mirror/tomahawk
1
0
Fork 0
mirror of https://github.com/tomahawk-player/tomahawk.git synced 2025-04-21 00:12:06 +02:00
Code Issues Releases Wiki Activity

Add authentication scaffold

Browse Source
This commit is contained in:
Uwe L. Korn 2013-06-21 23:59:38 +02:00
parent aebc8bcb8a
commit 5e0ae4fda1
2 changed files with 40 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/tomahawk/web/Api_v2_0.cpp
View File

@ -47,6 +47,10 @@ Api_v2_0::ping( QxtWebRequestEvent* event )
void
Api_v2_0::playback( QxtWebRequestEvent* event, const QString& command )
{
if ( !checkAuthentication( event ) )
{
return;
}
if ( command == "next ")
{
JSON_REPLY( QMetaObject::invokeMethod( AudioEngine::instance(), "next", Qt::QueuedConnection ) , "Skipping to the next track failed." );
@ -86,7 +90,8 @@ Api_v2_0::playback( QxtWebRequestEvent* event, const QString& command )
}
void Api_v2_0::jsonReply( QxtWebRequestEvent* event, const char* funcInfo, const QString& errorMessage, bool isError )
void
Api_v2_0::jsonReply( QxtWebRequestEvent* event, const char* funcInfo, const QString& errorMessage, bool isError )
{
if ( isError )
{
@ -99,3 +104,26 @@ void Api_v2_0::jsonReply( QxtWebRequestEvent* event, const char* funcInfo, const
}
}
void
Api_v2_0::jsonUnauthenticated( QxtWebRequestEvent *event )
{
QxtWebPageEvent * e = new QxtWebPageEvent( event->sessionID, event->requestID, "{ result: \"error\", error: \"Method call needs to be authenticated.\" }" );
e->contentType = "application/json";
e->status = 401;
e->statusMessage = "Method call needs to be authenticated.";
m_service->postEvent( e );
}
bool
Api_v2_0::checkAuthentication( QxtWebRequestEvent* event )
{
// TODO: Auth!
// * SSL client certificate
// * Shared secret between two clients when talking via SSL
// * sth else when connecting without httpS
// * a more secure version of digest auth
return true;
}

11
src/tomahawk/web/Api_v2_0.h
View File

@ -48,12 +48,23 @@ public slots:
*/
void playback( QxtWebRequestEvent* event, const QString& command );
private:
/**
* Check the current HTTP request is correctly authenticated via any of the possible authentication schemes.
*/
bool checkAuthentication( QxtWebRequestEvent* event );
/**
* Send a simple reply to a (write-only) method call.
*
* On failure send a custom error message.
*/
void jsonReply( QxtWebRequestEvent* event, const char* funcInfo, const QString& errorMessage, bool isError );
/**
* Send a reply that the made call lacks the needed authentication
*/
void jsonUnauthenticated( QxtWebRequestEvent* event );
Api_v2* m_service;
};