summaryrefslogtreecommitdiffhomepage
path: root/plugins/webbox/webbox.cpp
diff options
context:
space:
mode:
authorRoland Reichwein <mail@reichwein.it>2020-05-29 12:24:07 +0200
committerRoland Reichwein <mail@reichwein.it>2020-05-29 12:24:07 +0200
commiteff5a1ee1cd8a681f436945a48bbda46be416d9c (patch)
tree7e50ff92f8d388b8a42ba887cdd9f7bde85506fd /plugins/webbox/webbox.cpp
parente0451ef59a69eda29efa6bc22294b2bcf8b8b600 (diff)
Authentication for webbox
Diffstat (limited to 'plugins/webbox/webbox.cpp')
-rw-r--r--plugins/webbox/webbox.cpp9
1 files changed, 8 insertions, 1 deletions
diff --git a/plugins/webbox/webbox.cpp b/plugins/webbox/webbox.cpp
index de8df85..37ddde2 100644
--- a/plugins/webbox/webbox.cpp
+++ b/plugins/webbox/webbox.cpp
@@ -40,6 +40,7 @@ namespace {
std::unordered_map<std::string, std::string> status_map {
{ "301", "Moved Permanently" },
{ "400", "Bad Request"},
+ { "401", "Unauthorized"},
{ "403", "Forbidden" },
{ "404", "Not Found" },
{ "500", "Internal Server Error" }
@@ -176,6 +177,11 @@ public:
// call interface
std::string execute(CommandParameters& p)
{
+ // Authentication
+ if (m_needsAuthentication && p.m_GetRequestParam("is_authenticated") == "0") {
+ return HttpStatus("401", "Not authorized", p);
+ }
+
// check if this webbox is writable and enforce this
if (p.webboxReadOnly && m_isWriteCommand) {
return HttpStatus("400", "Webbox is Read-Only", p);
@@ -205,7 +211,7 @@ protected:
std::string m_commandName;
std::string m_requestMethod;
bool m_isWriteCommand; // if true, command must be prevented if p.webboxReadOnly
-
+ bool m_needsAuthentication{true};
};
class GetCommand: public Command
@@ -841,6 +847,7 @@ public:
{
m_commandName = "static-html";
m_isWriteCommand = false;
+ m_needsAuthentication = false;
}
protected: