pion-net  4.0.9
Public Member Functions | Protected Member Functions | List of all members
pion::net::HTTPCookieAuth Class Reference

#include <HTTPCookieAuth.hpp>

Inherits pion::net::HTTPAuth.

Public Member Functions

 HTTPCookieAuth (PionUserManagerPtr userManager, const std::string &login="/login", const std::string &logout="/logout", const std::string &redirect="")
virtual ~HTTPCookieAuth ()
 virtual destructor
virtual bool handleRequest (HTTPRequestPtr &request, TCPConnectionPtr &tcp_conn)
virtual void setOption (const std::string &name, const std::string &value)
- Public Member Functions inherited from pion::net::HTTPAuth
 HTTPAuth (PionUserManagerPtr userManager)
 default constructor
virtual ~HTTPAuth ()
 virtual destructor
void addRestrict (const std::string &resource)
void addPermit (const std::string &resource)
virtual bool addUser (std::string const &username, std::string const &password)
virtual bool updateUser (std::string const &username, std::string const &password)
virtual bool removeUser (std::string const &username)
virtual PionUserPtr getUser (std::string const &username)

Protected Member Functions

bool processLogin (HTTPRequestPtr &http_request, TCPConnectionPtr &tcp_conn)
void handleUnauthorized (HTTPRequestPtr &http_request, TCPConnectionPtr &tcp_conn)
void handleRedirection (HTTPRequestPtr &http_request, TCPConnectionPtr &tcp_conn, const std::string &redirection_url, const std::string &new_cookie="", bool delete_cookie=false)
void handleOk (HTTPRequestPtr &http_request, TCPConnectionPtr &tcp_conn, const std::string &new_cookie="", bool delete_cookie=false)
void expireCache (const PionDateTime &time_now)
- Protected Member Functions inherited from pion::net::HTTPAuth
bool needAuthentication (HTTPRequestPtr const &http_request) const
bool findResource (const AuthResourceSet &resource_set, const std::string &resource) const
void setLogger (PionLogger log_ptr)
 sets the logger to be used

Additional Inherited Members

- Protected Types inherited from pion::net::HTTPAuth
typedef std::set< std::string > AuthResourceSet
 data type for a set of resources to be authenticated
- Protected Attributes inherited from pion::net::HTTPAuth
PionLogger m_logger
 primary logging interface used by this class
PionUserManagerPtr m_user_manager
 container used to manager user objects
AuthResourceSet m_restrict_list
 collection of resources that require authentication
AuthResourceSet m_white_list
 collection of resources that do NOT require authentication
boost::mutex m_resource_mutex
 mutex used to protect access to the resources

Detailed Description

HTTPCookieAuth: handles HTTP authentication and session management in accordance with RFC 2617 (http://tools.ietf.org/html/rfc2617 ) using cookies.

Definition at line 28 of file HTTPCookieAuth.hpp.

Constructor & Destructor Documentation

pion::net::HTTPCookieAuth::HTTPCookieAuth ( PionUserManagerPtr  userManager,
const std::string &  login = "/login",
const std::string &  logout = "/logout",
const std::string &  redirect = "" 
)

default constructor

Parameters
userManager
login- URL resource for login request. Typical login request has format: http://website/login?user="username"&pass="password"&url="redirection_url"
logout- URL resource for logout request. Typical logout request has format: http://website/logout?url="redirection_url"
redirect- if not empty, URL for redirection in case of authentication failure if empty - send code 401 on authentication failure

Definition at line 31 of file HTTPCookieAuth.cpp.

References pion::net::HTTPAuth::setLogger().

Member Function Documentation

void pion::net::HTTPCookieAuth::expireCache ( const PionDateTime time_now)
protected

Cache expiration cleanup. (Call it periodically)

Definition at line 261 of file HTTPCookieAuth.cpp.

Referenced by handleRequest().

void pion::net::HTTPCookieAuth::handleOk ( HTTPRequestPtr &  http_request,
TCPConnectionPtr &  tcp_conn,
const std::string &  new_cookie = "",
bool  delete_cookie = false 
)
protected

used to send OK responses with new cookie

Parameters
http_requestthe new HTTP request to handle
tcp_connthe TCP connection that has the new request

Definition at line 237 of file HTTPCookieAuth.cpp.

References pion::net::HTTPResponseWriter::create(), and pion::net::TCPConnection::finish().

Referenced by processLogin().

void pion::net::HTTPCookieAuth::handleRedirection ( HTTPRequestPtr &  http_request,
TCPConnectionPtr &  tcp_conn,
const std::string &  redirection_url,
const std::string &  new_cookie = "",
bool  delete_cookie = false 
)
protected

used to send redirection responses

Parameters
http_requestthe new HTTP request to handle
tcp_connthe TCP connection that has the new request

Definition at line 199 of file HTTPCookieAuth.cpp.

References pion::net::HTTPResponseWriter::create(), and pion::net::TCPConnection::finish().

Referenced by handleUnauthorized(), and processLogin().

bool pion::net::HTTPCookieAuth::handleRequest ( HTTPRequestPtr &  request,
TCPConnectionPtr &  tcp_conn 
)
virtual

attempts to validate authentication of a new HTTP request. If request valid, pointer to user identity object (if any) will be preserved in the request and return "true". If request not authenticated, appropriate response is sent over tcp_conn and return "false";

Note: if request matches "login" resource, then login sequences attempted. If "name" and "pass" attributes match user definition, a random cookie is created and associated with given user session. If request contains "url" attribute, then page redirection response returned. Otherwise - empty 204 response.

Parameters
requestthe new HTTP request to handle
tcp_connthe TCP connection that has the new request
Returns
true if request valid and user identity inserted into request

Implements pion::net::HTTPAuth.

Definition at line 53 of file HTTPCookieAuth.cpp.

References expireCache(), handleUnauthorized(), pion::net::HTTPAuth::needAuthentication(), and processLogin().

void pion::net::HTTPCookieAuth::handleUnauthorized ( HTTPRequestPtr &  http_request,
TCPConnectionPtr &  tcp_conn 
)
protected

used to send responses when access to resource is not authorized

Parameters
http_requestthe new HTTP request to handle
tcp_connthe TCP connection that has the new request

Definition at line 171 of file HTTPCookieAuth.cpp.

References pion::net::HTTPResponseWriter::create(), pion::net::TCPConnection::finish(), and handleRedirection().

Referenced by handleRequest(), and processLogin().

bool pion::net::HTTPCookieAuth::processLogin ( HTTPRequestPtr &  http_request,
TCPConnectionPtr &  tcp_conn 
)
protected

check if given request is a login/logout and process it

Parameters
http_requestthe new HTTP request to handle
tcp_connthe TCP connection that has the new request
Returns
true if it was a login/logout request and no future processing required.

Definition at line 105 of file HTTPCookieAuth.cpp.

References pion::algo::base64_encode(), handleOk(), handleRedirection(), handleUnauthorized(), pion::net::HTTPAuth::m_user_manager, pion::net::HTTPServer::stripTrailingSlash(), and pion::algo::url_decode().

Referenced by handleRequest().

void pion::net::HTTPCookieAuth::setOption ( const std::string &  name,
const std::string &  value 
)
virtual

sets a configuration option Valid options:

  • "login" - URL resource for login request. Typical login request has format: http://website/login?user="username"&pass="password"&url="redirection_url"
  • "logout" - URL resource for logout request. Typical logout request has format: http://website/logout?url="redirection_url"
  • "redirect" - if not empty, URL for redirection in case of authentication failure if empty - send code 401 on authentication failure
Parameters
namethe name of the option to change
valuethe value of the option

Reimplemented from pion::net::HTTPAuth.

Definition at line 93 of file HTTPCookieAuth.cpp.


The documentation for this class was generated from the following files: