pion  5.0.6
Public Member Functions | Protected Types | Protected Member Functions | Protected Attributes | List of all members
pion::http::auth Class Referenceabstract

#include <auth.hpp>

Inherits noncopyable.

Inherited by pion::http::basic_auth, and pion::http::cookie_auth.

Public Member Functions

 auth (user_manager_ptr userManager)
 default constructor
 
virtual ~auth ()
 virtual destructor
 
virtual bool handle_request (const http::request_ptr &http_request_ptr, const tcp::connection_ptr &tcp_conn)=0
 
virtual void set_option (const std::string &name, const std::string &value)
 
void add_restrict (const std::string &resource)
 
void add_permit (const std::string &resource)
 
virtual bool add_user (std::string const &username, std::string const &password)
 
virtual bool update_user (std::string const &username, std::string const &password)
 
virtual bool remove_user (std::string const &username)
 
virtual user_ptr get_user (std::string const &username)
 

Protected Types

typedef std::set< std::string > resource_set_type
 data type for a set of resources to be authenticated
 
typedef std::map< std::string, std::pair< boost::posix_time::ptime, user_ptr > > user_cache_type
 data type used to map authentication credentials to user objects
 

Protected Member Functions

bool need_authentication (http::request_ptr const &http_request_ptr) const
 
bool find_resource (const resource_set_type &resource_set, const std::string &resource) const
 
void set_logger (logger log_ptr)
 sets the logger to be used
 

Protected Attributes

logger m_logger
 primary logging interface used by this class
 
user_manager_ptr m_user_manager
 container used to manager user objects
 
resource_set_type m_restrict_list
 collection of resources that require authentication
 
resource_set_type m_white_list
 collection of resources that do NOT require authentication
 
boost::mutex m_resource_mutex
 mutex used to protect access to the resources
 

Detailed Description

auth: a base class for handling HTTP Authentication and session management

Definition at line 34 of file auth.hpp.

Member Function Documentation

◆ add_permit()

void pion::http::auth::add_permit ( const std::string &  resource)

adds a resource that does NOT require authentication

Parameters
resourcethe resource name or uri-stem that does not require authentication

Definition at line 29 of file http_auth.cpp.

References m_logger, m_resource_mutex, m_white_list, and pion::http::server::strip_trailing_slash().

◆ add_restrict()

void pion::http::auth::add_restrict ( const std::string &  resource)

adds a resource that requires authentication

Parameters
resourcethe resource name or uri-stem that requires authentication

Definition at line 21 of file http_auth.cpp.

References m_logger, m_resource_mutex, m_restrict_list, and pion::http::server::strip_trailing_slash().

◆ add_user()

virtual bool pion::http::auth::add_user ( std::string const &  username,
std::string const &  password 
)
inlinevirtual

used to add a new user

@ return false if user with such name already exists

Definition at line 91 of file auth.hpp.

◆ find_resource()

bool pion::http::auth::find_resource ( const resource_set_type resource_set,
const std::string &  resource 
) const
protected

tries to find a resource in a given collection

Parameters
resource_setthe collection of resource to look in
resourcethe resource to look for
Returns
true if the resource was found

Definition at line 65 of file http_auth.cpp.

Referenced by need_authentication().

◆ get_user()

virtual user_ptr pion::http::auth::get_user ( std::string const &  username)
inlinevirtual

Used to locate user object by username

Definition at line 116 of file auth.hpp.

◆ handle_request()

virtual bool pion::http::auth::handle_request ( const http::request_ptr &  http_request_ptr,
const tcp::connection_ptr &  tcp_conn 
)
pure virtual

attempts to validate authentication of a new HTTP request. If request valid, pointer to user identity object (if any) will be preserved in the request and return "true". If request not authenticated, appropriate response is sent over tcp_conn and return "false";

Parameters
http_request_ptrthe new HTTP request to handle
tcp_connthe TCP connection that has the new request
Returns
true if request valid and user identity inserted into request

Implemented in pion::http::cookie_auth, and pion::http::basic_auth.

◆ need_authentication()

bool pion::http::auth::need_authentication ( http::request_ptr const &  http_request_ptr) const
protected

check if given HTTP request requires authentication

Parameters
http_request_ptrthe HTTP request to check

Definition at line 37 of file http_auth.cpp.

References find_resource(), m_resource_mutex, m_restrict_list, m_user_manager, m_white_list, and pion::http::server::strip_trailing_slash().

Referenced by pion::http::basic_auth::handle_request(), and pion::http::cookie_auth::handle_request().

◆ remove_user()

virtual bool pion::http::auth::remove_user ( std::string const &  username)
inlinevirtual

used to remove given user

Returns
false if no user with such username

Definition at line 109 of file auth.hpp.

◆ set_option()

virtual void pion::http::auth::set_option ( const std::string &  name,
const std::string &  value 
)
inlinevirtual

sets a configuration option

Parameters
namethe name of the option to change
valuethe value of the option

Reimplemented in pion::http::cookie_auth, and pion::http::basic_auth.

Definition at line 68 of file auth.hpp.

◆ update_user()

virtual bool pion::http::auth::update_user ( std::string const &  username,
std::string const &  password 
)
inlinevirtual

update password for given user

Returns
false if user with such a name doesn't exist

Definition at line 100 of file auth.hpp.


The documentation for this class was generated from the following files: