1#include "BasicRequestAuthentication.h"
4#include "RequestAuthenticationBase.h"
8 BasicRequestAuthentication::BasicRequestAuthentication(
bool disableAuthentication)
9 : RequestAuthenticationBase(disableAuthentication)
13 crow::response BasicRequestAuthentication::AuthenticateRequest(
const crow::request& req)
15 auto resp = RequestAuthenticationBase::AuthenticateRequest(req);
16 if (resp.code != crow::status::OK)
18 const auto& authHeader = req.get_header_value(AUTHORIZATION_HEADER_NAME);
19 if (authHeader.empty())
return crow::response(crow::status::UNAUTHORIZED,
"Unauthorized");
21 auto authValue = authHeader.substr(6);
22 if (authValue.empty())
return crow::response(crow::status::UNAUTHORIZED,
"Unauthorized");
24 auto authValueDecoded = crow::utility::base64decode(authValue, authValue.size());
25 if (authValueDecoded.empty())
return crow::response(crow::status::UNAUTHORIZED,
"Unauthorized");
27 auto seperatorPos = authValueDecoded.find(
':');
28 if (seperatorPos == std::string::npos)
return crow::response(crow::status::UNAUTHORIZED,
"Unauthorized");
30 auto username = authValueDecoded.substr(0, seperatorPos);
31 auto password = authValueDecoded.substr(seperatorPos + 1);
33 resp = VerifyCredentials(username, password);
38 crow::response BasicRequestAuthentication::VerifyCredentials(
const std::string& username,
const std::string& password)
41 auto szValidUsername = std::getenv(USERNAME_ENV_NAME);
42 std::string validUsername;
43 if (szValidUsername !=
nullptr)
45 validUsername = szValidUsername;
48 if (validUsername.empty())
51 validUsername =
"odb";
54 auto szValidPassword = std::getenv(PASSWORD_ENV_NAME);
55 std::string validPassword;
56 if (szValidPassword !=
nullptr)
58 validPassword = szValidPassword;
61 if (validPassword.empty())
64 validPassword =
"plusplus";
68 if (username != validUsername ||
69 password != validPassword)
71 return crow::response(crow::status::FORBIDDEN,
"Invalid username or password");
75 return crow::response(crow::status::OK,
"Authorized");