5 #include "authenticationrealm.h"
6 #include "credentialhttp_p.h"
7 #include "credentialpassword.h"
9 #include <Cutelyst/Context>
10 #include <Cutelyst/Response>
12 #include <QLoggingCategory>
17 Q_LOGGING_CATEGORY(C_CREDENTIALHTTP,
"cutelyst.plugin.credentialhttp", QtWarningMsg)
21 , d_ptr(new CredentialHttpPrivate)
39 d->authorizationRequiredMessage = message;
45 return d->passwordField;
51 d->passwordField = fieldName;
57 return d->passwordType;
63 d->passwordType = type;
69 return d->passwordPreSalt;
81 return d->passwordPostSalt;
93 return d->usernameField;
99 d->usernameField = fieldName;
105 d->requireSsl = require;
115 if (d->requireSsl && !c->
request()->secure()) {
116 ret = d->authenticationFailed(c, realm, authinfo);
120 if (d->isAuthTypeBasic()) {
121 ret = d->authenticateBasic(c, realm, authinfo);
127 ret = d->authenticationFailed(c, realm, authinfo);
134 const QString password = passwordPreSalt + authinfo.
value(passwordField) + passwordPostSalt;
140 return storedPassword == password;
142 qCCritical(C_CREDENTIALHTTP) <<
"CredentialPassword is set to ignore password check";
155 qCDebug(C_CREDENTIALHTTP) <<
"Checking http basic authentication.";
158 if (userPass.user.isEmpty()) {
163 auth.
insert(usernameField, userPass.user);
166 auth.
insert(passwordField, userPass.password);
167 if (checkPassword(_user, auth)) {
170 qCDebug(C_CREDENTIALHTTP) <<
"Password didn't match";
173 qCDebug(C_CREDENTIALHTTP) <<
"Unable to locate a user matching user info provided in realm";
187 if (authorizationRequiredMessage.isEmpty()) {
188 res->
setBody(
"Authorization required."_qba);
190 res->
setBody(authorizationRequiredMessage);
194 if (isAuthTypeBasic()) {
195 createBasicAuthResponse(c, realm);
201 bool CredentialHttpPrivate::isAuthTypeBasic()
const
203 return type == CredentialHttp::Basic || type == CredentialHttp::Any;
209 joinAuthHeaderParts(
"Basic"_qba, buildAuthHeaderCommon(realm)));
234 #include "moc_credentialhttp.cpp"
Abstract class to validate authentication credentials like user name and password.
Combines user store and credential validation into a named realm.
virtual AuthenticationUser findUser(Context *c, const ParamsMultiMap &userinfo)
Container for user data retrieved from an AuthenticationStore.
QVariant value(const QString &key, const QVariant &defaultValue=QVariant()) const
QString name() const noexcept
Response * res() const noexcept
Response * response() const noexcept
Use HTTP basic authentication to authenticate a user.
QString usernameField() const
void setPasswordType(PasswordType type)
void setUsernameField(const QString &fieldName)
virtual ~CredentialHttp()
QString passwordPreSalt() const
QString passwordPostSalt() const
void setPasswordPreSalt(const QString &passwordPreSalt)
QString passwordField() const
PasswordType passwordType() const
void setType(CredentialHttp::AuthType type)
AuthenticationUser authenticate(Context *c, AuthenticationRealm *realm, const ParamsMultiMap &authinfo) final
void setPasswordField(const QString &fieldName)
void setPasswordPostSalt(const QString &passwordPostSalt)
void setRequireSsl(bool require)
void setAuthorizationRequiredMessage(const QString &message)
static bool validatePassword(const QByteArray &password, const QByteArray &correctHash)
Headers headers() const noexcept
void setContentType(const QByteArray &type)
void setStatus(quint16 status) noexcept
Headers & headers() noexcept
void setBody(QIODevice *body)
The Cutelyst namespace holds all public Cutelyst API.
QByteArray & append(QByteArrayView data)
QByteArray join(QByteArrayView separator) const const
void append(QList::parameter_type value)
bool isEmpty() const const
QMultiMap::iterator insert(QMultiMap::const_iterator pos, const Key &key, const T &value)
T value(const Key &key, const T &defaultValue) const const
bool isEmpty() const const
QByteArray toLatin1() const const
QByteArray toUtf8() const const
QString toString() const const