WIP

2026-06-30 02:24:21 +00:00 · 2026-03-26 09:56:29 -05:00
parent 8372202d8f
commit f658da19a3
27 changed files with 1669 additions and 685 deletions
--- a/dDashboardServer/auth/AuthTokenHandler.h
+++ b/dDashboardServer/auth/AuthTokenHandler.h
@@ -0,0 +1,90 @@
+#pragma once
+
+#include <string>
+#include <cstdint>
+
+/**
+ * Centralized authentication token handler
+ * Consolidates token extraction from multiple sources and validation
+ * Used by both HTTP API routes and WebSocket connections
+ */
+class AuthTokenHandler {
+public:
+	/**
+	 * Result of token extraction and validation
+	 */
+	struct TokenValidationResult {
+		bool isValid{false};
+		std::string username{};
+		uint8_t gmLevel{0};
+		std::string errorMessage{};
+	};
+
+	/**
+	 * Extract token from query string
+	 * Expected format: "?token=eyJhbGc..." or "?token=xyz&other=abc"
+	 * @param queryString The query string from the request
+	 * @return The token value, or empty string if not found
+	 */
+	static std::string ExtractTokenFromQueryString(const std::string& queryString);
+
+	/**
+	 * Extract token from Cookie header
+	 * Looks for "dashboardToken=<value>" in the cookie string
+	 * @param cookieHeader The Cookie header value
+	 * @return The token value, or empty string if not found
+	 */
+	static std::string ExtractTokenFromCookieHeader(const std::string& cookieHeader);
+
+	/**
+	 * Extract token from Authorization header
+	 * Supports "Bearer <token>", "Token <token>", or raw token
+	 * @param authHeader The Authorization header value
+	 * @return The token value, or empty string if not found
+	 */
+	static std::string ExtractTokenFromAuthHeader(const std::string& authHeader);
+
+	/**
+	 * Extract token from any available source
+	 * Tries in priority order: query string, cookie, auth header
+	 * @param queryString The query string
+	 * @param cookieHeader The Cookie header
+	 * @param authHeader The Authorization header
+	 * @return The first token found, or empty string
+	 */
+	static std::string ExtractToken(
+		const std::string& queryString,
+		const std::string& cookieHeader,
+		const std::string& authHeader
+	);
+
+	/**
+	 * Validate a token and extract user information
+	 * Checks JWT signature, expiration, and user permissions
+	 * @param token The JWT token
+	 * @return TokenValidationResult with validity status and user info
+	 */
+	static TokenValidationResult ValidateToken(const std::string& token);
+
+	/**
+	 * Convenience method: Extract and validate token in one call
+	 * @param queryString Query string from request
+	 * @param cookieHeader Cookie header from request
+	 * @param authHeader Authorization header from request
+	 * @return TokenValidationResult with validity status and user info
+	 */
+	static TokenValidationResult ExtractAndValidateToken(
+		const std::string& queryString,
+		const std::string& cookieHeader,
+		const std::string& authHeader
+	);
+
+	/**
+	 * Process authentication for HTTP middleware use
+	 * Extracts and validates token from request, sets HTTPContext properties
+	 * @param context HTTP request context (modified to include auth info)
+	 * @param reply HTTP reply (not modified unless validation fails silently)
+	 * @return true to continue middleware chain, false to stop
+	 */
+	static bool ProcessHTTPContext(class HTTPContext& context, class HTTPReply& reply);
+};