nova
/
esp8266-react-framework
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Fork of the excellent esp8266-react - https://github.com/rjwats/esp8266-react
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
217 Commits
1 Branch
0 Tags
4.4 MiB
Tree: ced5b74ba1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ced5b74ba1'
${ noResults }
esp8266-react-framework/lib/framework/SecurityManager.h

109 lines
2.4 KiB
Raw Normal View History

playing with some ideas for security management
5 years ago
messing around with JWT implementation
5 years ago
add security to all admin endpoints
5 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
Start work on security manager
5 years ago
add authentication service
5 years ago
Start work on security manager
5 years ago
add JWT encoding
5 years ago
Start work on security manager
5 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
Start work on security manager
5 years ago
WIP - more experimenting with the security manager
5 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
WIP - more experimenting with the security manager
5 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
Start work on security manager
5 years ago
add security to all admin endpoints
5 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
add security to all admin endpoints
5 years ago
Start work on security manager
5 years ago
add security to all admin endpoints
5 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
Start work on security manager
5 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
  1. #ifndef SecurityManager_h
  2. #define SecurityManager_h
  4. #include <ArduinoJsonJWT.h>
  5. #include <ESPAsyncWebServer.h>
  6. #include <list>
  8. #define DEFAULT_JWT_SECRET "esp8266-react"
  10. #define AUTHORIZATION_HEADER "Authorization"
  11. #define AUTHORIZATION_HEADER_PREFIX "Bearer "
  12. #define AUTHORIZATION_HEADER_PREFIX_LEN 7
  14. #define MAX_JWT_SIZE 128
  16. class User {
  17. private:
  18. String _username;
  19. String _password;
  20. bool _admin;
  22. public:
  23. User(String username, String password, bool admin) : _username(username), _password(password), _admin(admin) {
  24. }
  25. String getUsername() {
  26. return _username;
  27. }
  28. String getPassword() {
  29. return _password;
  30. }
  31. bool isAdmin() {
  32. return _admin;
  33. }
  34. };
  36. class Authentication {
  37. private:
  38. User* _user;
  39. boolean _authenticated;
  41. public:
  42. Authentication(User& user) : _user(new User(user)), _authenticated(true) {
  43. }
  44. Authentication() : _user(nullptr), _authenticated(false) {
  45. }
  46. ~Authentication() {
  47. delete (_user);
  48. }
  49. User* getUser() {
  50. return _user;
  51. }
  52. bool isAuthenticated() {
  53. return _authenticated;
  54. }
  55. };
  57. typedef std::function<boolean(Authentication& authentication)> AuthenticationPredicate;
  59. class AuthenticationPredicates {
  60. public:
  61. static bool NONE_REQUIRED(Authentication& authentication) {
  62. return true;
  63. };
  64. static bool IS_AUTHENTICATED(Authentication& authentication) {
  65. return authentication.isAuthenticated();
  66. };
  67. static bool IS_ADMIN(Authentication& authentication) {
  68. return authentication.isAuthenticated() && authentication.getUser()->isAdmin();
  69. };
  70. };
  72. class SecurityManager {
  73. public:
  74. /*
  75. * Authenticate, returning the user if found
  76. */
  77. Authentication authenticate(String username, String password);
  79. /*
  80. * Check the request header for the Authorization token
  81. */
  82. Authentication authenticateRequest(AsyncWebServerRequest* request);
  84. /*
  85. * Generate a JWT for the user provided
  86. */
  87. String generateJWT(User* user);
  89. /**
  90. * Wrap the provided request to provide validation against an AuthenticationPredicate.
  91. */
  92. ArRequestHandlerFunction wrapRequest(ArRequestHandlerFunction onRequest, AuthenticationPredicate predicate);
  94. protected:
  95. ArduinoJsonJWT _jwtHandler = ArduinoJsonJWT(DEFAULT_JWT_SECRET);
  96. std::list<User> _users;
  98. private:
  99. /*
  100. * Lookup the user by JWT
  101. */
  102. Authentication authenticateJWT(String jwt);
  104. /*
  105. * Verify the payload is correct
  106. */
  107. boolean validatePayload(JsonObject& parsedPayload, User* user);
  108. };
  110. #endif // end SecurityManager_h