nova
/
esp8266-react-framework
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Fork of the excellent esp8266-react - https://github.com/rjwats/esp8266-react
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
191 Commits
1 Branch
0 Tags
4.4 MiB
Tree: f77428e4dc
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f77428e4dc'
${ noResults }
esp8266-react-framework/lib/framework/SecurityManager.h

109 lines
2.6 KiB
Raw Normal View History

playing with some ideas for security management
5 years ago
messing around with JWT implementation
5 years ago
add security to all admin endpoints
5 years ago
Start work on security manager
5 years ago
add authentication service
5 years ago
Start work on security manager
5 years ago
add JWT encoding
5 years ago
Start work on security manager
5 years ago
remove roles, as a simplification
5 years ago
Start work on security manager
5 years ago
remove roles, as a simplification
5 years ago
Start work on security manager
5 years ago
remove roles, as a simplification
5 years ago
Start work on security manager
5 years ago
WIP - more experimenting with the security manager
5 years ago
add authentication service
5 years ago
WIP - more experimenting with the security manager
5 years ago
add authentication service
5 years ago
Resolve some typos Use nullptr over NULL Fix confusing regexp Fix issue with non-compliant JWT encoding
5 years ago
add authentication service
5 years ago
Resolve some typos Use nullptr over NULL Fix confusing regexp Fix issue with non-compliant JWT encoding
5 years ago
add authentication service
5 years ago
WIP - more experimenting with the security manager
5 years ago
add security to all admin endpoints
5 years ago
Start work on security manager
5 years ago
add security to all admin endpoints
5 years ago
Start work on security manager
5 years ago
add security to all admin endpoints
5 years ago
Start work on security manager
5 years ago
add security to all admin endpoints
5 years ago
Start work on security manager
5 years ago
add security to all admin endpoints
5 years ago
Start work on security manager
5 years ago
add JWT encoding
5 years ago
add authentication service
5 years ago
add JWT encoding
5 years ago
add authentication service
5 years ago
add JWT encoding
5 years ago
add authentication service
5 years ago
add JWT encoding
5 years ago
add authentication service
5 years ago
add JWT encoding
5 years ago
add authentication service
5 years ago
Start work on security manager
5 years ago
add security to all admin endpoints
5 years ago
Start work on security manager
5 years ago
add security to all admin endpoints
5 years ago
Start work on security manager
5 years ago
add security form, begin work on routing
5 years ago
playing with some ideas for security management
5 years ago
add security to all admin endpoints
5 years ago
add authentication service
5 years ago
Start work on security manager
5 years ago
playing with some ideas for security management
5 years ago
  1. #ifndef SecurityManager_h
  2. #define SecurityManager_h
  4. #include <list>
  5. #include <ArduinoJsonJWT.h>
  6. #include <ESPAsyncWebServer.h>
  8. #define DEFAULT_JWT_SECRET "esp8266-react"
  10. #define AUTHORIZATION_HEADER "Authorization"
  11. #define AUTHORIZATION_HEADER_PREFIX "Bearer "
  12. #define AUTHORIZATION_HEADER_PREFIX_LEN 7
  14. #define MAX_JWT_SIZE 128
  16. class User {
  17. private:
  18. String _username;
  19. String _password;
  20. bool _admin;
  21. public:
  22. User(String username, String password, bool admin): _username(username), _password(password), _admin(admin) {}
  23. String getUsername() {
  24. return _username;
  25. }
  26. String getPassword() {
  27. return _password;
  28. }
  29. bool isAdmin() {
  30. return _admin;
  31. }
  32. };
  34. class Authentication {
  35. private:
  36. User *_user;
  37. boolean _authenticated;
  38. public:
  39. Authentication(User& user): _user(new User(user)), _authenticated(true) {}
  40. Authentication() : _user(nullptr), _authenticated(false) {}
  41. ~Authentication() {
  42. delete(_user);
  43. }
  44. User* getUser() {
  45. return _user;
  46. }
  47. bool isAuthenticated() {
  48. return _authenticated;
  49. }
  50. };
  52. typedef std::function<boolean(Authentication &authentication)> AuthenticationPredicate;
  54. class AuthenticationPredicates {
  55. public:
  56. static bool NONE_REQUIRED(Authentication &authentication) {
  57. return true;
  58. };
  59. static bool IS_AUTHENTICATED(Authentication &authentication) {
  60. return authentication.isAuthenticated();
  61. };
  62. static bool IS_ADMIN(Authentication &authentication) {
  63. return authentication.isAuthenticated() && authentication.getUser()->isAdmin();
  64. };
  65. };
  67. class SecurityManager {
  69. public:
  71. /*
  72. * Authenticate, returning the user if found
  73. */
  74. Authentication authenticate(String username, String password);
  76. /*
  77. * Check the request header for the Authorization token
  78. */
  79. Authentication authenticateRequest(AsyncWebServerRequest *request);
  81. /*
  82. * Generate a JWT for the user provided
  83. */
  84. String generateJWT(User *user);
  86. /**
  87. * Wrap the provided request to provide validation against an AuthenticationPredicate.
  88. */
  89. ArRequestHandlerFunction wrapRequest(ArRequestHandlerFunction onRequest, AuthenticationPredicate predicate);
  91. protected:
  93. ArduinoJsonJWT _jwtHandler = ArduinoJsonJWT(DEFAULT_JWT_SECRET);
  94. std::list<User> _users;
  96. private:
  98. /*
  99. * Lookup the user by JWT
  100. */
  101. Authentication authenticateJWT(String jwt);
  103. /*
  104. * Verify the payload is correct
  105. */
  106. boolean validatePayload(JsonObject &parsedPayload, User *user);
  108. };
  110. #endif // end SecurityManager_h