WIP: basic server, no features

dDashboardServer/auth/AuthMiddleware.cpp

@@ -0,0 +1,132 @@
+#include "AuthMiddleware.h"
+#include "DashboardAuthService.h"
+#include "Game.h"
+#include "Logger.h"
+#include <string>
+#include <cctype>
+
+// Helper to extract cookie value from header
+static std::string ExtractCookieValue(const std::string& cookieHeader, const std::string& cookieName) {
+	std::string searchStr = cookieName + "=";
+	size_t pos = cookieHeader.find(searchStr);
+	
+	if (pos == std::string::npos) {
+		return "";
+	}
+	
+	size_t valueStart = pos + searchStr.length();
+	size_t valueEnd = cookieHeader.find(";", valueStart);
+	
+	if (valueEnd == std::string::npos) {
+		valueEnd = cookieHeader.length();
+	}
+	
+	std::string value = cookieHeader.substr(valueStart, valueEnd - valueStart);
+	
+	// URL decode the value
+	std::string decoded;
+	for (size_t i = 0; i < value.length(); ++i) {
+		if (value[i] == '%' && i + 2 < value.length()) {
+			std::string hex = value.substr(i + 1, 2);
+			char* endptr;
+			int charCode = static_cast<int>(std::strtol(hex.c_str(), &endptr, 16));
+			if (endptr - hex.c_str() == 2) {
+				decoded += static_cast<char>(charCode);
+				i += 2;
+				continue;
+			}
+		}
+		decoded += value[i];
+	}
+	
+	return decoded;
+}
+
+std::string AuthMiddleware::ExtractTokenFromQueryString(const std::string& queryString) {
+	if (queryString.empty()) {
+		return "";
+	}
+
+	// Parse query string to find token parameter
+	// Expected format: "?token=eyJhbGc..."
+	std::string tokenPrefix = "token=";
+	size_t tokenPos = queryString.find(tokenPrefix);
+	
+	if (tokenPos == std::string::npos) {
+		return "";
+	}
+
+	// Extract token value (from "token=" to next "&" or end of string)
+	size_t valueStart = tokenPos + tokenPrefix.length();
+	size_t valueEnd = queryString.find("&", valueStart);
+	
+	if (valueEnd == std::string::npos) {
+		valueEnd = queryString.length();
+	}
+
+	return queryString.substr(valueStart, valueEnd - valueStart);
+}
+
+std::string AuthMiddleware::ExtractTokenFromCookies(const std::string& cookieHeader) {
+	if (cookieHeader.empty()) {
+		return "";
+	}
+
+	// Extract dashboardToken cookie value
+	return ExtractCookieValue(cookieHeader, "dashboardToken");
+}
+
+std::string AuthMiddleware::ExtractTokenFromAuthHeader(const std::string& authHeader) {
+	if (authHeader.empty()) {
+		return "";
+	}
+
+	// Check for "Bearer <token>" format
+	if (authHeader.substr(0, 7) == "Bearer ") {
+		return authHeader.substr(7);
+	}
+
+	// Check for "Token <token>" format
+	if (authHeader.substr(0, 6) == "Token ") {
+		return authHeader.substr(6);
+	}
+
+	// If no prefix, assume raw token
+	return authHeader;
+}
+
+bool AuthMiddleware::Process(HTTPContext& context, HTTPReply& reply) {
+	// Try to extract token from various sources (in priority order)
+	std::string token = ExtractTokenFromQueryString(context.queryString);
+	
+	if (token.empty()) {
+		const std::string& cookieHeader = context.GetHeader("Cookie");
+		token = ExtractTokenFromCookies(cookieHeader);
+	}
+	
+	if (token.empty()) {
+		const std::string& authHeader = context.GetHeader("Authorization");
+		token = ExtractTokenFromAuthHeader(authHeader);
+	}
+
+	// If we found a token, try to verify it
+	if (!token.empty()) {
+		std::string username;
+		uint8_t gmLevel{};
+		
+		if (DashboardAuthService::VerifyToken(token, username, gmLevel)) {
+			context.isAuthenticated = true;
+			context.authenticatedUser = username;
+			context.gmLevel = gmLevel;
+			LOG_DEBUG("User %s authenticated via API token (GM level %d)", username.c_str(), gmLevel);
+			return true;
+		} else {
+			LOG_DEBUG("Invalid authentication token provided");
+			return true;  // Continue - let routes decide if auth is required
+		}
+	}
+
+	// No token found - continue without authentication
+	// Routes can use RequireAuthMiddleware to enforce authentication
+	return true;
+}

dDashboardServer/auth/AuthMiddleware.h

@@ -0,0 +1,34 @@
+#ifndef __AUTHMIDDLEWARE_H__
+#define __AUTHMIDDLEWARE_H__
+
+#include <string>
+#include <memory>
+#include "IHTTPMiddleware.h"
+
+/**
+ * AuthMiddleware: Extracts and verifies authentication tokens
+ * 
+ * Token extraction sources (in priority order):
+ * 1. Query parameter: ?token=eyJhbGc...
+ * 2. Cookie: dashboardToken=...
+ * 3. Authorization header: Bearer <token> or Token <token>
+ * 
+ * Sets HTTPContext.isAuthenticated, HTTPContext.authenticatedUser,
+ * and HTTPContext.gmLevel if token is valid.
+ */
+class AuthMiddleware final : public IHTTPMiddleware {
+public:
+	AuthMiddleware() = default;
+	~AuthMiddleware() override = default;
+
+	bool Process(HTTPContext& context, HTTPReply& reply) override;
+	std::string GetName() const override { return "AuthMiddleware"; }
+
+private:
+	// Extract token from various sources
+	static std::string ExtractTokenFromQueryString(const std::string& queryString);
+	static std::string ExtractTokenFromCookies(const std::string& cookieHeader);
+	static std::string ExtractTokenFromAuthHeader(const std::string& authHeader);
+};
+
+#endif // !__AUTHMIDDLEWARE_H__

dDashboardServer/auth/DashboardAuthService.cpp

@@ -0,0 +1,144 @@
+#include "DashboardAuthService.h"
+#include "JWTUtils.h"
+#include "Database.h"
+#include "Logger.h"
+#include "Game.h"
+#include "dConfig.h"
+#include "GeneralUtils.h"
+#include <bcrypt/bcrypt.h>
+#include <ctime>
+
+namespace {
+	constexpr int64_t LOCKOUT_DURATION = 15 * 60; // 15 minutes in seconds
+
+}
+
+DashboardAuthService::LoginResult DashboardAuthService::Login(
+	const std::string& username, 
+	const std::string& password, 
+	bool rememberMe) {
+
+	LoginResult result;
+
+	if (username.empty() || password.empty()) {
+		result.message = "Username and password are required";
+		return result;
+	}
+
+	if (password.length() > 40) {
+		result.message = "Password exceeds maximum length (40 characters)";
+		return result;
+	}
+
+	try {
+		// Get account info
+		auto accountInfo = Database::Get()->GetAccountInfo(username);
+		if (!accountInfo) {
+			result.message = "Invalid username or password";
+			LOG_DEBUG("Login attempt for non-existent user: %s", username.c_str());
+			return result;
+		}
+
+		uint32_t accountId = accountInfo->id;
+
+		// Check if account is locked
+		bool isLockedOut = Database::Get()->IsLockedOut(accountId);
+
+		if (isLockedOut) {
+			// Record failed attempt even without checking password
+			Database::Get()->RecordFailedAttempt(accountId);
+			uint8_t failedAttempts = Database::Get()->GetFailedAttempts(accountId);
+			
+			result.message = "Account is locked due to too many failed attempts";
+			result.accountLocked = true;
+			LOG("Login attempt on locked account: %s (failed attempts: %d)", username.c_str(), failedAttempts);
+			return result;
+		}
+
+		// Check password
+		if (::bcrypt_checkpw(password.c_str(), accountInfo->bcryptPassword.c_str()) != 0) {
+			// Record failed attempt
+			Database::Get()->RecordFailedAttempt(accountId);
+			uint8_t newFailedAttempts = Database::Get()->GetFailedAttempts(accountId);
+
+			// Lock account after 3 failed attempts
+			if (newFailedAttempts >= 3) {
+				int64_t lockoutUntil = std::time(nullptr) + LOCKOUT_DURATION;
+				Database::Get()->SetLockout(accountId, lockoutUntil);
+				result.message = "Account locked due to too many failed attempts";
+				result.accountLocked = true;
+				LOG("Account locked after failed attempts: %s", username.c_str());
+			} else {
+				result.message = "Invalid username or password";
+				LOG_DEBUG("Failed login attempt for user: %s (attempt %d/3)", 
+					username.c_str(), newFailedAttempts);
+			}
+			return result;
+		}
+
+		// Check GM level
+		if (!HasDashboardAccess(static_cast<uint8_t>(accountInfo->maxGmLevel))) {
+			result.message = "Access denied: insufficient permissions";
+			LOG("Access denied for non-admin user: %s", username.c_str());
+			return result;
+		}
+
+		// Successful login
+		Database::Get()->ClearFailedAttempts(accountId);
+		result.success = true;
+		result.gmLevel = static_cast<uint8_t>(accountInfo->maxGmLevel);
+		result.token = JWTUtils::GenerateToken(username, result.gmLevel, rememberMe);
+		result.message = "Login successful";
+
+		LOG("Successful login: %s (GM Level: %d)", username.c_str(), result.gmLevel);
+		return result;
+
+	} catch (const std::exception& ex) {
+		result.message = "An error occurred during login";
+		LOG("Error during login process: %s", ex.what());
+		return result;
+	}
+}
+
+bool DashboardAuthService::VerifyToken(const std::string& token, std::string& username, uint8_t& gmLevel) {
+	JWTUtils::JWTPayload payload;
+	if (!JWTUtils::ValidateToken(token, payload)) {
+		LOG_DEBUG("Token validation failed: invalid or expired JWT");
+		return false;
+	}
+
+	username = payload.username;
+	gmLevel = payload.gmLevel;
+
+	// Optionally verify user still exists and has access
+	try {
+		auto accountInfo = Database::Get()->GetAccountInfo(username);
+		if (!accountInfo || !HasDashboardAccess(static_cast<uint8_t>(accountInfo->maxGmLevel))) {
+			LOG_DEBUG("Token verification failed: user no longer has access");
+			return false;
+		}
+	} catch (const std::exception& ex) {
+		LOG_DEBUG("Error verifying user during token validation: %s", ex.what());
+		return false;
+	}
+
+	LOG_DEBUG("Token verified successfully for user: %s (GM Level: %d)", username.c_str(), gmLevel);
+	return true;
+}
+
+bool DashboardAuthService::HasDashboardAccess(uint8_t gmLevel) {
+	// Get minimum GM level from config (default 0 = any user)
+	uint8_t minGmLevel = 0;
+	
+	if (Game::config) {
+		const std::string& minGmLevelStr = Game::config->GetValue("min_dashboard_gm_level");
+		if (!minGmLevelStr.empty()) {
+			const auto parsed = GeneralUtils::TryParse<uint8_t>(minGmLevelStr);
+			if (parsed) {
+				minGmLevel = parsed.value();
+			}
+		}
+	}
+	
+	return gmLevel >= minGmLevel;
+}

dDashboardServer/auth/DashboardAuthService.h

@@ -0,0 +1,47 @@
+#pragma once
+
+#include <string>
+#include <cstdint>
+
+/**
+ * Dashboard authentication service
+ * Handles user login, password verification, and account lockout
+ */
+class DashboardAuthService {
+public:
+	/**
+	 * Login result structure
+	 */
+	struct LoginResult {
+		bool success{false};
+		std::string message{};
+		std::string token{}; // JWT token if successful
+		uint8_t gmLevel{0}; // GM level if successful
+		bool accountLocked{false}; // Account is locked out
+	};
+
+	/**
+	 * Attempt to log in with username and password
+	 * @param username The username
+	 * @param password The plaintext password (max 40 characters)
+	 * @param rememberMe If true, extends token expiration to 30 days
+	 * @return LoginResult with success status and JWT token if successful
+	 */
+	static LoginResult Login(const std::string& username, const std::string& password, bool rememberMe = false);
+
+	/**
+	 * Verify that a token is valid and get the username
+	 * @param token The JWT token
+	 * @param username Output parameter for the username
+	 * @param gmLevel Output parameter for the GM level
+	 * @return true if token is valid
+	 */
+	static bool VerifyToken(const std::string& token, std::string& username, uint8_t& gmLevel);
+
+	/**
+	 * Check if user has required GM level for dashboard access
+	 * @param gmLevel The user's GM level
+	 * @return true if user can access dashboard (GM level > 0)
+	 */
+	static bool HasDashboardAccess(uint8_t gmLevel);
+};

dDashboardServer/auth/JWTUtils.cpp

@@ -0,0 +1,186 @@
+#include "JWTUtils.h"
+#include "GeneralUtils.h"
+#include "Logger.h"
+#include "json.hpp"
+#include <ctime>
+#include <cstring>
+#include <openssl/hmac.h>
+#include <openssl/sha.h>
+
+namespace {
+	std::string g_Secret = "default-secret-change-me";
+
+	// Simple base64 encoding
+	std::string Base64Encode(const std::string& input) {
+		static const char* base64_chars = 
+			"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+		std::string ret;
+		int i = 0;
+		unsigned char char_array_3[3];
+		unsigned char char_array_4[4];
+
+		for (size_t n = 0; n < input.length(); n++) {
+			char_array_3[i++] = input[n];
+			if (i == 3) {
+				char_array_4[0] = (char_array_3[0] & 0xfc) >> 2;
+				char_array_4[1] = ((char_array_3[0] & 0x03) << 4) + ((char_array_3[1] & 0xf0) >> 4);
+				char_array_4[2] = ((char_array_3[1] & 0x0f) << 2) + ((char_array_3[2] & 0xc0) >> 6);
+				char_array_4[3] = char_array_3[2] & 0x3f;
+				for (i = 0; i < 4; i++) ret += base64_chars[char_array_4[i]];
+				i = 0;
+			}
+		}
+
+		if (i) {
+			for (int j = i; j < 3; j++) char_array_3[j] = '\0';
+			char_array_4[0] = (char_array_3[0] & 0xfc) >> 2;
+			char_array_4[1] = ((char_array_3[0] & 0x03) << 4) + ((char_array_3[1] & 0xf0) >> 4);
+			char_array_4[2] = ((char_array_3[1] & 0x0f) << 2) + ((char_array_3[2] & 0xc0) >> 6);
+			for (int j = 0; j <= i; j++) ret += base64_chars[char_array_4[j]];
+			while (i++ < 3) ret += '=';
+		}
+
+		return ret;
+	}
+
+	// Simple base64 decoding
+	std::string Base64Decode(const std::string& encoded_string) {
+		static const std::string base64_chars = 
+			"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+		int in_len = encoded_string.size();
+		int i = 0, j = 0, in_ = 0;
+		unsigned char char_array_4[4], char_array_3[3];
+		std::string ret;
+
+		while (in_len-- && (encoded_string[in_] != '=') && 
+			   (isalnum(encoded_string[in_]) || encoded_string[in_] == '+' || encoded_string[in_] == '/')) {
+			char_array_4[i++] = encoded_string[in_]; in_++;
+			if (i == 4) {
+				for (i = 0; i < 4; i++) char_array_4[i] = base64_chars.find(char_array_4[i]);
+				char_array_3[0] = (char_array_4[0] << 2) + ((char_array_4[1] & 0x30) >> 4);
+				char_array_3[1] = ((char_array_4[1] & 0xf) << 4) + ((char_array_4[2] & 0x3c) >> 2);
+				char_array_3[2] = ((char_array_4[2] & 0x3) << 6) + char_array_4[3];
+				for (i = 0; i < 3; i++) ret += char_array_3[i];
+				i = 0;
+			}
+		}
+
+		if (i) {
+			for (j = i; j < 4; j++) char_array_4[j] = 0;
+			for (j = 0; j < 4; j++) char_array_4[j] = base64_chars.find(char_array_4[j]);
+			char_array_3[0] = (char_array_4[0] << 2) + ((char_array_4[1] & 0x30) >> 4);
+			char_array_3[1] = ((char_array_4[1] & 0xf) << 4) + ((char_array_4[2] & 0x3c) >> 2);
+			for (j = 0; j < i - 1; j++) ret += char_array_3[j];
+		}
+
+		return ret;
+	}
+
+	// HMAC-SHA256
+	std::string HmacSha256(const std::string& key, const std::string& message) {
+		unsigned char* digest = HMAC(EVP_sha256(), 
+			reinterpret_cast<const unsigned char*>(key.c_str()), key.length(),
+			reinterpret_cast<const unsigned char*>(message.c_str()), message.length(),
+			nullptr, nullptr);
+		
+		std::string result(reinterpret_cast<char*>(digest), SHA256_DIGEST_LENGTH);
+		return result;
+	}
+
+	// Create signature for JWT
+	std::string CreateSignature(const std::string& header, const std::string& payload, const std::string& secret) {
+		std::string message = header + "." + payload;
+		std::string signature = HmacSha256(secret, message);
+		return Base64Encode(signature);
+	}
+
+	// Verify JWT signature
+	bool VerifySignature(const std::string& header, const std::string& payload, const std::string& signature, const std::string& secret) {
+		std::string expected = CreateSignature(header, payload, secret);
+		return signature == expected;
+	}
+}
+
+namespace JWTUtils {
+	void SetSecretKey(const std::string& secret) {
+		if (secret.empty()) {
+			LOG("Warning: JWT secret key is empty, using default");
+			return;
+		}
+		g_Secret = secret;
+	}
+
+	std::string GenerateToken(const std::string& username, uint8_t gmLevel, bool rememberMe) {
+		// Header
+		std::string header = R"({"alg":"HS256","typ":"JWT"})";
+		std::string encodedHeader = Base64Encode(header);
+
+		// Payload
+		int64_t now = std::time(nullptr);
+		int64_t expiresAt = now + (rememberMe ? 30 * 24 * 60 * 60 : 24 * 60 * 60); // 30 days or 24 hours
+
+		std::string payload = R"({"username":")" + username + R"(","gmLevel":)" + std::to_string(gmLevel) + 
+			R"(,"rememberMe":)" + (rememberMe ? "true" : "false") +
+			R"(,"iat":)" + std::to_string(now) +
+			R"(,"exp":)" + std::to_string(expiresAt) + "}";
+		std::string encodedPayload = Base64Encode(payload);
+
+		// Signature
+		std::string signature = CreateSignature(encodedHeader, encodedPayload, g_Secret);
+
+		return encodedHeader + "." + encodedPayload + "." + signature;
+	}
+
+	bool ValidateToken(const std::string& token, JWTPayload& payload) {
+		// Split token into parts
+		size_t firstDot = token.find('.');
+		size_t secondDot = token.find('.', firstDot + 1);
+
+		if (firstDot == std::string::npos || secondDot == std::string::npos) {
+			LOG_DEBUG("Invalid JWT format");
+			return false;
+		}
+
+		std::string header = token.substr(0, firstDot);
+		std::string encodedPayload = token.substr(firstDot + 1, secondDot - firstDot - 1);
+		std::string signature = token.substr(secondDot + 1);
+
+		// Verify signature
+		if (!VerifySignature(header, encodedPayload, signature, g_Secret)) {
+			LOG_DEBUG("Invalid JWT signature");
+			return false;
+		}
+
+		// Decode and parse payload
+		std::string decodedPayload = Base64Decode(encodedPayload);
+		try {
+			auto json = nlohmann::json::parse(decodedPayload);
+			
+			payload.username = json.value("username", "");
+			payload.gmLevel = json.value("gmLevel", 0);
+			payload.rememberMe = json.value("rememberMe", false);
+			payload.issuedAt = json.value("iat", 0);
+			payload.expiresAt = json.value("exp", 0);
+
+			if (payload.username.empty()) {
+				LOG_DEBUG("JWT missing username");
+				return false;
+			}
+
+			// Check expiration
+			if (IsTokenExpired(payload.expiresAt)) {
+				LOG_DEBUG("JWT token expired");
+				return false;
+			}
+
+			return true;
+		} catch (const std::exception& ex) {
+			LOG_DEBUG("Error parsing JWT payload: %s", ex.what());
+			return false;
+		}
+	}
+
+	bool IsTokenExpired(int64_t expiresAt) {
+		return std::time(nullptr) > expiresAt;
+	}
+}

dDashboardServer/auth/JWTUtils.h

@@ -0,0 +1,52 @@
+#pragma once
+
+#include <string>
+#include <ctime>
+#include "json_fwd.hpp"
+
+/**
+ * JWT Token utilities for dashboard authentication
+ * Provides secure token generation, validation, and parsing
+ */
+namespace JWTUtils {
+	/**
+	 * JWT payload structure
+	 */
+	struct JWTPayload {
+		std::string username{};
+		uint8_t gmLevel{0};
+		bool rememberMe{false};
+		int64_t issuedAt{0};
+		int64_t expiresAt{0};
+	};
+
+	/**
+	 * Generate a new JWT token
+	 * @param username The username to encode in the token
+	 * @param gmLevel The GM level of the user
+	 * @param rememberMe If true, extends token expiration to 30 days; otherwise 24 hours
+	 * @return Signed JWT token string
+	 */
+	std::string GenerateToken(const std::string& username, uint8_t gmLevel, bool rememberMe = false);
+
+	/**
+	 * Validate and decode a JWT token
+	 * @param token The JWT token to validate
+	 * @param payload Output parameter for the decoded payload
+	 * @return true if token is valid and not expired, false otherwise
+	 */
+	bool ValidateToken(const std::string& token, JWTPayload& payload);
+
+	/**
+	 * Check if a token is expired
+	 * @param expiresAt Expiration timestamp
+	 * @return true if token is expired
+	 */
+	bool IsTokenExpired(int64_t expiresAt);
+
+	/**
+	 * Set the JWT secret key (must be called once at startup)
+	 * @param secret The secret key for signing tokens
+	 */
+	void SetSecretKey(const std::string& secret);
+}

dDashboardServer/auth/RequireAuthMiddleware.cpp

@@ -0,0 +1,35 @@
+#include "RequireAuthMiddleware.h"
+#include "HTTPContext.h"
+#include "Web.h"
+#include "Game.h"
+#include "Logger.h"
+
+RequireAuthMiddleware::RequireAuthMiddleware(uint8_t minGmLevel) : minGmLevel(minGmLevel) {}
+
+bool RequireAuthMiddleware::Process(HTTPContext& context, HTTPReply& reply) {
+	// Check if user is authenticated
+	if (!context.isAuthenticated) {
+		LOG_DEBUG("Unauthorized access attempt to %s from %s", context.path.c_str(), context.clientIP.c_str());
+		reply.status = eHTTPStatusCode::FOUND;
+		reply.message = "";
+		reply.location = "/login";
+		reply.contentType = eContentType::TEXT_HTML;
+		return false;  // Stop middleware chain and send reply
+	}
+
+	// Check if user has required GM level
+	if (context.gmLevel < minGmLevel) {
+		LOG_DEBUG("Forbidden access attempt by user %s (GM level %d < %d required) to %s from %s",
+			context.authenticatedUser.c_str(), context.gmLevel, minGmLevel, 
+			context.path.c_str(), context.clientIP.c_str());
+		reply.status = eHTTPStatusCode::FORBIDDEN;
+		reply.message = "{\"error\":\"Forbidden - Insufficient permissions\"}";
+		reply.contentType = eContentType::APPLICATION_JSON;
+		return false;  // Stop middleware chain and send reply
+	}
+
+	// Authentication passed
+	LOG_DEBUG("User %s authenticated with GM level %d accessing %s",
+		context.authenticatedUser.c_str(), context.gmLevel, context.path.c_str());
+	return true;  // Continue to next middleware or route handler
+}

dDashboardServer/auth/RequireAuthMiddleware.h

@@ -0,0 +1,30 @@
+#ifndef __REQUIREAUTHMIDDLEWARE_H__
+#define __REQUIREAUTHMIDDLEWARE_H__
+
+#include <memory>
+#include <cstdint>
+#include "IHTTPMiddleware.h"
+
+/**
+ * RequireAuthMiddleware: Enforces authentication on protected routes
+ * 
+ * Returns 401 Unauthorized if user is not authenticated
+ * Returns 403 Forbidden if user's GM level is below minimum required
+ */
+class RequireAuthMiddleware final : public IHTTPMiddleware {
+public:
+	/**
+	 * @param minGmLevel Minimum GM level required to access this route
+	 *                   0 = any authenticated user, higher numbers = GM-only
+	 */
+	explicit RequireAuthMiddleware(uint8_t minGmLevel = 0);
+	~RequireAuthMiddleware() override = default;
+
+	bool Process(HTTPContext& context, HTTPReply& reply) override;
+	std::string GetName() const override { return "RequireAuthMiddleware"; }
+
+private:
+	uint8_t minGmLevel;
+};
+
+#endif // !__REQUIREAUTHMIDDLEWARE_H__