summaryrefslogtreecommitdiff
path: root/src/token_authorization_middleware.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/token_authorization_middleware.cpp')
-rw-r--r--src/token_authorization_middleware.cpp49
1 files changed, 49 insertions, 0 deletions
diff --git a/src/token_authorization_middleware.cpp b/src/token_authorization_middleware.cpp
new file mode 100644
index 0000000000..61ac28debd
--- /dev/null
+++ b/src/token_authorization_middleware.cpp
@@ -0,0 +1,49 @@
+#include <unordered_map>
+
+#include <boost/algorithm/string/predicate.hpp>
+
+#include <token_authorization_middleware.hpp>
+
+namespace crow
+{
+ std::string TokenAuthorizationMiddleware::context::get_cookie(const std::string& key)
+ {
+ if (cookie_sessions.count(key))
+ return cookie_sessions[key];
+ return {};
+ }
+
+ void TokenAuthorizationMiddleware::context::set_cookie(const std::string& key, const std::string& value)
+ {
+ cookies_to_push_to_client.emplace(key, value);
+ }
+
+
+ void TokenAuthorizationMiddleware::before_handle(crow::request& req, response& res, context& ctx)
+ {
+ if (req.url == "/login"){
+ return;
+ }
+
+ // Check for an authorization header, reject if not present
+ if (req.headers.count("Authorization") != 1) {
+ res.code = 400;
+ res.end();
+ return;
+ }
+ std::string auth_header = req.get_header_value("Authorization");
+ // If the user is attempting any kind of auth other than token, reject
+ if (!boost::starts_with(auth_header, "Token ")) {
+ res.code = 400;
+ res.end();
+ }
+ }
+
+ void TokenAuthorizationMiddleware::after_handle(request& /*req*/, response& res, context& ctx)
+ {
+ for (auto& cookie : ctx.cookies_to_push_to_client) {
+ res.add_header("Set-Cookie", cookie.first + "=" + cookie.second);
+ }
+ }
+
+} \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.0) at 2024-09-29 03:21:31 +0300