Created readonly user not able to login

[dingosky]

Create a user with readonly role:

curl -X 'POST' \
  'http://localhost:8083/v1/users' \
  -H 'accept: application/json' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer <ADMIN_TOKEN>' \
  -d '{
  "username": "readonly",
  "password": "readonly",
  "role": "ReadOnly",
  "affiliation": "MBARI",
  "firstName": "read",
  "lastName": "only",
  "email": "[email protected]"
}'

Response:

{
 "username":"readonly",
  "password":"Z76g1k3o4Ylg8TW1s6uceE0cURziPMKm",
  "role":"ReadOnly",
  "affiliation":"MBARI",
  "firstName":"read",
  "lastName":"only",
  "email":"[email protected]",
  "id":243,
  "isEncrypted":true
}

Attempt to login to newly created user yields

{
  "message":"Invalid username or password",
  "responseCode":401
}

[hohonuuli]

@dingosky This is currently a deliberate choice. ReadOnly users won't have access to any of the editing functions in the Oni service. Note that JWT tokens are only required for editing functions; GET endpoints do not require any authentication ATM.

See JwtService.scala#78

[hohonuuli]

mbari-org/oni 3a24411

[hohonuuli]

I've clarified the 401 response. ReadOnly users that attempt to login will get:

{
  "message":"Unable to login. Check your username and password and verify that you are an administrator or maintainer",
  "responseCode":401
}

[dingosky]

My misunderstanding. So I believe this means the login form should include a "Read Only" option that allows UI access without credentials. I have the Read Only gating factor in the code, just didn't understand that Read Only user wasn't a registered user with a ReadOnly role.