diff options
| author | Roland Reichwein <mail@reichwein.it> | 2020-05-29 12:24:07 +0200 |
|---|---|---|
| committer | Roland Reichwein <mail@reichwein.it> | 2020-05-29 12:24:07 +0200 |
| commit | eff5a1ee1cd8a681f436945a48bbda46be416d9c (patch) | |
| tree | 7e50ff92f8d388b8a42ba887cdd9f7bde85506fd | |
| parent | e0451ef59a69eda29efa6bc22294b2bcf8b8b600 (diff) | |
Authentication for webbox
| -rw-r--r-- | TODO | 1 | ||||
| -rw-r--r-- | plugins/webbox/html/webbox.js | 1 | ||||
| -rw-r--r-- | plugins/webbox/webbox.cpp | 9 | ||||
| -rw-r--r-- | response.cpp | 1 |
4 files changed, 10 insertions, 2 deletions
@@ -1,3 +1,4 @@ +webbox: check symbol git via smart http / cgi git via web interface php diff --git a/plugins/webbox/html/webbox.js b/plugins/webbox/html/webbox.js index 54adeaf..cad32b1 100644 --- a/plugins/webbox/html/webbox.js +++ b/plugins/webbox/html/webbox.js @@ -320,7 +320,6 @@ function initMainpage() { return; } if (this.status == 401) { // login error: goto login page - var authheader = this.getResponseHeader("WWW-Authenticate"); var title = "Webbox Login"; // enable logout function if logging in diff --git a/plugins/webbox/webbox.cpp b/plugins/webbox/webbox.cpp index de8df85..37ddde2 100644 --- a/plugins/webbox/webbox.cpp +++ b/plugins/webbox/webbox.cpp @@ -40,6 +40,7 @@ namespace { std::unordered_map<std::string, std::string> status_map { { "301", "Moved Permanently" }, { "400", "Bad Request"}, + { "401", "Unauthorized"}, { "403", "Forbidden" }, { "404", "Not Found" }, { "500", "Internal Server Error" } @@ -176,6 +177,11 @@ public: // call interface std::string execute(CommandParameters& p) { + // Authentication + if (m_needsAuthentication && p.m_GetRequestParam("is_authenticated") == "0") { + return HttpStatus("401", "Not authorized", p); + } + // check if this webbox is writable and enforce this if (p.webboxReadOnly && m_isWriteCommand) { return HttpStatus("400", "Webbox is Read-Only", p); @@ -205,7 +211,7 @@ protected: std::string m_commandName; std::string m_requestMethod; bool m_isWriteCommand; // if true, command must be prevented if p.webboxReadOnly - + bool m_needsAuthentication{true}; }; class GetCommand: public Command @@ -841,6 +847,7 @@ public: { m_commandName = "static-html"; m_isWriteCommand = false; + m_needsAuthentication = false; } protected: diff --git a/response.cpp b/response.cpp index 9ee1977..4e66dd3 100644 --- a/response.cpp +++ b/response.cpp @@ -225,6 +225,7 @@ std::unordered_map<std::string, std::function<void(const std::string&, response_ { "server", [](const std::string& value, response_type& res){res.set(http::field::server, value);} }, // Server name/version string { "set_cookie", [](const std::string& value, response_type& res){res.set(http::field::set_cookie, value);} }, { "status", [](const std::string& value, response_type& res){res.result(unsigned(stoul(value)));} }, // HTTP Status, e.g. "200" (OK) + { "www_authenticate", [](const std::string& value, response_type& res){res.set(http::field::www_authenticate, value);} }, }; void SetResponseHeader(const std::string& key, const std::string& value, response_type& res) |