Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- component persistent="false" accessors="true" output="false" {
- public any function authenticateReuqest(required string verb,required string cfc,required struct requestArguments,required struct requestHeaders) {
- // Check for Authorisation headers
- if(not structkeyexists(arguments.requestHeaders,"Authorization")) {
- return createAuthenticationRequiredMessage("Authentication Required");
- }
- // Check Authorization valid
- local.apiAccess=retrieveApiUserFromAuthorizationHeader(arguments.requestHeaders["Authorization"]);
- if(not len(local.apiAccess)) {
- return createAuthenticationRequiredMessage("Invalid login credentials provided");
- }
- if(local.apiAccess eq true) {
- return true;
- }
- return createAuthenticationRequiredMessage("Invalid login credentials provided");
- }
- public any function createAuthenticationRequiredMessage(string message) {
- local.bodyContent=structnew();
- local.returnHeaders=structnew();
- local.reponseObject=createObject("component","taffy.core.genericRepresentation");
- bodycontent.msg=arguments.message;
- structinsert(local.returnHeaders,"WWW-Authenticate","Basic realm=""App API - #arguments.message#""");
- return reponseObject.setData(local.bodyContent).withStatus(401).withHeaders(local.returnHeaders);
- }
- public any function retrieveApiUserFromAuthorizationHeader(required string authorizationHeader) {
- local.decodedAuthHeader=tostring(tobinary(listlast(arguments.authorizationHeader," ")));
- local.username=ListFirst(local.decodedAuthHeader,":");
- local.password=Listlast(local.decodedAuthHeader,":");
- return validateLoginCredentials(local.username,local.password);
- }
- public any function validateLoginCredentials(required string login,required string password) {
- local.result=getDAO().readByUserNameandPassword(arguments.login,arguments.password);
- // If we have a match return true
- if(!isNull(local.result)) {
- return true;
- }
- // Default is always false.
- return False;
- }
- }
Add Comment
Please, Sign In to add comment