|
PionNetworkLibrary
|
|
PionNetworkLibrary
|
#include <cookie_auth.hpp>
Public Member Functions | |
| cookie_auth (user_manager_ptr userManager, const std::string &login="/login", const std::string &logout="/logout", const std::string &redirect="") | |
| virtual | ~cookie_auth () |
| virtual destructor More... | |
| virtual bool | handle_request (const http::request_ptr &http_request_ptr, const tcp::connection_ptr &tcp_conn) |
| virtual void | set_option (const std::string &name, const std::string &value) |
 Public Member Functions inherited from pion::http::auth | |
| auth (user_manager_ptr userManager) | |
| default constructor More... | |
| virtual | ~auth () |
| virtual destructor More... | |
| void | add_restrict (const std::string &resource) |
| void | add_permit (const std::string &resource) |
| virtual bool | add_user (std::string const &username, std::string const &password) |
| virtual bool | update_user (std::string const &username, std::string const &password) |
| virtual bool | remove_user (std::string const &username) |
| virtual user_ptr | get_user (std::string const &username) |
Protected Member Functions | |
| bool | process_login (const http::request_ptr &http_request_ptr, const tcp::connection_ptr &tcp_conn) |
| void | handle_unauthorized (const http::request_ptr &http_request_ptr, const tcp::connection_ptr &tcp_conn) |
| void | handle_redirection (const http::request_ptr &http_request_ptr, const tcp::connection_ptr &tcp_conn, const std::string &redirection_url, const std::string &new_cookie="", bool delete_cookie=false) |
| void | handle_ok (const http::request_ptr &http_request_ptr, const tcp::connection_ptr &tcp_conn, const std::string &new_cookie="", bool delete_cookie=false) |
| void | expire_cache (const boost::posix_time::ptime &time_now) |
| Protected Member Functions inherited from pion::http::auth | |
| bool | need_authentication (http::request_ptr const &http_request_ptr) const |
| bool | find_resource (const resource_set_type &resource_set, const std::string &resource) const |
| void | set_logger (logger log_ptr) |
| sets the logger to be used More... | |
Additional Inherited Members | |
| Protected Types inherited from pion::http::auth | |
| typedef std::set< std::string > | resource_set_type |
| data type for a set of resources to be authenticated More... | |
| typedef std::map< std::string, std::pair < boost::posix_time::ptime, user_ptr > > | user_cache_type |
| data type used to map authentication credentials to user objects More... | |
| Protected Attributes inherited from pion::http::auth | |
| logger | m_logger |
| primary logging interface used by this class More... | |
| user_manager_ptr | m_user_manager |
| container used to manager user objects More... | |
| resource_set_type | m_restrict_list |
| collection of resources that require authentication More... | |
| resource_set_type | m_white_list |
| collection of resources that do NOT require authentication More... | |
| boost::mutex | m_resource_mutex |
| mutex used to protect access to the resources More... | |
cookie_auth: handles HTTP authentication and session management in accordance with RFC 2617 (http://tools.ietf.org/html/rfc2617 ) using cookies.
| pion::http::cookie_auth::cookie_auth | ( | user_manager_ptr | userManager, |
| const std::string & | login = "/login", |
||
| const std::string & | logout = "/logout", |
||
| const std::string & | redirect = "" |
||
| ) |
default constructor
| userManager | |
| login | - URL resource for login request. Typical login request has format: http://website/login?user="username"&pass="password"&url="redirection_url" |
| logout | - URL resource for logout request. Typical logout request has format: http://website/logout?url="redirection_url" |
| redirect | - if not empty, URL for redirection in case of authentication failure if empty - send code 401 on authentication failure |
References PION_GET_LOGGER, and pion::http::auth::set_logger().
|
inlinevirtual |
virtual destructor
|
protected |
Cache expiration cleanup. (Call it periodically)
Referenced by handle_request().
|
protected |
used to send OK responses with new cookie
| http_request_ptr | the new HTTP request to handle |
| tcp_conn | the TCP connection that has the new request |
References pion::http::response_writer::create(), pion::tcp::connection::finish(), pion::http::types::RESPONSE_CODE_NO_CONTENT, and pion::http::types::RESPONSE_MESSAGE_NO_CONTENT.
Referenced by process_login().
|
protected |
used to send redirection responses
| http_request_ptr | the new HTTP request to handle |
| tcp_conn | the TCP connection that has the new request |
References pion::http::response_writer::create(), pion::tcp::connection::finish(), pion::http::types::HEADER_LOCATION, pion::http::types::RESPONSE_CODE_FOUND, and pion::http::types::RESPONSE_MESSAGE_FOUND.
Referenced by handle_unauthorized(), and process_login().
|
virtual |
attempts to validate authentication of a new HTTP request. If request valid, pointer to user identity object (if any) will be preserved in the request and return "true". If request not authenticated, appropriate response is sent over tcp_conn and return "false";
Note: if request matches "login" resource, then login sequences attempted. If "name" and "pass" attributes match user definition, a random cookie is created and associated with given user session. If request contains "url" attribute, then page redirection response returned. Otherwise - empty 204 response.
| http_request_ptr | the new HTTP request to handle |
| tcp_conn | the TCP connection that has the new request |
Implements pion::http::auth.
References expire_cache(), handle_unauthorized(), pion::http::auth::need_authentication(), and process_login().
|
protected |
used to send responses when access to resource is not authorized
| http_request_ptr | the new HTTP request to handle |
| tcp_conn | the TCP connection that has the new request |
References pion::http::response_writer::create(), pion::tcp::connection::finish(), handle_redirection(), pion::http::types::RESPONSE_CODE_UNAUTHORIZED, and pion::http::types::RESPONSE_MESSAGE_UNAUTHORIZED.
Referenced by handle_request(), and process_login().
|
protected |
check if given request is a login/logout and process it
| http_request_ptr | the new HTTP request to handle |
| tcp_conn | the TCP connection that has the new request |
References pion::algorithm::base64_encode(), handle_ok(), handle_redirection(), handle_unauthorized(), pion::http::auth::m_user_manager, and pion::http::server::strip_trailing_slash().
Referenced by handle_request().
|
virtual |
sets a configuration option Valid options:
| name | the name of the option to change |
| value | the value of the option |
Reimplemented from pion::http::auth.
1.8.6 
