All Downloads are FREE. Search and download functionalities are using the official Maven repository.
  • Log In
  • Register

    • de.tsl2.nano.h5.RESTDynamic Maven / Gradle / Ivy

    Go to download

    TSL2 Framework Html5 Extensions (WebServer, Html5Presentation, RuleCover, BeanConfigurator, LogicTable-Sheet, Expression-Descriptors for Actions, Rules, URLs, Queries)

    There is a newer version: 2.5.3
    Show newest version
    package de.tsl2.nano.h5;

import java.util.Map;

import de.tsl2.nano.core.ENV;
import de.tsl2.nano.h5.NanoHTTPD.Response;
import de.tsl2.nano.serviceaccess.Authorization;
import de.tsl2.nano.serviceaccess.IAuthorization;

/**
 * @author Thomas Schneider
 */
public class RESTDynamic extends ARESTDynamic {
	
	@Override
	void checkAuthentication(String url, String method, Map header) throws SecurityException {
		if (ENV.get("app.login.administration", true))
			return;
		super.checkAuthentication(url, method, header);
		if (preAuthenticatedSession(header))
			return;
		getAuthentication(header);
	}

	private boolean preAuthenticatedSession(Map header) {
		NanoH5Session session = (NanoH5Session) header.get(H5SESSION);
		return session != null && WebSecurity.getSessionID(header, session.getInetAddress()).equals(session.getKey());
	}

	private IAuthorization getAuthentication(Map header) {
		String user = header.get("user");
		String passwd = header.get("password");
		if (user == null || passwd == null || Users.load().auth(user, passwd) == null)
			throw new SecurityException("not authenticated");
		return Authorization.create(user, Boolean.getBoolean("app.login.secure"));
	}

	@Override
	public void checkAuthorization(String beanName, String actionOrAttribute, Map header) throws IllegalAccessException {
		if (ENV.get("app.login.administration", true))
			return;
//		if (!getAuthentication(header).hasAccess(beanName, actionOrAttribute))
//			throw new IllegalAccessException("not authorized");
	}

	@Override
	Response createResponse(Status status, String message) {
		return createResponse(status, NanoHTTPD.MIME_PLAINTEXT, message);
	}

	Response createResponse(Status status, String mimeType, String message) {
		return NanoH5.createResponse(Response.Status.lookup(status.http()), mimeType, message);
	}

}




    © 2015 - 2025 Weber Informatics LLC | Privacy Policy