diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/persistent_data_middleware.hpp | 7 | ||||
| -rw-r--r-- | include/sessions.hpp | 61 | ||||
| -rw-r--r-- | include/token_authorization_middleware.hpp | 17 |
3 files changed, 81 insertions, 4 deletions
diff --git a/include/persistent_data_middleware.hpp b/include/persistent_data_middleware.hpp index c368ab21dc..348079ba61 100644 --- a/include/persistent_data_middleware.hpp +++ b/include/persistent_data_middleware.hpp @@ -100,6 +100,12 @@ class Middleware systemUuid = *jSystemUuid; } } + else if (item.key() == "auth_config") + { + SessionStore::getInstance() + .getAuthMethodsConfig() + .fromJson(item.value()); + } else if (item.key() == "sessions") { for (const auto& elem : item.value()) @@ -163,6 +169,7 @@ class Middleware nlohmann::json data{ {"sessions", SessionStore::getInstance().authTokens}, + {"auth_config", SessionStore::getInstance().getAuthMethodsConfig()}, {"system_uuid", systemUuid}, {"revision", jsonRevision}}; persistentFile << data; diff --git a/include/sessions.hpp b/include/sessions.hpp index df65d6155d..749349476c 100644 --- a/include/sessions.hpp +++ b/include/sessions.hpp @@ -339,6 +339,43 @@ struct UserSession } }; +struct AuthConfigMethods +{ + bool xtoken = true; + bool cookie = true; + bool sessionToken = true; + bool basic = true; + + void fromJson(const nlohmann::json& j) + { + for (const auto& element : j.items()) + { + const bool* value = element.value().get_ptr<const bool*>(); + if (value == nullptr) + { + continue; + } + + if (element.key() == "XToken") + { + xtoken = *value; + } + else if (element.key() == "Cookie") + { + cookie = *value; + } + else if (element.key() == "SessionToken") + { + sessionToken = *value; + } + else if (element.key() == "BasicAuth") + { + basic = *value; + } + } + } +}; + class Middleware; class SessionStore @@ -445,6 +482,17 @@ class SessionStore return ret; } + void updateAuthMethodsConfig(const AuthConfigMethods& config) + { + authMethodsConfig = config; + needWrite = true; + } + + AuthConfigMethods& getAuthMethodsConfig() + { + return authMethodsConfig; + } + bool needsWrite() { return needWrite; @@ -501,6 +549,7 @@ class SessionStore std::random_device rd; bool needWrite{false}; std::chrono::minutes timeoutInMinutes; + AuthConfigMethods authMethodsConfig; }; } // namespace persistent_data @@ -526,4 +575,16 @@ struct adl_serializer<std::shared_ptr<crow::persistent_data::UserSession>> } } }; + +template <> struct adl_serializer<crow::persistent_data::AuthConfigMethods> +{ + static void to_json(nlohmann::json& j, + const crow::persistent_data::AuthConfigMethods& c) + { + j = nlohmann::json{{"XToken", c.xtoken}, + {"Cookie", c.cookie}, + {"SessionToken", c.sessionToken}, + {"BasicAuth", c.basic}}; + } +}; } // namespace nlohmann diff --git a/include/token_authorization_middleware.hpp b/include/token_authorization_middleware.hpp index 0a440501e1..7e4e3bb22f 100644 --- a/include/token_authorization_middleware.hpp +++ b/include/token_authorization_middleware.hpp @@ -31,8 +31,15 @@ class Middleware return; } - req.session = performXtokenAuth(req); - if (req.session == nullptr) + const crow::persistent_data::AuthConfigMethods& authMethodsConfig = + crow::persistent_data::SessionStore::getInstance() + .getAuthMethodsConfig(); + + if (req.session == nullptr && authMethodsConfig.xtoken) + { + req.session = performXtokenAuth(req); + } + if (req.session == nullptr && authMethodsConfig.cookie) { req.session = performCookieAuth(req); } @@ -42,11 +49,13 @@ class Middleware if (!authHeader.empty()) { // Reject any kind of auth other than basic or token - if (boost::starts_with(authHeader, "Token ")) + if (boost::starts_with(authHeader, "Token ") && + authMethodsConfig.sessionToken) { req.session = performTokenAuth(authHeader); } - else if (boost::starts_with(authHeader, "Basic ")) + else if (boost::starts_with(authHeader, "Basic ") && + authMethodsConfig.basic) { req.session = performBasicAuth(authHeader); } |