user/ HTTP/1.1 Content-type: application/json; charset=utf-8 X-User: 1 { - "username": "JanetteTheAdmin", + "username": "JarvinTheAdmin", "password": "admin", - "email": "theSecondAdmin@beanfriends.com", + "email": "theThirdAdmin@beanfriends.com", "isAdministrator": true } ### POST NEW USER (not admin) -POST http://localhost:8080/user/new HTTP/1.1 +POST http://localhost:8080/user/ HTTP/1.1 Content-type: application/json; charset=utf-8 X-User: 1 { - "username": "JeffTheCasual", + "username": "JeffACasual", "password": "notAdmin", - "email": "jeff@beanfriends.com" + "email": "jeffos@beanfriends.com" } ### LOGIN USER // (admin) POST http://localhost:8080/authentication/login -Authorization: Basic SmFuZXR0ZVRoZUFkbWluOmFkbWlu +Authorization: Basic SmFydmluVGhlQWRtaW46YWRtaW4= ### LOGIN USER // (not admin) POST http://localhost:8080/authentication/login Authorization: Basic SmVmZlRoZUNhc3VhbDpub3RBZG1pbg== -### GET USERS // (Logged in) +### GET USERS // GET http://localhost:8080/user/ -authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSm9oblRoZUFkbWluIiwiaWF0IjoxNjIxMjU2OTQ1LCJleHAiOjE2MjEyNTY5OTV9.TWdfoOsvVXpc9f98yR3t4XOZ4GiK9T1CAZ3UV1qZWB8 ### GET ONE USER // (Logged in) GET http://localhost:8080/user/BZZ_Z-rzPr2ur3lBjyBS9 -authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmVmZlRoZUNhc3VhbCIsImlhdCI6MTYyMTM0Mjc2NCwiZXhwIjoxNjIxMzQyODE0fQ.rmCzEz8fXG9t6-_TTjckxqMnV_R5anDZC_GMAlmM90s +authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmFydmluVGhlQWRtaW4iLCJpYXQiOjE2MjE0MDk3MjksImV4cCI6MTYyMTQxMDIyOX0.qrivqrxTnPBJlFZSvPIJAxS_UKmV_ld-J1W-xoInOgI ### DELETE USER BY ID // (Logged in + Admin) -DELETE http://localhost:8080/user/xsj45RXki6HA2AE4yqvTu -authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmFuZXR0ZVRoZUFkbWluIiwiaWF0IjoxNjIxMjU4Mzk4LCJleHAiOjE2MjEyNTg0NDh9.RRWd4JZDm8uguivRTBFs6Mp3nIqPpwR3kA3VL05wWto - +DELETE http://localhost:8080/user/V7WBDe-NGUnxU4cmsnl50 +authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmFydmluVGhlQWRtaW4iLCJpYXQiOjE2MjE0MTAxMTIsImV4cCI6MTYyMTQxMDYxMn0.tKMKFGOMNu2Nitev4PY1hPJVVhBMeWqSHhIy2Qgk5ag ### UPDATE USER // (Logged in) -PUT http://localhost:8080/user/BZZ_Z-rzPr2ur3lBjyBS9 -authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmVmZlRoZUNhc3VhbCIsImlhdCI6MTYyMTM0OTgxOCwiZXhwIjoxNjIxMzUwMzE4fQ.DxryWnaiHLMazD3w-_lyU6ebubdlj366NBjYAPP5eEA +PATCH http://localhost:8080/user/BZZ_Z-rzPr2ur3lBjyBS9 +authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiSmFydmluVGhlQWRtaW4iLCJpYXQiOjE2MjE0MTAyODMsImV4cCI6MTYyMTQxMDc4M30.Q3fWUVjIDoRCYEZREXpK7Vp9jrtdp5pJ2vGsWrGiyG0 Content-type: application/json; charset=utf-8 { - "email": "jeff@beanfriends.com" + "password": "jeff@oberAdmin.com" } ### LOGIN USER // (not admin) -- GitLab