pion  5.0.6
Public Member Functions | Protected Member Functions | Static Protected Member Functions | List of all members
pion::http::basic_auth Class Reference

#include <basic_auth.hpp>

Inherits pion::http::auth.

Public Member Functions

 basic_auth (user_manager_ptr userManager, const std::string &realm="PION")
 default constructor
 
virtual ~basic_auth ()
 virtual destructor
 
virtual bool handle_request (const http::request_ptr &http_request_ptr, const tcp::connection_ptr &tcp_conn)
 
virtual void set_option (const std::string &name, const std::string &value)
 
- Public Member Functions inherited from pion::http::auth
 auth (user_manager_ptr userManager)
 default constructor
 
virtual ~auth ()
 virtual destructor
 
void add_restrict (const std::string &resource)
 
void add_permit (const std::string &resource)
 
virtual bool add_user (std::string const &username, std::string const &password)
 
virtual bool update_user (std::string const &username, std::string const &password)
 
virtual bool remove_user (std::string const &username)
 
virtual user_ptr get_user (std::string const &username)
 

Protected Member Functions

void handle_unauthorized (const http::request_ptr &http_request_ptr, const tcp::connection_ptr &tcp_conn)
 
- Protected Member Functions inherited from pion::http::auth
bool need_authentication (http::request_ptr const &http_request_ptr) const
 
bool find_resource (const resource_set_type &resource_set, const std::string &resource) const
 
void set_logger (logger log_ptr)
 sets the logger to be used
 

Static Protected Member Functions

static bool parse_authorization (std::string const &authorization, std::string &credentials)
 
static bool parse_credentials (std::string const &credentials, std::string &username, std::string &password)
 

Additional Inherited Members

- Protected Types inherited from pion::http::auth
typedef std::set< std::string > resource_set_type
 data type for a set of resources to be authenticated
 
typedef std::map< std::string, std::pair< boost::posix_time::ptime, user_ptr > > user_cache_type
 data type used to map authentication credentials to user objects
 
- Protected Attributes inherited from pion::http::auth
logger m_logger
 primary logging interface used by this class
 
user_manager_ptr m_user_manager
 container used to manager user objects
 
resource_set_type m_restrict_list
 collection of resources that require authentication
 
resource_set_type m_white_list
 collection of resources that do NOT require authentication
 
boost::mutex m_resource_mutex
 mutex used to protect access to the resources
 

Detailed Description

basic_auth: a base class for handling HTTP Authentication and session management in accordance with RFC 2617 http://tools.ietf.org/html/rfc2617

Definition at line 26 of file basic_auth.hpp.

Member Function Documentation

◆ handle_request()

bool pion::http::basic_auth::handle_request ( const http::request_ptr &  http_request_ptr,
const tcp::connection_ptr &  tcp_conn 
)
virtual

attempts to validate authentication of a new HTTP request. If request valid, pointer to user identity object (if any) will be preserved in the request and return "true". If request not authenticated, appropriate response is sent over tcp_conn and return "false";

Parameters
http_request_ptrthe new HTTP request to handle
tcp_connthe TCP connection that has the new request
Returns
true if request valid and user identity inserted into request

Implements pion::http::auth.

Definition at line 35 of file http_basic_auth.cpp.

References handle_unauthorized(), pion::http::auth::m_user_manager, pion::http::auth::need_authentication(), parse_authorization(), and parse_credentials().

◆ handle_unauthorized()

void pion::http::basic_auth::handle_unauthorized ( const http::request_ptr &  http_request_ptr,
const tcp::connection_ptr &  tcp_conn 
)
protected

used to send responses when access to resource is not authorized

Parameters
http_request_ptrthe new HTTP request to handle
tcp_connthe TCP connection that has the new request

Definition at line 133 of file http_basic_auth.cpp.

References pion::http::response_writer::create(), and pion::tcp::connection::finish().

Referenced by handle_request().

◆ parse_authorization()

bool pion::http::basic_auth::parse_authorization ( std::string const &  authorization,
std::string &  credentials 
)
staticprotected

extracts base64 user credentials from authorization string

Parameters
authorizationvalue of the HEADER_AUTHORIZATION

Definition at line 104 of file http_basic_auth.cpp.

Referenced by handle_request().

◆ parse_credentials()

bool pion::http::basic_auth::parse_credentials ( std::string const &  credentials,
std::string &  username,
std::string &  password 
)
staticprotected

parse base64 credentials and extract username/password

Definition at line 114 of file http_basic_auth.cpp.

References pion::algorithm::base64_decode().

Referenced by handle_request().

◆ set_option()

void pion::http::basic_auth::set_option ( const std::string &  name,
const std::string &  value 
)
virtual

sets a configuration option Valid options:

  • "domain" - name of authentication domain
Parameters
namethe name of the option to change
valuethe value of the option

Reimplemented from pion::http::auth.

Definition at line 96 of file http_basic_auth.cpp.


The documentation for this class was generated from the following files: