hunt.framework.middleware.AuthMiddleware source code

1 module hunt.framework.middleware.AuthMiddleware;
2 
3 import hunt.framework.middleware.MiddlewareInterface;
4 
5 import hunt.framework.application.Application;
6 import hunt.framework.auth.Auth;
7 import hunt.framework.auth.AuthOptions;
8 import hunt.framework.auth.Claim;
9 import hunt.framework.auth.ClaimTypes;
10 import hunt.framework.auth.Identity;
11 import hunt.framework.auth.UserService;
12 import hunt.framework.config.ApplicationConfig;
13 import hunt.framework.http.RedirectResponse;
14 import hunt.framework.http.Request;
15 import hunt.framework.http.Response;
16 import hunt.framework.http.UnauthorizedResponse;
17 import hunt.framework.Init;
18 import hunt.framework.provider.ServiceProvider;
19 import hunt.framework.Simplify;
20 
21 
22 import hunt.http.HttpHeader;
23 import hunt.http.AuthenticationScheme;
24 import hunt.logging.ConsoleLogger;
25 
26 import std.base64;
27 import std.range;
28 import std.string;
29 
30 /**
31  * 
32  */
33 class AuthMiddleware : AbstractMiddleware {
34     shared static this() {
35         MiddlewareInterface.register!(typeof(this));
36     }
37 
38     protected bool onAccessable(Request request) {
39         return true;
40     }
41 
42     protected Response onRejected(Request request) {
43         if(request.isRestful()) {
44             return new UnauthorizedResponse("", true);
45         } else {
46             ApplicationConfig.AuthConf appConfig = app().config().auth;
47             string unauthorizedUrl = appConfig.unauthorizedUrl;
48             if(unauthorizedUrl.empty ) {
49                 return new UnauthorizedResponse("", false, request.auth().scheme());
50             } else {
51                 return new RedirectResponse(request, unauthorizedUrl);
52             }
53         }            
54     } 
55 
56     Response onProcess(Request request, Response response = null) {
57         version(HUNT_AUTH_DEBUG) {
58             infof("path: %s, method: %s", request.path(), request.method );
59         }
60 
61         
62         Auth auth = request.auth();
63         if(!auth.isEnabled()) {
64             warning("The auth is disabled. Are you sure that the guard is defined?");
65             return onRejected(request);
66         }
67 
68         // FIXME: Needing refactor or cleanup -@zhangxueping at 2020-08-04T18:03:55+08:00
69         // More tests are needed
70         // Identity user = auth.user();
71         // try {
72         //     if(user.isAuthenticated()) {
73         //         version(HUNT_DEBUG) {
74         //             string fullName = user.fullName();
75         //             infof("User [%s / %s] has already logged in.",  user.name(), fullName);
76         //         }
77         //         return null;
78         //     }
79         // } catch(Exception ex) {
80         //     warning(ex.msg);
81         //     version(HUNT_DEBUG) warning(ex);
82         // }
83 
84         Identity user = auth.signIn();
85         if(user.isAuthenticated()) {
86             version(HUNT_DEBUG) {
87                 string fullName = user.fullName();
88                 infof("User [%s / %s] logged in.",  user.name(), fullName);
89             }
90 
91             if(onAccessable(request)) return null;	
92         }
93         
94         return onRejected(request);
95     }    
96 }