OdbDesignLib
OdbDesign ODB++ Parsing Library
 
Loading...
Searching...
No Matches
BasicRequestAuthentication.cpp
1#include "BasicRequestAuthentication.h"
2#include <string>
3#include <cstdlib>
4#include "RequestAuthenticationBase.h"
5
6namespace Odb::Lib::App
7{
8 BasicRequestAuthentication::BasicRequestAuthentication(bool disableAuthentication)
9 : RequestAuthenticationBase(disableAuthentication)
10 {
11 }
12
13 crow::response BasicRequestAuthentication::AuthenticateRequest(const crow::request& req)
14 {
15 auto resp = RequestAuthenticationBase::AuthenticateRequest(req);
16 if (resp.code != crow::status::OK)
17 {
18 const auto& authHeader = req.get_header_value(AUTHORIZATION_HEADER_NAME);
19 if (authHeader.empty()) return crow::response(crow::status::UNAUTHORIZED, "Unauthorized");
20
21 auto authValue = authHeader.substr(6);
22 if (authValue.empty()) return crow::response(crow::status::UNAUTHORIZED, "Unauthorized");
23
24 auto authValueDecoded = crow::utility::base64decode(authValue, authValue.size());
25 if (authValueDecoded.empty()) return crow::response(crow::status::UNAUTHORIZED, "Unauthorized");
26
27 auto seperatorPos = authValueDecoded.find(':');
28 if (seperatorPos == std::string::npos) return crow::response(crow::status::UNAUTHORIZED, "Unauthorized");
29
30 auto username = authValueDecoded.substr(0, seperatorPos);
31 auto password = authValueDecoded.substr(seperatorPos + 1);
32
33 resp = VerifyCredentials(username, password);
34 }
35 return resp;
36 }
37
38 crow::response BasicRequestAuthentication::VerifyCredentials(const std::string& username, const std::string& password)
39 {
40 // 500 - Internal Server Error
41 auto szValidUsername = std::getenv(USERNAME_ENV_NAME);
42 std::string validUsername;
43 if (szValidUsername != nullptr)
44 {
45 validUsername = szValidUsername;
46 }
47
48 if (validUsername.empty()) //return crow::response(500, "Failed retrieving credentials");
49 {
50 // default username if none supplied in environment
51 validUsername = "odb";
52 }
53
54 auto szValidPassword = std::getenv(PASSWORD_ENV_NAME);
55 std::string validPassword;
56 if (szValidPassword != nullptr)
57 {
58 validPassword = szValidPassword;
59 }
60
61 if (validPassword.empty()) //return crow::response(500, "Failed retrieving credentials");
62 {
63 // default password if none supplied in environment
64 validPassword = "plusplus";
65 }
66
67 // 403 - Forbidden
68 if (username != validUsername ||
69 password != validPassword)
70 {
71 return crow::response(crow::status::FORBIDDEN, "Invalid username or password");
72 }
73
74 // 200 Authorized!
75 return crow::response(crow::status::OK, "Authorized");
76 }
77}