Untitled

component  persistent="false" accessors="true" output="false" {

	public any function authenticateReuqest(required string verb,required string cfc,required struct requestArguments,required struct requestHeaders) {

		// Check for Authorisation headers
		if(not structkeyexists(arguments.requestHeaders,"Authorization")) {
			return createAuthenticationRequiredMessage("Authentication Required");
		}

		// Check Authorization valid
		local.apiAccess=retrieveApiUserFromAuthorizationHeader(arguments.requestHeaders["Authorization"]);

		if(not len(local.apiAccess)) {
			return createAuthenticationRequiredMessage("Invalid login credentials provided");
		}
		if(local.apiAccess eq true) {
			return true;
		}
		return createAuthenticationRequiredMessage("Invalid login credentials provided");
	}

	public any function createAuthenticationRequiredMessage(string message) {
		local.bodyContent=structnew();
		local.returnHeaders=structnew();
		local.reponseObject=createObject("component","taffy.core.genericRepresentation");
		bodycontent.msg=arguments.message;
		structinsert(local.returnHeaders,"WWW-Authenticate","Basic realm=""App API - #arguments.message#""");
		return reponseObject.setData(local.bodyContent).withStatus(401).withHeaders(local.returnHeaders);
	}

	public any function retrieveApiUserFromAuthorizationHeader(required string authorizationHeader) {
		local.decodedAuthHeader=tostring(tobinary(listlast(arguments.authorizationHeader," ")));
		local.username=ListFirst(local.decodedAuthHeader,":");
		local.password=Listlast(local.decodedAuthHeader,":");
		return validateLoginCredentials(local.username,local.password);
	}

	public any function validateLoginCredentials(required string login,required string password) {
		local.result=getDAO().readByUserNameandPassword(arguments.login,arguments.password);
		// If we have a match return true
		if(!isNull(local.result)) {
			return true;
		}
		// Default is always false.
		return False;
	}

}