Browse Source
External config
External config
Allow config to be accessed from outside the framework core code.master
rjwats
4 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 422 additions and 251 deletions
-
75README.md
-
31lib/framework/APSettingsService.cpp
-
15lib/framework/APSettingsService.h
-
9lib/framework/AdminSettingsService.h
-
6lib/framework/AuthenticationService.cpp
-
23lib/framework/ESP8266React.h
-
32lib/framework/NTPSettingsService.cpp
-
15lib/framework/NTPSettingsService.h
-
20lib/framework/OTASettingsService.cpp
-
12lib/framework/OTASettingsService.h
-
68lib/framework/SecurityManager.cpp
-
65lib/framework/SecurityManager.h
-
84lib/framework/SecuritySettingsService.cpp
-
27lib/framework/SecuritySettingsService.h
-
86lib/framework/SettingsService.h
-
58lib/framework/WiFiSettingsService.cpp
-
32lib/framework/WiFiSettingsService.h
-
6src/DemoProject.cpp
-
9src/DemoProject.h
@ -1,68 +0,0 @@ |
|||||
#include <SecurityManager.h>
|
|
||||
|
|
||||
Authentication SecurityManager::authenticateRequest(AsyncWebServerRequest *request) { |
|
||||
AsyncWebHeader *authorizationHeader = request->getHeader(AUTHORIZATION_HEADER); |
|
||||
if (authorizationHeader) { |
|
||||
String value = authorizationHeader->value(); |
|
||||
if (value.startsWith(AUTHORIZATION_HEADER_PREFIX)) { |
|
||||
value = value.substring(AUTHORIZATION_HEADER_PREFIX_LEN); |
|
||||
return authenticateJWT(value); |
|
||||
} |
|
||||
} |
|
||||
return Authentication(); |
|
||||
} |
|
||||
|
|
||||
Authentication SecurityManager::authenticateJWT(String jwt) { |
|
||||
DynamicJsonDocument payloadDocument(MAX_JWT_SIZE); |
|
||||
_jwtHandler.parseJWT(jwt, payloadDocument); |
|
||||
if (payloadDocument.is<JsonObject>()) { |
|
||||
JsonObject parsedPayload = payloadDocument.as<JsonObject>(); |
|
||||
String username = parsedPayload["username"]; |
|
||||
for (User _user : _users) { |
|
||||
if (_user.getUsername() == username && validatePayload(parsedPayload, &_user)) { |
|
||||
return Authentication(_user); |
|
||||
} |
|
||||
} |
|
||||
} |
|
||||
return Authentication(); |
|
||||
} |
|
||||
|
|
||||
Authentication SecurityManager::authenticate(String username, String password) { |
|
||||
for (User _user : _users) { |
|
||||
if (_user.getUsername() == username && _user.getPassword() == password) { |
|
||||
return Authentication(_user); |
|
||||
} |
|
||||
} |
|
||||
return Authentication(); |
|
||||
} |
|
||||
|
|
||||
inline void populateJWTPayload(JsonObject &payload, User *user) { |
|
||||
payload["username"] = user->getUsername(); |
|
||||
payload["admin"] = user->isAdmin(); |
|
||||
} |
|
||||
|
|
||||
boolean SecurityManager::validatePayload(JsonObject &parsedPayload, User *user) { |
|
||||
DynamicJsonDocument _jsonDocument(MAX_JWT_SIZE); |
|
||||
JsonObject payload = _jsonDocument.to<JsonObject>(); |
|
||||
populateJWTPayload(payload, user); |
|
||||
return payload == parsedPayload; |
|
||||
} |
|
||||
|
|
||||
String SecurityManager::generateJWT(User *user) { |
|
||||
DynamicJsonDocument _jsonDocument(MAX_JWT_SIZE); |
|
||||
JsonObject payload = _jsonDocument.to<JsonObject>(); |
|
||||
populateJWTPayload(payload, user); |
|
||||
return _jwtHandler.buildJWT(payload); |
|
||||
} |
|
||||
|
|
||||
ArRequestHandlerFunction SecurityManager::wrapRequest(ArRequestHandlerFunction onRequest, |
|
||||
AuthenticationPredicate predicate) { |
|
||||
return [this, onRequest, predicate](AsyncWebServerRequest *request) { |
|
||||
Authentication authentication = authenticateRequest(request); |
|
||||
if (!predicate(authentication)) { |
|
||||
request->send(401); |
|
||||
return; |
|
||||
} |
|
||||
onRequest(request); |
|
||||
}; |
|
||||
} |
|
Write
Preview
Loading…
Cancel
Save
Reference in new issue