Network administration

As you can see in app.js, the API functions from channel creation to chaincode instantiation are implemented as express routes:

app.post('/channel/create', async function(req, res) { ... });
app.post('/channel/join', async function(req, res) { ... });
app.post('/chaincode/install', async function(req, res) { ... });
app.post('/chaincode/instantiate', async function(req, res) { ... });

To exercise these routes, the end user must log in as an administrator and use the returned token. Taking the output from the previous call, we can request channel creation as follows:

curl -s -X POST http://localhost:4000/channel/create -H "authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1MjUwMDU4OTEsInVzZXJuYW1lIjoiYWRtaW4iLCJvcmdOYW1lIjoiaW1wb3J0ZXJvcmciLCJpYXQiOjE1MjUwMDE3NTF9.BYIEBO_MZzQa52_LW2AKVhLVag9OpSiZsI3cYHI9_oA"

Note that the format for the authorization header is Bearer <JWT token value>. The web server implicitly assumes that the channel name is tradechannel, which is set in middleware/constants.js. (You may augment the server API to accept a channel name in the request body if you wish.) The output ought to be as follows if everything goes well:

{"success":true,"message":"Channel created"}

Similar queries can be run by an administrator for channel join, chaincode installation, and chaincode instantiation. As an example, the instantiation API endpoint expects the chaincode path, chaincode version, and a list of arguments for the chaincode as follows:

curl -s -X POST http://localhost:4000/chaincode/instantiate -H "authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1MjUwMDU4OTEsInVzZXJuYW1lIjoiYWRtaW4iLCJvcmdOYW1lIjoiaW1wb3J0ZXJvcmciLCJpYXQiOjE1MjUwMDE3NTF9.BYIEBO_MZzQa52_LW2AKVhLVag9OpSiZsI3cYHI9_oA" -H "content-type: application/json" -d '{ "ccpath": "github.com/trade_workflow", "ccversion": "v0", "args": ["LumberInc", "LumberBank", "100000", "WoodenToys", "ToyBank", "200000", "UniversalFreight", "ForestryDepartment"] }'

The output, if everything goes well, will be:

{"success":true,"message":"Chaincode instantiated"}

In the implementation of each of these routes, a check is made to ensure that the user (identified by the JWT token) is an administrative user, as follows:

if (req.username !== 'admin') {
  res.statusCode = 403;
  res.send('Not an admin user: ' + req.username);
  return;
}

If we were to use the token for the user registered as Jim, the web server would return a 403 error code to the client.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.116.43.36