diff options
author | Roland Reichwein <mail@reichwein.it> | 2020-05-20 18:22:59 +0200 |
---|---|---|
committer | Roland Reichwein <mail@reichwein.it> | 2020-05-20 18:22:59 +0200 |
commit | 5408976a072ee79df77499e2dfbc69c4cfd5d266 (patch) | |
tree | 7edbf86f0f89b2eb6b12cb2d30d24e2f02fa402d /response.cpp | |
parent | b15c034bfb19a30e2e2d68f28bc4ce199a39069d (diff) |
Webbox: Fix auth popup on certain browsers
Diffstat (limited to 'response.cpp')
-rw-r--r-- | response.cpp | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/response.cpp b/response.cpp index a5fb8c3..67cb322 100644 --- a/response.cpp +++ b/response.cpp @@ -209,8 +209,7 @@ response_type HttpStatus(std::string status, std::string message, response_type& if (status != "200") { // already handled at res init res.result(unsigned(stoul(status))); res.set(http::field::content_type, "text/html"); - if (res.result_int() == 401) - res.set(http::field::www_authenticate, "Basic realm=\"Webbox Login\""); + res.body() = "<html><body><h1>"s + Server::VersionString + " Error</h1><p>"s + status + " "s + message + "</p></body></html>"s; res.prepare_payload(); } @@ -249,14 +248,14 @@ response_type generate_response(request_type& req, Server& server) if (auth.size() != 0) { std::string authorization{req[http::field::authorization]}; if (authorization.substr(0, 6) != "Basic "s) - return HttpStatusAndStats("401", "Bad Authorization Type", req_ctx, res); + return HttpStatusAndStats("400", "Bad Authorization Type", req_ctx, res); authorization = authorization.substr(6); authorization = decode64(authorization); size_t pos {authorization.find(':')}; if (pos == authorization.npos) - return HttpStatusAndStats("401", "Bad Authorization Encoding", req_ctx, res); + return HttpStatusAndStats("400", "Bad Authorization Encoding", req_ctx, res); std::string login{authorization.substr(0, pos)}; std::string password{authorization.substr(pos + 1)}; @@ -264,8 +263,15 @@ response_type generate_response(request_type& req, Server& server) auto it {auth.find(login)}; // it.second contains crypted/hash // password is plain text to validate against the hash - if (it == auth.end() || !Auth::validate(it->second, password)) + if (it == auth.end() || !Auth::validate(it->second, password)) { + + // For now, WWW-Authenticate: Basic realm="..." will only be generated for static-files. + // All other plugins are expected to present their own login pages + if (req_ctx.GetPluginName() == "static-files") + res.set(http::field::www_authenticate, "Basic realm=\"Webbox Login\""); + return HttpStatusAndStats("401", "Bad Authorization", req_ctx, res); + } } plugin_type plugin{req_ctx.GetPlugin()}; |