incremental
diff --git a/src/token_authorization_middleware.cpp b/src/token_authorization_middleware.cpp
new file mode 100644
index 0000000..61ac28d
--- /dev/null
+++ b/src/token_authorization_middleware.cpp
@@ -0,0 +1,49 @@
+#include <unordered_map>
+
+#include <boost/algorithm/string/predicate.hpp>
+
+#include <token_authorization_middleware.hpp>
+
+namespace crow
+{
+ std::string TokenAuthorizationMiddleware::context::get_cookie(const std::string& key)
+ {
+ if (cookie_sessions.count(key))
+ return cookie_sessions[key];
+ return {};
+ }
+
+ void TokenAuthorizationMiddleware::context::set_cookie(const std::string& key, const std::string& value)
+ {
+ cookies_to_push_to_client.emplace(key, value);
+ }
+
+
+ void TokenAuthorizationMiddleware::before_handle(crow::request& req, response& res, context& ctx)
+ {
+ if (req.url == "/login"){
+ return;
+ }
+
+ // Check for an authorization header, reject if not present
+ if (req.headers.count("Authorization") != 1) {
+ res.code = 400;
+ res.end();
+ return;
+ }
+ std::string auth_header = req.get_header_value("Authorization");
+ // If the user is attempting any kind of auth other than token, reject
+ if (!boost::starts_with(auth_header, "Token ")) {
+ res.code = 400;
+ res.end();
+ }
+ }
+
+ void TokenAuthorizationMiddleware::after_handle(request& /*req*/, response& res, context& ctx)
+ {
+ for (auto& cookie : ctx.cookies_to_push_to_client) {
+ res.add_header("Set-Cookie", cookie.first + "=" + cookie.second);
+ }
+ }
+
+}
\ No newline at end of file