Expose digest auth checking functions

PUBLISHED_FROM=1bfc6e332f56b68eb6155bb729a97a0d8d5a316c

Expose digest auth checking functions
PUBLISHED_FROM=1bfc6e332f56b68eb6155bb729a97a0d8d5a316c
9ab6d084 · Dmitry Frank · Cesanta Bot · cf8d0a25 · 9ab6d084 · 9ab6d084
Commit 9ab6d084 authored 7 years ago by Dmitry Frank Committed by Cesanta Bot 7 years ago
5 changed files
--- a/docs/c-api/http.h/intro.md
+++ b/docs/c-api/http.h/intro.md
@@ -5,6 +5,8 @@ decl_name: "http.h"
 items:
  - { name: mg_connect_ws.md }
  - { name: mg_connect_ws_opt.md }
+  - { name: mg_http_is_authorized.md }
+  - { name: mg_http_send_digest_auth_request.md }
  - { name: mg_printf_websocket_frame.md }
  - { name: mg_send_websocket_frame.md }
  - { name: mg_send_websocket_framev.md }

--- a/docs/c-api/http.h/mg_http_is_authorized.md
+++ b/docs/c-api/http.h/mg_http_is_authorized.md
+---
+title: "mg_http_is_authorized()"
+decl_name: "mg_http_is_authorized"
+symbol_kind: "func"
+signature: |
+  int mg_http_is_authorized(struct http_message *hm, struct mg_str path,
+                            int is_directory, const char *domain,
+                            const char *passwords_file, int is_global_pass_file);
+---
+
+Checks whether an http request is authorized. `domain` is the authentication
+realm, `passwords_file` is a htdigest file (can be created e.g. with
+`htdigest` utility). If either `domain` or `passwords_file` is NULL, this
+function always returns 1; otherwise checks the authentication in the
+http request and returns 1 only if there is a match; 0 otherwise. 
+
--- a/docs/c-api/http.h/mg_http_send_digest_auth_request.md
+++ b/docs/c-api/http.h/mg_http_send_digest_auth_request.md
+---
+title: "mg_http_send_digest_auth_request()"
+decl_name: "mg_http_send_digest_auth_request"
+symbol_kind: "func"
+signature: |
+  void mg_http_send_digest_auth_request(struct mg_connection *c,
+                                        const char *domain);
+---
+
+Sends 401 Unauthorized response. 
+
--- a/mongoose.c
+++ b/mongoose.c
@@ -7363,10 +7363,9 @@ int mg_check_digest_auth(struct mg_str method, struct mg_str uri,
  return 0;
 }

-static int mg_http_is_authorized(struct http_message *hm, struct mg_str path,
-                                 int is_directory, const char *domain,
-                                 const char *passwords_file,
-                                 int is_global_pass_file) {
+int mg_http_is_authorized(struct http_message *hm, struct mg_str path,
+                          int is_directory, const char *domain,
+                          const char *passwords_file, int is_global_pass_file) {
  char buf[MG_MAX_PATH];
  const char *p;
  FILE *fp;
@@ -7399,10 +7398,9 @@ static int mg_http_is_authorized(struct http_message *hm, struct mg_str path,
  return authorized;
 }
 #else
-static int mg_http_is_authorized(struct http_message *hm,
-                                 const struct mg_str path, int is_directory,
-                                 const char *domain, const char *passwords_file,
-                                 int is_global_pass_file) {
+int mg_http_is_authorized(struct http_message *hm, const struct mg_str path,
+                          int is_directory, const char *domain,
+                          const char *passwords_file, int is_global_pass_file) {
  (void) hm;
  (void) path;
  (void) is_directory;
@@ -7942,8 +7940,8 @@ MG_INTERNAL int mg_is_not_modified(struct http_message *hm, cs_stat_t *st) {
  }
 }

-static void mg_http_send_digest_auth_request(struct mg_connection *c,
-                                             const char *domain) {
+void mg_http_send_digest_auth_request(struct mg_connection *c,
+                                      const char *domain) {
  mg_printf(c,
            "HTTP/1.1 401 Unauthorized\r\n"
            "WWW-Authenticate: Digest qop=\"auth\", "

--- a/mongoose.h
+++ b/mongoose.h
@@ -4541,6 +4541,23 @@ extern void mg_hash_md5_v(size_t num_msgs, const uint8_t *msgs[],
 extern void mg_hash_sha1_v(size_t num_msgs, const uint8_t *msgs[],
                           const size_t *msg_lens, uint8_t *digest);

+/*
+ * Checks whether an http request is authorized. `domain` is the authentication
+ * realm, `passwords_file` is a htdigest file (can be created e.g. with
+ * `htdigest` utility). If either `domain` or `passwords_file` is NULL, this
+ * function always returns 1; otherwise checks the authentication in the
+ * http request and returns 1 only if there is a match; 0 otherwise.
+ */
+int mg_http_is_authorized(struct http_message *hm, struct mg_str path,
+                          int is_directory, const char *domain,
+                          const char *passwords_file, int is_global_pass_file);
+
+/*
+ * Sends 401 Unauthorized response.
+ */
+void mg_http_send_digest_auth_request(struct mg_connection *c,
+                                      const char *domain);
+
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */