Digital_Voice_Modem_Project
/
dvmhost
mirror of https://github.com/DVMProject/dvmhost.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

refactor how some of the REST API auth is handled;

Browse Source
pull/23/head
Bryan Biedenkapp 3 years ago
parent 059d39e7d1
commit 439c962a30
2 changed files with 24 additions and 17 deletions
Show Stats Download Patch File Download Diff File

27
src/network/RESTAPI.cpp
Unescape View File

@ -332,18 +332,25 @@ void RESTAPI::invalidateHostToken(const std::string host)
/// <param name="request"></param> /// <param name="request"></param>
bool RESTAPI::validateAuth(const HTTPPayload& request, HTTPPayload& reply) bool RESTAPI::validateAuth(const HTTPPayload& request, HTTPPayload& reply)
{ {
std::string host = request.headers.find("Host"); std::string host = request.headers.find("RemoteHost");
std::string headerToken = request.headers.find("X-DVM-Auth-Token"); std::string headerToken = request.headers.find("X-DVM-Auth-Token");
#if DEBUG_HTTP_PAYLOAD
::LogDebug(LOG_REST, "RESTAPI::validateAuth() token, host = %s, token = %s", host.c_str(), headerToken.c_str());
#endif
if (headerToken == "") { if (headerToken == "") {
errorPayload(reply, "invalid authentication token", HTTPPayload::UNAUTHORIZED); errorPayload(reply, "no authentication token", HTTPPayload::UNAUTHORIZED);
return false; return false;
} }
auto token = std::find_if(m_authTokens.begin(), m_authTokens.end(), [&](const AuthTokenValueType& tok) { return tok.first == host; }); for (auto& token : m_authTokens) {
if (token != m_authTokens.end()) { #if DEBUG_HTTP_PAYLOAD
uint32_t storedToken = token->second; ::LogDebug(LOG_REST, "RESTAPI::validateAuth() valid list, host = %s, token = %s", token.first.c_str(), std::to_string(token.second).c_str());
uint32_t passedToken = (uint32_t)::strtoul(headerToken.c_str(), NULL, 10); #endif
if (storedToken == passedToken) { if (token.first.compare(host) == 0) {
#if DEBUG_HTTP_PAYLOAD
::LogDebug(LOG_REST, "RESTAPI::validateAuth() storedToken = %s, passedToken = %s", std::to_string(token.second).c_str(), headerToken.c_str());
#endif
if (std::to_string(token.second).compare(headerToken) == 0) {
return true; return true;
} else { } else {
m_authTokens.erase(host); // devalidate host m_authTokens.erase(host); // devalidate host
@ -351,11 +358,9 @@ bool RESTAPI::validateAuth(const HTTPPayload& request, HTTPPayload& reply)
return false; return false;
} }
} }
else {
errorPayload(reply, "invalid authentication token", HTTPPayload::UNAUTHORIZED);
return false;
} }
errorPayload(reply, "illegal authentication token", HTTPPayload::UNAUTHORIZED);
return false; return false;
} }
@ -367,7 +372,7 @@ bool RESTAPI::validateAuth(const HTTPPayload& request, HTTPPayload& reply)
/// <param name="match"></param> /// <param name="match"></param>
void RESTAPI::restAPI_PutAuth(const HTTPPayload& request, HTTPPayload& reply, const RequestMatch& match) void RESTAPI::restAPI_PutAuth(const HTTPPayload& request, HTTPPayload& reply, const RequestMatch& match)
{ {
std::string host = request.headers.find("Host"); std::string host = request.headers.find("RemoteHost");
json::object response = json::object(); json::object response = json::object();
setResponseDefaultStatus(response); setResponseDefaultStatus(response);

2
src/network/rest/http/Connection.h
Unescape View File

@ -132,6 +132,8 @@ namespace network
m_request.content = std::string(content, length); m_request.content = std::string(content, length);
} }
m_request.headers.add("RemoteHost", m_socket.remote_endpoint().address().to_string());
if (m_client) { if (m_client) {
if (result == HTTPLexer::GOOD) { if (result == HTTPLexer::GOOD) {
m_requestHandler.handleRequest(m_request, m_reply); m_requestHandler.handleRequest(m_request, m_reply);

Write Preview
Loading…
Cancel
Save

Powered by TurnKey Linux.