diff options
author | Magnus Ahltorp <map@kth.se> | 2015-02-26 16:54:26 +0100 |
---|---|---|
committer | Magnus Ahltorp <map@kth.se> | 2015-02-27 14:24:21 +0100 |
commit | 103e0ee850404a5c8dc69bbbf79b2508a9c55d7a (patch) | |
tree | 1d05d9cb84e2c88931742ee442a5001d6a2e9e62 /src | |
parent | 6aefb4c34f49ee44ed65b961e941fea705344458 (diff) |
Added authentication between frontend and storage nodes
Diffstat (limited to 'src')
-rw-r--r-- | src/catlfish_web.erl | 32 |
1 files changed, 28 insertions, 4 deletions
diff --git a/src/catlfish_web.erl b/src/catlfish_web.erl index 9869b21..5ee5743 100644 --- a/src/catlfish_web.erl +++ b/src/catlfish_web.erl @@ -11,15 +11,31 @@ start(Options, Module) -> end, mochiweb_http:start([{name, Module}, {loop, Loop} | Options]). + +add_auth(Path, {Code, Headers, Data}) -> + AuthHeader = http_auth:create_auth("REPLY", Path, Data), + lager:debug("sent auth header: ~p", [AuthHeader]), + {Code, [{"X-Catlfish-Auth", AuthHeader} | Headers], Data}. + loop(Req, Module) -> "/" ++ Path = Req:get(path), try Starttime = os:timestamp(), + AuthHeader = Req:get_header_value("X-Catlfish-Auth"), case Req:get(method) of 'GET' -> Query = Req:parse_qs(), - lager:debug("GET ~p ~p", [Path, Query]), - Result = Module:request(get, Path, Query), + {_, RawQuery, _} = mochiweb_util:urlsplit_path(Req:get(raw_path)), + Result = case http_auth:verify_auth(AuthHeader, "GET", "/" ++ Path, RawQuery) of + failure -> + {403, [{"Content-Type", "text/plain"}], "Invalid credentials"}; + success -> + lager:debug("GET ~p ~p", [Path, Query]), + add_auth("/" ++ Path, Module:request(get, Path, Query)); + noauth -> + lager:debug("GET ~p ~p", [Path, Query]), + Module:request(get, Path, Query) + end, lager:debug("GET finished: ~p us", [timer:now_diff(os:timestamp(), Starttime)]), case Result of none -> @@ -29,8 +45,16 @@ loop(Req, Module) -> end; 'POST' -> Body = Req:recv_body(), - lager:debug("POST ~p ~p", [Path, Body]), - Result = Module:request(post, Path, Body), + Result = case http_auth:verify_auth(AuthHeader, "POST", "/" ++ Path, Body) of + failure -> + {403, [{"Content-Type", "text/plain"}], "Invalid credentials"}; + success -> + lager:debug("POST ~p ~p", [Path, Body]), + add_auth("/" ++ Path, Module:request(post, Path, Body)); + noauth -> + lager:debug("POST ~p ~p", [Path, Body]), + Module:request(post, Path, Body) + end, lager:debug("POST finished: ~p us", [timer:now_diff(os:timestamp(), Starttime)]), case Result of none -> |