diff --git a/src/Matrix.c b/src/Matrix.c index 0db2193..f0f8c85 100644 --- a/src/Matrix.c +++ b/src/Matrix.c @@ -25,6 +25,7 @@ #include #include +#include #include #include @@ -402,5 +403,61 @@ MatrixUserInteractiveAuth(HttpServerContext * context, Db * db, DbUnlock(db, ref); DbDelete(db, 2, "user_interactive", sessionStr); - return NULL; /* All good, auth successful */ + return NULL; /* All good, auth successful */ +} + +HashMap * +MatrixAuthenticate(HttpServerContext * context, Db * db) +{ + HashMap *params; + char *token; + + (void) db; /* Silence warning about unused var; + * we'll use it eventually. */ + + params = HttpRequestHeaders(context); + token = HashMapGet(params, "authorization"); + + if (token) + { + /* If the header was provided but it's not given correctly, + * that's an error */ + if (strncmp(token, "Bearer ", 7) != 0) + { + HttpResponseStatus(context, HTTP_UNAUTHORIZED); + return MatrixErrorCreate(M_MISSING_TOKEN); + } + + /* Seek past "Bearer" */ + token += 8; + + /* Seek past any spaces between "Bearer" and the token */ + while (*token && isspace(*token)) + { + token++; + } + } + else + { + /* Header was not provided, we must check for ?access_token */ + params = HttpRequestParams(context); + token = HashMapGet(params, "access_token"); + + if (!token) + { + HttpResponseStatus(context, HTTP_UNAUTHORIZED); + return MatrixErrorCreate(M_MISSING_TOKEN); + } + } + + /* TODO: Check that "token" is actually valid */ + + return NULL; +} + +HashMap * +MatrixRateLimit(HttpServerContext *context, Db *db) +{ + /* TODO: Implement rate limiting */ + return NULL; } diff --git a/src/include/Matrix.h b/src/include/Matrix.h index fbfb5d7..fa11709 100644 --- a/src/include/Matrix.h +++ b/src/include/Matrix.h @@ -83,4 +83,10 @@ extern HashMap * extern HashMap * MatrixUserInteractiveAuth(HttpServerContext *, Db *, HashMap *); +extern HashMap * + MatrixAuthenticate(HttpServerContext *, Db *); + +extern HashMap * + MatrixRateLimit(HttpServerContext *, Db *); + #endif