Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / 38bdb986b9133f5d728cc44b3d82321ce132eee3^! / . / src
commit38bdb986b9133f5d728cc44b3d82321ce132eee3[log] [tgz]
authorEd Tanous <ed.tanous@intel.com>Fri Mar 03 14:19:33 2017 -0800
committerEd Tanous <ed.tanous@intel.com>Fri Mar 03 14:19:33 2017 -0800
treea5546e1f070c547f19dafe10969dc66e21d6e8fc
parent904063f6e5eccdd15d7a9d2a21200f99abc679ae [diff]
incremetnal

diff --git a/src/token_authorization_middleware.cpp b/src/token_authorization_middleware.cpp
index abe002f..d1972fa 100644
--- a/src/token_authorization_middleware.cpp
+++ b/src/token_authorization_middleware.cpp

@@ -21,22 +21,24 @@
 
     void TokenAuthorizationMiddleware::before_handle(crow::request& req, response& res, context& ctx)
     {
-        return;
+        auto return_unauthorized = [&req, &res](){
+            res.code = 401;
+            res.end();
+        };
         if (req.url == "/login"){
+
+        }
+        // Check for an authorization header, reject if not present
+        if (req.headers.count("Authorization") != 1) {
+            return_unauthorized();
             return;
         }
 
-        // Check for an authorization header, reject if not present
-        if (req.headers.count("Authorization") != 1) {
-            res.code = 400;
-            res.end();
-            return;
-        }
         std::string auth_header = req.get_header_value("Authorization");
         // If the user is attempting any kind of auth other than token, reject
         if (!boost::starts_with(auth_header, "Token ")) {
-            res.code = 400;
-            res.end();
+            return_unauthorized();
+            return;
         }
     }
 

diff --git a/src/webserver_main.cpp b/src/webserver_main.cpp
index 34f91d5..6c92e34 100644
--- a/src/webserver_main.cpp
+++ b/src/webserver_main.cpp

@@ -44,14 +44,8 @@
 
     std::string ssl_pem_file("server.pem");
     ensuressl::ensure_openssl_key_present_and_valid(ssl_pem_file);
-    //auto handler2 = std::make_shared<ExampleLogHandler>();
-    //crow::logger::setHandler(handler2.get());
-    crow::App<crow::TokenAuthorizationMiddleware> app;
 
-    CROW_ROUTE(app, "/")
-        .name("hello")([] {
-            return "Hello World!";
-        });   
+    crow::App<crow::TokenAuthorizationMiddleware> app; 
 
     crow::webassets::request_routes(app);