summaryrefslogtreecommitdiff
path: root/src/catlfish_web.erl
diff options
context:
space:
mode:
authorMagnus Ahltorp <map@kth.se>2015-02-26 16:54:26 +0100
committerMagnus Ahltorp <map@kth.se>2015-02-27 14:24:21 +0100
commit103e0ee850404a5c8dc69bbbf79b2508a9c55d7a (patch)
tree1d05d9cb84e2c88931742ee442a5001d6a2e9e62 /src/catlfish_web.erl
parent6aefb4c34f49ee44ed65b961e941fea705344458 (diff)
Added authentication between frontend and storage nodes
Diffstat (limited to 'src/catlfish_web.erl')
-rw-r--r--src/catlfish_web.erl32
1 files changed, 28 insertions, 4 deletions
diff --git a/src/catlfish_web.erl b/src/catlfish_web.erl
index 9869b21..5ee5743 100644
--- a/src/catlfish_web.erl
+++ b/src/catlfish_web.erl
@@ -11,15 +11,31 @@ start(Options, Module) ->
end,
mochiweb_http:start([{name, Module}, {loop, Loop} | Options]).
+
+add_auth(Path, {Code, Headers, Data}) ->
+ AuthHeader = http_auth:create_auth("REPLY", Path, Data),
+ lager:debug("sent auth header: ~p", [AuthHeader]),
+ {Code, [{"X-Catlfish-Auth", AuthHeader} | Headers], Data}.
+
loop(Req, Module) ->
"/" ++ Path = Req:get(path),
try
Starttime = os:timestamp(),
+ AuthHeader = Req:get_header_value("X-Catlfish-Auth"),
case Req:get(method) of
'GET' ->
Query = Req:parse_qs(),
- lager:debug("GET ~p ~p", [Path, Query]),
- Result = Module:request(get, Path, Query),
+ {_, RawQuery, _} = mochiweb_util:urlsplit_path(Req:get(raw_path)),
+ Result = case http_auth:verify_auth(AuthHeader, "GET", "/" ++ Path, RawQuery) of
+ failure ->
+ {403, [{"Content-Type", "text/plain"}], "Invalid credentials"};
+ success ->
+ lager:debug("GET ~p ~p", [Path, Query]),
+ add_auth("/" ++ Path, Module:request(get, Path, Query));
+ noauth ->
+ lager:debug("GET ~p ~p", [Path, Query]),
+ Module:request(get, Path, Query)
+ end,
lager:debug("GET finished: ~p us", [timer:now_diff(os:timestamp(), Starttime)]),
case Result of
none ->
@@ -29,8 +45,16 @@ loop(Req, Module) ->
end;
'POST' ->
Body = Req:recv_body(),
- lager:debug("POST ~p ~p", [Path, Body]),
- Result = Module:request(post, Path, Body),
+ Result = case http_auth:verify_auth(AuthHeader, "POST", "/" ++ Path, Body) of
+ failure ->
+ {403, [{"Content-Type", "text/plain"}], "Invalid credentials"};
+ success ->
+ lager:debug("POST ~p ~p", [Path, Body]),
+ add_auth("/" ++ Path, Module:request(post, Path, Body));
+ noauth ->
+ lager:debug("POST ~p ~p", [Path, Body]),
+ Module:request(post, Path, Body)
+ end,
lager:debug("POST finished: ~p us", [timer:now_diff(os:timestamp(), Starttime)]),
case Result of
none ->