Leosac  0.8.0
Open Source Access Control
Public Types | Public Member Functions | Private Member Functions | Private Attributes | List of all members
Leosac::Module::WebSockAPI::APISession Class Reference

This is the application-level object that provide the API. More...

#include <APISession.hpp>

+ Collaboration diagram for Leosac::Module::WebSockAPI::APISession:

Public Types

enum  AuthStatus { AuthStatus::NONE, AuthStatus::LOGGED_IN }
 Enumeration describing the authentication status of a client. More...
 
using json = nlohmann::json
 

Public Member Functions

 APISession (WSServer &server)
 
 APISession (const APISession &)=delete
 
 APISession (APISession &&)=delete
 
Auth::UserId current_user_id () const
 Retrieve the UserId of the user associated with this API session. More...
 
Auth::UserPtr current_user () const
 Retrieve the user associated with the session, or nullptr. More...
 
Auth::TokenPtr current_token () const
 Retrieve the currently in-use token, or nullptr. More...
 
bool allowed (const std::string &cmd)
 Is this API client allowed to perform the request cmd ? More...
 
json get_leosac_version (const json &)
 Retrieve the current version number of Leosac. More...
 
json create_auth_token (const json &req)
 Generate an authentication token using the user credential, and logs the user in on success. More...
 
json authenticate_with_token (const json &req)
 Attempt to authenticate with a (previously generated) authentication token. More...
 
json logout (const json &req)
 Log an user out. More...
 
json system_overview (const json &req)
 Presents an overview of the system to the end user. More...
 
void hook_before_request ()
 A hook that is called before a request processing method will be invoked. More...
 
void abort_session ()
 Abort the current websocket session. More...
 
SecurityContextsecurity_context () const
 

Private Member Functions

void mark_authenticated (Auth::TokenPtr token)
 
void clear_authentication ()
 

Private Attributes

WSServerserver_
 The API server. More...
 
AuthStatus auth_status_
 
Auth::TokenPtr current_auth_token_
 The token we are authenticated with. More...
 
std::unique_ptr< SecurityContextsecurity_
 

Detailed Description

This is the application-level object that provide the API.

One objected is instantiated per websocket client.

Definition at line 42 of file APISession.hpp.

Member Typedef Documentation

◆ json

using Leosac::Module::WebSockAPI::APISession::json = nlohmann::json

Definition at line 45 of file APISession.hpp.

Member Enumeration Documentation

◆ AuthStatus

enum Leosac::Module::WebSockAPI::APISession::AuthStatus
strong

Enumeration describing the authentication status of a client.

Enumerator
NONE 
LOGGED_IN 

Definition at line 50 of file APISession.hpp.

Constructor & Destructor Documentation

◆ APISession() [1/3]

APISession::APISession ( WSServer server)

Definition at line 42 of file APISession.cpp.

◆ APISession() [2/3]

Leosac::Module::WebSockAPI::APISession::APISession ( const APISession )
delete

◆ APISession() [3/3]

Leosac::Module::WebSockAPI::APISession::APISession ( APISession &&  )
delete

Member Function Documentation

◆ abort_session()

void APISession::abort_session ( )

Abort the current websocket session.

This means that we reset the authentication status.

Definition at line 165 of file APISession.cpp.

◆ allowed()

bool APISession::allowed ( const std::string &  cmd)

Is this API client allowed to perform the request cmd ?

Definition at line 126 of file APISession.cpp.

◆ authenticate_with_token()

APISession::json APISession::authenticate_with_token ( const json req)

Attempt to authenticate with a (previously generated) authentication token.

Request:

  • token: The authentication token

Response:

  • user_id: On success, the user-id of the newly authenticated user.
  • username: On success, the username authenticated user.
  • status: See create_auth_token status.
  • message: An optional text message describing the status.
Note
The auth token can be created using the create_auth_token API call.

Definition at line 82 of file APISession.cpp.

◆ clear_authentication()

void APISession::clear_authentication ( )
private

Definition at line 198 of file APISession.cpp.

◆ create_auth_token()

APISession::json APISession::create_auth_token ( const json req)

Generate an authentication token using the user credential, and logs the user in on success.

Request:

  • username: Username of the user attempting to log-in.
  • password: Clear text password.

Response:

  • status: An integer.
    • 0 means success.
    • -1 means invalid username/password.
  • user_id: On success, the identifier of the logged in user.
  • token: On success, value of the generated authentication token.
  • message: An optional text message describing the status.

Definition at line 56 of file APISession.cpp.

◆ current_token()

Auth::TokenPtr APISession::current_token ( ) const

Retrieve the currently in-use token, or nullptr.

Definition at line 185 of file APISession.cpp.

◆ current_user()

Auth::UserPtr APISession::current_user ( ) const

Retrieve the user associated with the session, or nullptr.

Returns
Pointer to current user, or nullptr.

Definition at line 178 of file APISession.cpp.

◆ current_user_id()

Auth::UserId APISession::current_user_id ( ) const

Retrieve the UserId of the user associated with this API session.

Returns
User Id or 0 if the session is not authenticated.

Definition at line 171 of file APISession.cpp.

◆ get_leosac_version()

APISession::json APISession::get_leosac_version ( const json )

Retrieve the current version number of Leosac.

Request:

  • No parameter.

Response:

  • version: An alphanumeric string representing the version of the Leosac daemon.

Definition at line 48 of file APISession.cpp.

◆ hook_before_request()

void APISession::hook_before_request ( )

A hook that is called before a request processing method will be invoked.

Typically, this is used to:

  • Check that the authentication is still valid.
  • Extend the authentication duration.

Definition at line 135 of file APISession.cpp.

◆ logout()

APISession::json APISession::logout ( const json req)

Log an user out.

Request:

  • No parameter.

Response:

  • No content.

Definition at line 104 of file APISession.cpp.

◆ mark_authenticated()

void APISession::mark_authenticated ( Auth::TokenPtr  token)
private

Definition at line 190 of file APISession.cpp.

◆ security_context()

SecurityContext & APISession::security_context ( ) const

Definition at line 205 of file APISession.cpp.

◆ system_overview()

APISession::json APISession::system_overview ( const json req)

Presents an overview of the system to the end user.

Request:

  • No parameter

Response:

  • instance_name: General config instance_name value.
  • config_version: The current version number of the configuration.
  • uptime: Number of seconds since Leosac started to run.
  • modules: List of name of the currently running modules.

Definition at line 113 of file APISession.cpp.

Member Data Documentation

◆ auth_status_

AuthStatus Leosac::Module::WebSockAPI::APISession::auth_status_
private

Definition at line 181 of file APISession.hpp.

◆ current_auth_token_

Auth::TokenPtr Leosac::Module::WebSockAPI::APISession::current_auth_token_
private

The token we are authenticated with.

Definition at line 186 of file APISession.hpp.

◆ security_

std::unique_ptr<SecurityContext> Leosac::Module::WebSockAPI::APISession::security_
private

Definition at line 188 of file APISession.hpp.

◆ server_

WSServer& Leosac::Module::WebSockAPI::APISession::server_
private

The API server.

Definition at line 180 of file APISession.hpp.

The documentation for this class was generated from the following files: