VladislavOstapov/terminal-web-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

сделал систему прав, теперь все действия с апи выполняются только при наличии прав (и в целом авторизации)

Browse Source
This commit is contained in:
Vladislav Ostapov
2024-11-12 10:56:26 +03:00
parent 857a01528b
commit 5175362d1b
3 changed files with 47 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/auth/resources.cpp
View File

@@ -1,6 +1,7 @@
#include "resources.h"
#include <boost/log/trivial.hpp>
#include <boost/algorithm/string.hpp>
#include <utility>
#include "jwt.h"
#include "utils.h"
@@ -8,6 +9,9 @@
http::auth::User::User(const std::string &username, const std::string &passwordHash): username(username),
passwordHash(passwordHash.empty() ? utils::sha256(username) : passwordHash) {}
http::auth::User::User(const std::string &username, const std::string &passwordHash, uint32_t perms): perms(perms),
username(username), passwordHash(passwordHash.empty() ? utils::sha256(username) : passwordHash) {}
bool http::auth::User::checkPassword(const std::string &pass) const {
return utils::sha256(pass) == passwordHash;
}
@@ -19,9 +23,8 @@ void http::auth::User::setPassword(const std::string &pass) {
bool http::auth::User::checkPremisions(uint32_t p) const {
if (this->perms & SUPERUSER) {
return true;
} else {
return (this->perms & p) == p;
}
return (this->perms & p) == p;
}
void http::auth::User::setPremisions(uint32_t p) {
@@ -73,3 +76,23 @@ std::shared_ptr<http::auth::User> http::auth::AuthProvider::getSession(const ser
}
http::auth::AuthProvider::~AuthProvider() = default;
http::auth::AuthRequiredResource::AuthRequiredResource(const std::string &path, AuthProvider& provider, resource::respGenerator generator):
BasicResource(path), provider_(provider), generator_(std::move(generator)), perms(User::SUPERUSER) {}
http::auth::AuthRequiredResource::AuthRequiredResource(const std::string &path, AuthProvider& provider, uint32_t perms, resource::respGenerator generator):
BasicResource(path), provider_(provider), generator_(std::move(generator)), perms(perms) {}
void http::auth::AuthRequiredResource::handle(const server::Request &req, server::Reply &rep) {
if (auto user = this->provider_.getSession(req)) {
if (user->checkPremisions(this->perms)) {
this->generator_(req, rep);
return;
}
stockReply(server::forbidden, rep);
} else {
stockReply(server::unauthorized, rep);
}
}
http::auth::AuthRequiredResource::~AuthRequiredResource() = default;