AuthenticationUser CredentialHttp::authenticate(Cutelyst::Context *c, AuthenticationRealm *realm, const CStringHash &authinfo) { Q_D(CredentialHttp); AuthenticationUser ret; if (d->requireSsl && !c->request()->secure()) { return d->authenticationFailed(c, realm, authinfo); } if (d->isAuthTypeDigest()) { ret = d->authenticateDigest(c, realm, authinfo); if (!ret.isNull()) { return ret; } } if (d->isAuthTypeBasic()) { ret = d->authenticateBasic(c, realm, authinfo); if (!ret.isNull()) { return ret; } } return d->authenticationFailed(c, realm, authinfo); }
AuthenticationUser AuthenticationRealm::findUser(Context *c, const CStringHash &userinfo) { AuthenticationUser ret = m_store->findUser(c, userinfo); if (ret.isNull()) { if (m_store->canAutoCreateUser()) { ret = m_store->autoCreateUser(c, userinfo); } } else if (m_store->canAutoUpdateUser()) { ret = m_store->autoUpdateUser(c, userinfo); } return ret; }
AuthenticationUser AuthenticationRealm::restoreUser(Context *c, const QVariant &frozenUser) { QVariant _frozenUser = frozenUser; if (_frozenUser.isNull()) { _frozenUser = userIsRestorable(c); } if (_frozenUser.isNull()) { return AuthenticationUser(); } AuthenticationUser user = m_store->fromSession(c, _frozenUser); if (!user.isNull()) { // Sets the realm the user originated in user.setAuthRealm(this); } else { qCWarning(C_AUTH_REALM) << "Store claimed to have a restorable user, but restoration failed. Did you change the user's id_field?"; } return user; }
AuthenticationUser CredentialHttpPrivate::authenticateBasic(Context *c, AuthenticationRealm *realm, const CStringHash &authinfo) { Q_UNUSED(authinfo) qCDebug(C_CREDENTIALHTTP) << "Checking http basic authentication."; QPair<QString, QString> userPass = c->req()->headers().authorizationBasicPair(); if (userPass.first.isEmpty()) { return AuthenticationUser(); } CStringHash auth; auth.insert(usernameField, userPass.first); AuthenticationUser user = realm->findUser(c, auth); if (!user.isNull()) { auth.insert(passwordField, userPass.second); if (checkPassword(user, auth)) { return user; } qCDebug(C_CREDENTIALHTTP) << "Password didn't match"; } else { qCDebug(C_CREDENTIALHTTP) << "Unable to locate a user matching user info provided in realm"; } return AuthenticationUser(); }