nawa::AuthFilter Class Reference

#include <nawa/filter/AccessFilter/ext/AuthFilter.h>

Inherits nawa::AccessFilter.

Public Member Functions
	~AuthFilter () override
	AuthFilter ()
	AuthFilter (AuthFilter const &other)
AuthFilter &	operator= (const AuthFilter &other)
	AuthFilter (AuthFilter &&other) noexcept
AuthFilter &	operator= (AuthFilter &&other) noexcept
std::function< bool(std::string, std::string)> &	authFunction () noexcept
std::function< bool(std::string, std::string)> const &	authFunction () const noexcept
AuthFilter &	authFunction (std::function< bool(std::string, std::string)> value) noexcept
std::string &	authName () noexcept
std::string const &	authName () const noexcept
AuthFilter &	authName (std::string value) noexcept
bool &	useSessions () noexcept
bool	useSessions () const noexcept
AuthFilter &	useSessions (bool value) noexcept
Public Member Functions inherited from nawa::AccessFilter
virtual	~AccessFilter ()
	AccessFilter ()
	AccessFilter (AccessFilter const &other)
AccessFilter &	operator= (const AccessFilter &other)
	AccessFilter (AccessFilter &&other) noexcept
AccessFilter &	operator= (AccessFilter &&other) noexcept
bool &	invert () noexcept
bool	invert () const noexcept
AccessFilter &	invert (bool value) noexcept
std::vector< std::vector< std::string > > &	pathFilter () noexcept
std::vector< std::vector< std::string > > const &	pathFilter () const noexcept
AccessFilter &	pathFilter (std::vector< std::vector< std::string > > value) noexcept
bool &	invertPathFilter () noexcept
bool	invertPathFilter () const noexcept
AccessFilter &	invertPathFilter (bool value) noexcept
std::vector< std::string > &	extensionFilter () noexcept
std::vector< std::string > const &	extensionFilter () const noexcept
AccessFilter &	extensionFilter (std::vector< std::string > value) noexcept
bool &	invertExtensionFilter () noexcept
bool	invertExtensionFilter () const noexcept
AccessFilter &	invertExtensionFilter (bool value) noexcept
bool &	regexFilterEnabled () noexcept
bool	regexFilterEnabled () const noexcept
AccessFilter &	regexFilterEnabled (bool value) noexcept
std::regex &	regexFilter () noexcept
std::regex const &	regexFilter () const noexcept
AccessFilter &	regexFilter (std::regex value) noexcept
std::string &	response () noexcept
std::string const &	response () const noexcept
AccessFilter &	response (std::string value) noexcept
bool	matches (std::vector< std::string > const &requestPath) const

Detailed Description

Defines a filter that will request HTTP Basic Authentication if matching. After successful authentication, forward filters will still be checked, and if no forward filter matches, the request can be processed by the app normally. If authentication fails, a 403 page with the defined response or a standard error page will be sent.
Please note that this will not work out of the box with Apache2 and mod_proxy_fcgi, as Apache does not forward the WWW-Authenticate header to the application. You can fix this by setting "CGIPassAuth On" for all request URIs that need this feature in the Apache2 vhost config, e.g.:

<LocationMatch "^/test">
    CGIPassAuth On
</LocationMatch>

Definition at line 43 of file AuthFilter.h.

Constructor & Destructor Documentation

~AuthFilter()

nawa::AuthFilter::~AuthFilter ( )

override

AuthFilter() [1/3]

nawa::AuthFilter::AuthFilter

(

)

AuthFilter() [2/3]

nawa::AuthFilter::AuthFilter

(

AuthFilter const &

other

)

AuthFilter() [3/3]

nawa::AuthFilter::AuthFilter ( AuthFilter &&  other )

noexcept

Member Function Documentation

operator=() [1/2]

AuthFilter & nawa::AuthFilter::operator=

(

const AuthFilter &

other

)

operator=() [2/2]

AuthFilter & nawa::AuthFilter::operator= ( AuthFilter &&  other )

noexcept

authFunction() [1/3]

std::function< bool(std::string, std::string)> & nawa::AuthFilter::authFunction ( )

noexcept

The authentication function. It will be called with the provided user name as first parameter and the provided user password as the second parameter. Access will be granted if the authentication function returns true. If the function is not set, authorization will always be denied.

Returns

Reference to element.

authFunction() [2/3]

std::function< bool(std::string, std::string)> const & nawa::AuthFilter::authFunction ( ) const

noexcept

authFunction() [3/3]

AuthFilter & nawa::AuthFilter::authFunction ( std::function< bool(std::string, std::string)>  value )

noexcept

authName() [1/3]

std::string & nawa::AuthFilter::authName ( )

noexcept

A short description of the required authentication that may be shown by the browser ("realm") (optional). This value should only contain alphanumeric characters and must not contain double quotes or newlines. It will not be checked for validity by NAWA, instead, authentication may fail and the server might even become unaccessible in case of non-compliance. If this value comes from a user, make sure to check it thoroughly (by the way, it shouldn't).

Returns

Reference to element.

authName() [2/3]

std::string const & nawa::AuthFilter::authName ( ) const

noexcept

authName() [3/3]

AuthFilter & nawa::AuthFilter::authName ( std::string  value )

noexcept

useSessions() [1/3]

bool & nawa::AuthFilter::useSessions ( )

noexcept

Use sessions to remember the authenticated user. This will create a std::string session variable "_nawa_authfilter[id]" (wherein [id] is the number of the filter), containing the user name. You can use it in your application to find out which user has authenticated and delete it to log the user out. This is usually not necessary (but might be more effective or extend the scope of the authorization, and lets you access the user name), as browsers will usually send the authentication string on every single request.

Returns

Reference to element.

useSessions() [2/3]

bool nawa::AuthFilter::useSessions ( ) const

noexcept

useSessions() [3/3]

AuthFilter & nawa::AuthFilter::useSessions ( bool  value )

noexcept

---

The documentation for this class was generated from the following file:

• include/nawa/filter/AccessFilter/ext/AuthFilter.h