WordClockESP/lib/framework/SecuritySettingsService.h

#ifndef SecuritySettingsService_h
#define SecuritySettingsService_h

#include <AdminSettingsService.h>
#include <SecurityManager.h>

#define DEFAULT_ADMIN_USERNAME "admin"
#define DEFAULT_GUEST_USERNAME "guest"

#define SECURITY_SETTINGS_FILE "/config/securitySettings.json"
#define SECURITY_SETTINGS_PATH "/rest/securitySettings"

class SecuritySettings {
 public:
  String jwtSecret;
  std::list<User> users;
};

class SecuritySettingsService : public AdminSettingsService<SecuritySettings>, public SecurityManager {
 public:
  SecuritySettingsService(AsyncWebServer* server, FS* fs);
  ~SecuritySettingsService();

  // Functions to implement SecurityManager
  Authentication authenticate(String username, String password);
  Authentication authenticateRequest(AsyncWebServerRequest* request);
  String generateJWT(User* user);
  ArRequestHandlerFunction wrapRequest(ArRequestHandlerFunction onRequest, AuthenticationPredicate predicate);

 protected:
  void readFromJsonObject(JsonObject& root);
  void writeToJsonObject(JsonObject& root);

 private:
  ArduinoJsonJWT _jwtHandler = ArduinoJsonJWT(DEFAULT_JWT_SECRET);

  /*
   * Lookup the user by JWT
   */
  Authentication authenticateJWT(String jwt);

  /*
   * Verify the payload is correct
   */
  boolean validatePayload(JsonObject& parsedPayload, User* user);
};

#endif  // end SecuritySettingsService_h
add security to all admin endpoints 2019-05-29 22:48:16 +00:00			`#ifndef SecuritySettingsService_h`
			`#define SecuritySettingsService_h`

WIP - some documentation 2019-08-10 11:35:26 +00:00			`#include <AdminSettingsService.h>`
add security to all admin endpoints 2019-05-29 22:48:16 +00:00			`#include <SecurityManager.h>`

Interface data storage in PROGMEM (#71) Adds a webpack plugin to package interface as PROGMEM into a header file in the framework. Adds a build flag to optionally enable serving from PROGMEM or SPIFFS as required Adds documentation changes to describe changes 2019-12-29 17:54:12 +00:00			`#define DEFAULT_ADMIN_USERNAME "admin"`
			`#define DEFAULT_GUEST_USERNAME "guest"`

add security to all admin endpoints 2019-05-29 22:48:16 +00:00			`#define SECURITY_SETTINGS_FILE "/config/securitySettings.json"`
			`#define SECURITY_SETTINGS_PATH "/rest/securitySettings"`

External config Allow config to be accessed from outside the framework core code. 2020-02-01 08:44:26 +00:00			`class SecuritySettings {`
			`public:`
			`String jwtSecret;`
			`std::list<User> users;`
			`};`

			`class SecuritySettingsService : public AdminSettingsService<SecuritySettings>, public SecurityManager {`
reformat with .clang-format based on google's spec with some minor changes 2019-12-03 23:16:06 +00:00			`public:`
			`SecuritySettingsService(AsyncWebServer* server, FS* fs);`
			`~SecuritySettingsService();`
add security to all admin endpoints 2019-05-29 22:48:16 +00:00
External config Allow config to be accessed from outside the framework core code. 2020-02-01 08:44:26 +00:00			`// Functions to implement SecurityManager`
			`Authentication authenticate(String username, String password);`
			`Authentication authenticateRequest(AsyncWebServerRequest* request);`
			`String generateJWT(User* user);`
			`ArRequestHandlerFunction wrapRequest(ArRequestHandlerFunction onRequest, AuthenticationPredicate predicate);`

reformat with .clang-format based on google's spec with some minor changes 2019-12-03 23:16:06 +00:00			`protected:`
			`void readFromJsonObject(JsonObject& root);`
			`void writeToJsonObject(JsonObject& root);`
External config Allow config to be accessed from outside the framework core code. 2020-02-01 08:44:26 +00:00
			`private:`
			`ArduinoJsonJWT _jwtHandler = ArduinoJsonJWT(DEFAULT_JWT_SECRET);`

			`/*`
			`* Lookup the user by JWT`
			`*/`
			`Authentication authenticateJWT(String jwt);`

			`/*`
			`* Verify the payload is correct`
			`*/`
			`boolean validatePayload(JsonObject& parsedPayload, User* user);`
add security to all admin endpoints 2019-05-29 22:48:16 +00:00			`};`

reformat with .clang-format based on google's spec with some minor changes 2019-12-03 23:16:06 +00:00			`#endif // end SecuritySettingsService_h`