Leosac  0.8.0
Open Source Access Control
APISession.hpp
Go to the documentation of this file.
1 /*
2  Copyright (C) 2014-2016 Leosac
3 
4  This file is part of Leosac.
5 
6  Leosac is free software: you can redistribute it and/or modify
7  it under the terms of the GNU Affero General Public License as published by
8  the Free Software Foundation, either version 3 of the License, or
9  (at your option) any later version.
10 
11  Leosac is distributed in the hope that it will be useful,
12  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  GNU Affero General Public License for more details.
15 
16  You should have received a copy of the GNU Affero General Public License
17  along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19 
20 #pragma once
21 
22 #include "core/SecurityContext.hpp"
23 #include "core/auth/AuthFwd.hpp"
24 #include <nlohmann/json.hpp>
25 #include <memory>
26 
27 namespace Leosac
28 {
29 namespace Module
30 {
31 namespace WebSockAPI
32 {
33 
34 class WSServer;
35 
43 {
44  public:
46 
50  enum class AuthStatus
51  {
52  NONE,
53  LOGGED_IN
54  };
55 
56  APISession(WSServer &server);
57  APISession(const APISession &) = delete;
58  APISession(APISession &&) = delete;
59 
65 
71 
76 
80  bool allowed(const std::string &cmd);
81 
92  json get_leosac_version(const json &);
93 
110  json create_auth_token(const json &req);
111 
127  json authenticate_with_token(const json &req);
128 
138  json logout(const json &req);
139 
152  json system_overview(const json &req);
153 
162  void hook_before_request();
163 
169  void abort_session();
170 
172 
173  private:
175  void clear_authentication();
176 
182 
187 
188  std::unique_ptr<SecurityContext> security_;
189 };
190 }
191 }
192 }
Leosac::Module::WebSockAPI::APISession::json
nlohmann::json json
Definition: APISession.hpp:45
Leosac::Module::WebSockAPI::APISession::clear_authentication
void clear_authentication()
Definition: APISession.cpp:198
Leosac::Module::WebSockAPI::APISession::hook_before_request
void hook_before_request()
A hook that is called before a request processing method will be invoked.
Definition: APISession.cpp:135
Leosac::Module::WebSockAPI::APISession::get_leosac_version
json get_leosac_version(const json &)
Retrieve the current version number of Leosac.
Definition: APISession.cpp:48
Leosac::Module::WebSockAPI::APISession::current_user
Auth::UserPtr current_user() const
Retrieve the user associated with the session, or nullptr.
Definition: APISession.cpp:178
Leosac::Auth::TokenPtr
std::shared_ptr< Token > TokenPtr
Definition: AuthFwd.hpp:85
json
nlohmann::json json
Definition: WSServer.cpp:76
AuthFwd.hpp
Leosac::Auth::UserPtr
std::shared_ptr< User > UserPtr
Definition: AuthFwd.hpp:31
Leosac::Module::WebSockAPI::APISession::APISession
APISession(WSServer &server)
Definition: APISession.cpp:42
Leosac::Module::WebSockAPI::APISession::security_
std::unique_ptr< SecurityContext > security_
Definition: APISession.hpp:188
Leosac::Module::WebSockAPI::APISession::allowed
bool allowed(const std::string &cmd)
Is this API client allowed to perform the request cmd ?
Definition: APISession.cpp:126
Leosac::Module::WebSockAPI::APISession::mark_authenticated
void mark_authenticated(Auth::TokenPtr token)
Definition: APISession.cpp:190
Leosac::Module::WebSockAPI::APISession::current_user_id
Auth::UserId current_user_id() const
Retrieve the UserId of the user associated with this API session.
Definition: APISession.cpp:171
Leosac::Module::WebSockAPI::APISession::logout
json logout(const json &req)
Log an user out.
Definition: APISession.cpp:104
SecurityContext.hpp
Leosac::Module::WebSockAPI::APISession::system_overview
json system_overview(const json &req)
Presents an overview of the system to the end user.
Definition: APISession.cpp:113
Leosac
This is the header file for a generated source file, GitSHA1.cpp.
Definition: APIStatusCode.hpp:22
Leosac::Module::WebSockAPI::APISession::server_
WSServer & server_
The API server.
Definition: APISession.hpp:180
Leosac::Module::WebSockAPI::WSServer
The implementation class that runs the websocket server.
Definition: WSServer.hpp:61
Leosac::Module::WebSockAPI::APISession::AuthStatus::NONE
@ NONE
Leosac::Module::WebSockAPI::APISession::AuthStatus
AuthStatus
Enumeration describing the authentication status of a client.
Definition: APISession.hpp:50
Leosac::Module::WebSockAPI::APISession::auth_status_
AuthStatus auth_status_
Definition: APISession.hpp:181
Leosac::Module::WebSockAPI::APISession::current_token
Auth::TokenPtr current_token() const
Retrieve the currently in-use token, or nullptr.
Definition: APISession.cpp:185
Leosac::Module::WebSockAPI::json
nlohmann::json json
Definition: AccessOverview.hpp:30
Leosac::Auth::UserId
unsigned long UserId
Definition: AuthFwd.hpp:34
Leosac::Module::WebSockAPI::APISession::AuthStatus::LOGGED_IN
@ LOGGED_IN
Leosac::Module::WebSockAPI::APISession
This is the application-level object that provide the API.
Definition: APISession.hpp:42
Leosac::Module::WebSockAPI::APISession::security_context
SecurityContext & security_context() const
Definition: APISession.cpp:205
Leosac::Module::WebSockAPI::APISession::authenticate_with_token
json authenticate_with_token(const json &req)
Attempt to authenticate with a (previously generated) authentication token.
Definition: APISession.cpp:82
Leosac::Module::WebSockAPI::APISession::create_auth_token
json create_auth_token(const json &req)
Generate an authentication token using the user credential, and logs the user in on success.
Definition: APISession.cpp:56
Leosac::Module::WebSockAPI::APISession::current_auth_token_
Auth::TokenPtr current_auth_token_
The token we are authenticated with.
Definition: APISession.hpp:186
Leosac::Module::WebSockAPI::APISession::abort_session
void abort_session()
Abort the current websocket session.
Definition: APISession.cpp:165
Leosac::SecurityContext
A SecurityContext is used to query permission while doing an operation.
Definition: SecurityContext.hpp:40