You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
#ifndef SecurityManager_h
#define SecurityManager_h
#include <ArduinoJsonJWT.h>
#include <ESPAsyncWebServer.h>
#include <list>
#define DEFAULT_JWT_SECRET "esp8266-react"
#define AUTHORIZATION_HEADER "Authorization"
#define AUTHORIZATION_HEADER_PREFIX "Bearer "
#define AUTHORIZATION_HEADER_PREFIX_LEN 7
#define MAX_JWT_SIZE 128
class User { private: String _username; String _password; bool _admin;
public: User(String username, String password, bool admin) : _username(username), _password(password), _admin(admin) { } String getUsername() { return _username; } String getPassword() { return _password; } bool isAdmin() { return _admin; } };
class Authentication { private: User* _user; boolean _authenticated;
public: Authentication(User& user) : _user(new User(user)), _authenticated(true) { } Authentication() : _user(nullptr), _authenticated(false) { } ~Authentication() { delete (_user); } User* getUser() { return _user; } bool isAuthenticated() { return _authenticated; } };
typedef std::function<boolean(Authentication& authentication)> AuthenticationPredicate;
class AuthenticationPredicates { public: static bool NONE_REQUIRED(Authentication& authentication) { return true; }; static bool IS_AUTHENTICATED(Authentication& authentication) { return authentication.isAuthenticated(); }; static bool IS_ADMIN(Authentication& authentication) { return authentication.isAuthenticated() && authentication.getUser()->isAdmin(); }; };
class SecurityManager { public: /*
* Authenticate, returning the user if found */ Authentication authenticate(String username, String password);
/*
* Check the request header for the Authorization token */ Authentication authenticateRequest(AsyncWebServerRequest* request);
/*
* Generate a JWT for the user provided */ String generateJWT(User* user);
/**
* Wrap the provided request to provide validation against an AuthenticationPredicate. */ ArRequestHandlerFunction wrapRequest(ArRequestHandlerFunction onRequest, AuthenticationPredicate predicate);
protected: ArduinoJsonJWT _jwtHandler = ArduinoJsonJWT(DEFAULT_JWT_SECRET); std::list<User> _users;
private: /*
* Lookup the user by JWT */ Authentication authenticateJWT(String jwt);
/*
* Verify the payload is correct */ boolean validatePayload(JsonObject& parsedPayload, User* user); };
#endif // end SecurityManager_h
|