mirror/tomahawk
1
0
Fork 0
mirror of https://github.com/tomahawk-player/tomahawk.git synced 2025-07-31 03:10:12 +02:00
Code Issues Releases Wiki Activity

Add authentication scaffold

Browse Source
This commit is contained in:
Uwe L. Korn
2013-06-21 23:59:38 +02:00
parent aebc8bcb8a
commit 5e0ae4fda1
2 changed files with 40 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/tomahawk/web/Api_v2_0.cpp
View File

@@ -47,6 +47,10 @@ Api_v2_0::ping( QxtWebRequestEvent* event )
void void
Api_v2_0::playback( QxtWebRequestEvent* event, const QString& command ) Api_v2_0::playback( QxtWebRequestEvent* event, const QString& command )
{ {
if ( !checkAuthentication( event ) )
{
return;
}
if ( command == "next ") if ( command == "next ")
{ {
JSON_REPLY( QMetaObject::invokeMethod( AudioEngine::instance(), "next", Qt::QueuedConnection ) , "Skipping to the next track failed." ); JSON_REPLY( QMetaObject::invokeMethod( AudioEngine::instance(), "next", Qt::QueuedConnection ) , "Skipping to the next track failed." );
@@ -86,7 +90,8 @@ Api_v2_0::playback( QxtWebRequestEvent* event, const QString& command )
} }
void Api_v2_0::jsonReply( QxtWebRequestEvent* event, const char* funcInfo, const QString& errorMessage, bool isError ) void
Api_v2_0::jsonReply( QxtWebRequestEvent* event, const char* funcInfo, const QString& errorMessage, bool isError )
{ {
if ( isError ) if ( isError )
{ {
@@ -99,3 +104,26 @@ void Api_v2_0::jsonReply( QxtWebRequestEvent* event, const char* funcInfo, const
} }
} }
void
Api_v2_0::jsonUnauthenticated( QxtWebRequestEvent *event )
{
QxtWebPageEvent * e = new QxtWebPageEvent( event->sessionID, event->requestID, "{ result: \"error\", error: \"Method call needs to be authenticated.\" }" );
e->contentType = "application/json";
e->status = 401;
e->statusMessage = "Method call needs to be authenticated.";
m_service->postEvent( e );
}
bool
Api_v2_0::checkAuthentication( QxtWebRequestEvent* event )
{
// TODO: Auth!
// * SSL client certificate
// * Shared secret between two clients when talking via SSL
// * sth else when connecting without httpS
// * a more secure version of digest auth
return true;
}

11
src/tomahawk/web/Api_v2_0.h
View File

@@ -48,12 +48,23 @@ public slots:
*/ */
void playback( QxtWebRequestEvent* event, const QString& command ); void playback( QxtWebRequestEvent* event, const QString& command );
private: private:
/**
* Check the current HTTP request is correctly authenticated via any of the possible authentication schemes.
*/
bool checkAuthentication( QxtWebRequestEvent* event );
/** /**
* Send a simple reply to a (write-only) method call. * Send a simple reply to a (write-only) method call.
* *
* On failure send a custom error message. * On failure send a custom error message.
*/ */
void jsonReply( QxtWebRequestEvent* event, const char* funcInfo, const QString& errorMessage, bool isError ); void jsonReply( QxtWebRequestEvent* event, const char* funcInfo, const QString& errorMessage, bool isError );
/**
* Send a reply that the made call lacks the needed authentication
*/
void jsonUnauthenticated( QxtWebRequestEvent* event );
Api_v2* m_service; Api_v2* m_service;
}; };