incremental
diff --git a/src/token_authorization_middleware.cpp b/src/token_authorization_middleware.cpp
index 30d12c5..91feaf1 100644
--- a/src/token_authorization_middleware.cpp
+++ b/src/token_authorization_middleware.cpp
@@ -1,51 +1,58 @@
+#include <boost/algorithm/string/predicate.hpp>
#include <random>
#include <unordered_map>
-#include <boost/algorithm/string/predicate.hpp>
-#include <token_authorization_middleware.hpp>
#include <crow/logging.h>
#include <base64.hpp>
+#include <token_authorization_middleware.hpp>
namespace crow {
-using random_bytes_engine = std::independent_bits_engine<std::default_random_engine, CHAR_BIT, unsigned char>;
+using random_bytes_engine =
+ std::independent_bits_engine<std::default_random_engine, CHAR_BIT,
+ unsigned char>;
+TokenAuthorizationMiddleware::TokenAuthorizationMiddleware()
+ : auth_token2(""){
-void TokenAuthorizationMiddleware::before_handle(crow::request& req, response& res, context& ctx) {
-
+ };
+
+void TokenAuthorizationMiddleware::before_handle(crow::request& req,
+ response& res, context& ctx) {
auto return_unauthorized = [&req, &res]() {
res.code = 401;
res.end();
};
- LOG(DEBUG) << "Got route " << req.url;
+ LOG(DEBUG) << "Token Auth Got route " << req.url;
- if (req.url == "/" || boost::starts_with(req.url, "/static/")){
- //TODO this is total hackery to allow the login page to work before the user
- // is authenticated. Also, it will be quite slow for all pages instead of
- // a one time hit for the whitelist entries.
- // Ideally, this should be done in the url router handler, with tagged routes
- // for the whitelist entries.
+ if (req.url == "/" || boost::starts_with(req.url, "/static/")) {
+ // TODO this is total hackery to allow the login page to work before the
+ // user is authenticated. Also, it will be quite slow for all pages instead
+ // of a one time hit for the whitelist entries. Ideally, this should be
+ // done
+ // in the url router handler, with tagged routes for the whitelist entries.
// Another option would be to whitelist a minimal
return;
}
if (req.url == "/login") {
- if (req.method != HTTPMethod::POST){
+ if (req.method != HTTPMethod::POST) {
return_unauthorized();
return;
} else {
auto login_credentials = crow::json::load(req.body);
- if (!login_credentials){
+ if (!login_credentials) {
return_unauthorized();
return;
}
auto username = login_credentials["username"].s();
auto password = login_credentials["password"].s();
-
+
// TODO(ed) pull real passwords from PAM
- if (username == "dude" && password == "dude"){
- //TODO(ed) the RNG should be initialized at start, not every time we want a token
+ if (username == "dude" && password == "dude") {
+ // TODO(ed) the RNG should be initialized at start, not every time we
+ // want a token
std::random_device rand;
random_bytes_engine rbe;
std::string token('a', 20);
@@ -54,17 +61,25 @@
base64::base64_encode(token, encoded_token);
ctx.auth_token = encoded_token;
this->auth_token2 = encoded_token;
+ crow::json::wvalue x;
+ auto auth_token = ctx.auth_token;
+ x["token"] = auth_token;
+
+ res.write(json::dump(x));
+ res.end();
} else {
return_unauthorized();
return;
}
}
-
+
} else if (req.url == "/logout") {
this->auth_token2 = "";
- } else { // Normal, non login, non static file request
+ res.code = 200;
+ res.end();
+ } else { // Normal, non login, non static file request
// Check to make sure we're logged in
- if (this->auth_token2.empty()){
+ if (this->auth_token2.empty()) {
return_unauthorized();
return;
}
@@ -81,8 +96,8 @@
return;
}
- //todo, use span here instead of constructing a new string
- if (auth_header.substr(6) != this->auth_token2){
+ // TODO(ed), use span here instead of constructing a new string
+ if (auth_header.substr(6) != this->auth_token2) {
return_unauthorized();
return;
}
@@ -90,7 +105,6 @@
}
}
-void TokenAuthorizationMiddleware::after_handle(request& /*req*/, response& res, context& ctx) {
-
-}
+void TokenAuthorizationMiddleware::after_handle(request& req, response& res,
+ context& ctx) {}
}