vibe.http.auth.basic_auth 0/27(0%) line coverage

      
10
20
30
40
50
60
70
80
90
100
110
120
130
140
150
160
170
180
190
200
210
220
230
240
250
260
270
280
290
300
310
320
330
340
350
360
370
380
390
400
410
420
430
440
450
460
470
480
490
500
510
520
530
540
550
560
570
580
590
600
610
620
630
640
650
660
670
680
690
700
710
720
730
740
750
760
770
780
790
800
810
820
830
840
850
860
870
880
890
900
910
920
930
940
950
960
970
980
990
1000
1010
1020
1030
1040
1050
1060
1070
1080
1090
1100
1110
1120
1130
1140
1150
1160
1170
1180
1190
/** Implements HTTP Basic Auth. Copyright: © 2012 RejectedSoftware e.K. License: Subject to the terms of the MIT license, as written in the included LICENSE.txt file. Authors: Sönke Ludwig */ module vibe.http.auth.basic_auth; import vibe.http.server; import vibe.core.log; import std.base64; import std.exception; import std.string; @safe: /** Returns a request handler that enforces request to be authenticated using HTTP Basic Auth. */ HTTPServerRequestDelegateS performBasicAuth(string realm, PasswordVerifyCallback pwcheck) { void handleRequest(scope HTTPServerRequest req, scope HTTPServerResponse res) @safe { if (!checkBasicAuth(req, pwcheck)) { res.statusCode = HTTPStatus.unauthorized; res.contentType = "text/plain"; res.headers["WWW-Authenticate"] = "Basic realm=\""~realm~"\""; res.bodyWriter.write("Authorization required"); } } return &handleRequest; } /// Scheduled for deprecation - use a `@safe` callback instead. HTTPServerRequestDelegateS performBasicAuth(string realm, bool delegate(string, string) @system pwcheck) @system { return performBasicAuth(realm, (u, p) @trusted => pwcheck(u, p)); } /** Enforces HTTP Basic Auth authentication on the given req/res pair. Params: req = Request object that is to be checked res = Response object that will be used for authentication errors realm = HTTP Basic Auth realm reported to the client pwcheck = A delegate queried for validating user/password pairs Returns: Returns the name of the authenticated user. Throws: Throws a HTTPStatusExeption in case of an authentication failure. */ string performBasicAuth(scope HTTPServerRequest req, scope HTTPServerResponse res, string realm, scope PasswordVerifyCallback pwcheck) { if (checkBasicAuth(req, pwcheck)) return req.username; res.headers["WWW-Authenticate"] = "Basic realm=\""~realm~"\""; throw new HTTPStatusException(HTTPStatus.unauthorized); } /// Scheduled for deprecation - use a `@safe` callback instead. string performBasicAuth(scope HTTPServerRequest req, scope HTTPServerResponse res, string realm, scope bool delegate(string, string) @system pwcheck) @system { return performBasicAuth(req, res, realm, (u, p) @trusted => pwcheck(u, p)); } /** Checks for valid HTTP Basic Auth authentication on the given request. Upon successful authorization, the name of the authorized user will be stored in `req.username`. Params: req = Request object that is to be checked pwcheck = A delegate queried for validating user/password pairs Returns: Returns `true` $(I iff) a valid Basic Auth header is present and the credentials were verified successfully by the validation callback. Throws: Throws a `HTTPStatusExeption` with `HTTPStatusCode.badRequest` if the "Authorization" header is malformed. */ bool checkBasicAuth(scope HTTPServerRequest req, scope PasswordVerifyCallback pwcheck) { auto pauth = "Authorization" in req.headers; if (pauth && (*pauth).startsWith("Basic ")) { string user_pw = () @trusted { return cast(string)Base64.decode((*pauth)[6 .. $]); } (); auto idx = user_pw.indexOf(":"); enforceBadRequest(idx >= 0, "Invalid auth string format!"); string user = user_pw[0 .. idx]; string password = user_pw[idx+1 .. $]; if (pwcheck(user, password)) { req.username = user; return true; } } return false; } /** Augments the given HTTP request with an HTTP Basic Auth header. */ void addBasicAuth(scope HTTPRequest req, string user, string password) { string pwstr = user ~ ":" ~ password; string authstr = () @trusted { return cast(string)Base64.encode(cast(ubyte[])pwstr); } (); req.headers["Authorization"] = "Basic " ~ authstr; } alias PasswordVerifyCallback = bool delegate(string user, string password);