diff options
Diffstat (limited to 'src/chttpd/src/chttpd_auth.erl')
-rw-r--r-- | src/chttpd/src/chttpd_auth.erl | 98 |
1 files changed, 0 insertions, 98 deletions
diff --git a/src/chttpd/src/chttpd_auth.erl b/src/chttpd/src/chttpd_auth.erl deleted file mode 100644 index 20b5a05f1..000000000 --- a/src/chttpd/src/chttpd_auth.erl +++ /dev/null @@ -1,98 +0,0 @@ -% Licensed under the Apache License, Version 2.0 (the "License"); you may not -% use this file except in compliance with the License. You may obtain a copy of -% the License at -% -% http://www.apache.org/licenses/LICENSE-2.0 -% -% Unless required by applicable law or agreed to in writing, software -% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -% License for the specific language governing permissions and limitations under -% the License. - --module(chttpd_auth). - --export([authenticate/2]). --export([authorize/2]). - --export([default_authentication_handler/1]). --export([cookie_authentication_handler/1]). --export([proxy_authentication_handler/1]). --export([jwt_authentication_handler/1]). --export([party_mode_handler/1]). - --export([handle_session_req/1]). - --include_lib("couch/include/couch_db.hrl"). - --define(SERVICE_ID, chttpd_auth). - -%% ------------------------------------------------------------------ -%% API Function Definitions -%% ------------------------------------------------------------------ - -authenticate(HttpReq, Default) -> - maybe_handle(authenticate, [HttpReq], Default). - -authorize(HttpReq, Default) -> - maybe_handle(authorize, [HttpReq], Default). - -%% ------------------------------------------------------------------ -%% Default callbacks -%% ------------------------------------------------------------------ - -default_authentication_handler(Req) -> - couch_httpd_auth:default_authentication_handler(Req, chttpd_auth_cache). - -cookie_authentication_handler(Req) -> - couch_httpd_auth:cookie_authentication_handler(Req, chttpd_auth_cache). - -proxy_authentication_handler(Req) -> - couch_httpd_auth:proxy_authentication_handler(Req). - -jwt_authentication_handler(Req) -> - couch_httpd_auth:jwt_authentication_handler(Req). - -party_mode_handler(#httpd{method = 'POST', path_parts = [<<"_session">>]} = Req) -> - % See #1947 - users should always be able to attempt a login - Req#httpd{user_ctx = #user_ctx{}}; -party_mode_handler(#httpd{path_parts = [<<"_up">>]} = Req) -> - RequireValidUser = config:get_boolean("chttpd", "require_valid_user", false), - RequireValidUserExceptUp = config:get_boolean( - "chttpd", "require_valid_user_except_for_up", false - ), - require_valid_user(Req, RequireValidUser andalso not RequireValidUserExceptUp); -party_mode_handler(Req) -> - RequireValidUser = config:get_boolean("chttpd", "require_valid_user", false), - RequireValidUserExceptUp = config:get_boolean( - "chttpd", "require_valid_user_except_for_up", false - ), - require_valid_user(Req, RequireValidUser orelse RequireValidUserExceptUp). - -require_valid_user(_Req, true) -> - throw({unauthorized, <<"Authentication required.">>}); -require_valid_user(Req, false) -> - case config:get("admins") of - [] -> - Req#httpd{user_ctx = ?ADMIN_USER}; - _ -> - Req#httpd{user_ctx = #user_ctx{}} - end. - -handle_session_req(Req) -> - couch_httpd_auth:handle_session_req(Req, chttpd_auth_cache). - -%% ------------------------------------------------------------------ -%% Internal Function Definitions -%% ------------------------------------------------------------------ - -maybe_handle(Func, Args, Default) -> - Handle = couch_epi:get_handle(?SERVICE_ID), - case couch_epi:decide(Handle, ?SERVICE_ID, Func, Args, []) of - no_decision when is_function(Default) -> - apply(Default, Args); - no_decision -> - Default; - {decided, Result} -> - Result - end. |