phares3757/open-insight
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
open-insight/LSL2/STPROC/AUTHENTICATION_API.txt

153 lines
6.4 KiB
Plaintext
Raw Blame History

Function Authentication_API(@API)
/***********************************************************************************************************************
This program is proprietary and is not to be used by or disclosed to others, nor is it to be copied without written
permission from SRP Computer Solutions, Inc.
Name : Authentication_API
Description : API logic for the Authentication resource.
Notes : All web APIs should include the API_SETUP insert. This will provide several useful variables:
HTTPMethod - The HTTP Method (Verb) submitted by the client (e.g., GET, POST, etc.)
APIURL - The URL for the API entry point (e.g., api.mysite.com/v1).
FullEndpointURL - The URL submitted by the client, including query params.
FullEndpointURLNoQuery - The URL submitted by the client, excluding query params.
EndpointSegment - The URL endpoint segment.
ParentURL - The URL path preceeding the current endpoint.
CurrentAPI - The name of this stored procedure.
Parameters :
API [in] -- Web API to process. Format is [APIPattern].[HTTPMethod]:
- APIPattern must follow this structure Authentication[.ID.[<Property>]]
- HTTPMethod can be any valid HTTP method, e.g., GET, POST, PUT, DELETE, etc.
Examples:
- Authentication.POST
- Authentication.ID.PUT
- Authentication.ID.firstName.GET
Response [out] -- Response to be sent back to the Controller (HTTP_MCP) or requesting procedure. Web API
services do not rely upon anything being returned in the response. This is what the
various services like SetResponseBody and SetResponseStatus services are for. A response
value is only helpful if the developers want to use it for debug purposes.
History : (Date, Initials, Notes)
07/17/24 djs Original programmer.
***********************************************************************************************************************/
#pragma precomp SRP_PreCompiler
$insert APP_INSERTS
$insert API_SETUP
$insert HTTP_INSERTS
$insert LSL_USERS_EQUATES
Equ USERNAME$ To 1
Equ GROUP$ To 2
Equ PASSWORD$ To 3
Equ CONTEXT$ To 4
Declare function Database_Services, MemberOf
GoToAPI else
// The specific resource endpoint doesn't have a API handler yet.
HTTP_Services('SetResponseStatus', 204, 'This is a valid endpoint but a web API handler has not yet been created.')
end
Return Response OR ''
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Endpoint Handlers
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
API authentication.POST
Body = HTTP_Services('GetHTTPPostString')
If Body NE '' then
// The POST string will have been encoded so use percent (URL) decoding
AuthJson = HTTP_Services('DecodePercentString', Body)
hAuthJson = ''
ParseResponse = SRP_JSON(hAuthJson, 'PARSE', AuthJson)
If (ParseResponse EQ '') then
Username = SRP_JSON(hAuthJson, 'GetValue', 'Username')
Password = SRP_JSON(hAuthJson, 'GetValue', 'Password')
Groups = ''
hGroups = SRP_JSON(hAuthJson, 'get', 'Groups')
If hGroups then
ElementHandles = SRP_JSON(hGroups, 'GetElements', @VM)
If ElementHandles NE '' then
For each ElementHandle in ElementHandles using @VM
Groups<0, -1> = SRP_JSON(ElementHandle, 'GetValue')
SRP_JSON(ElementHandle, 'Release')
Next ElementHandle
end
SRP_JSON(hGroups, 'Release')
end
SRP_JSON(hAuthJson, 'Release')
// Validate Credentials
UserRec = Database_Services('ReadDataRow', 'LSL_USERS', Username)
If Error_Services('NoError') then
Credentials = ''
Credentials<USERNAME$> = Username
Credentials<PASSWORD$> = UserRec<LSL_USERS_PASSWORD$>
Credentials<GROUP$> = UserRec<LSL_USERS_GROUPS$>
Member = False$
Group = ''
If Groups NE '' then
For each Group in Groups using @VM
Member = MemberOf(Credentials<USERNAME$>, Group)
Until Member EQ True$
Next Group
end else
Member = True$
end
Begin Case
Case (Password EQ Credentials<PASSWORD$>) AND (Member EQ True$)
// Return 200, authentication successful
StatusCode = 200
Message = 'Authentication successful'
HTTP_Services('SetResponseStatus', 200, Message)
Case (Password EQ Credentials<PASSWORD$>) AND (Member EQ False$)
// Return 401, not a member of required groups
NumGroups = DCount(Groups, @VM)
If NumGroups GT 1 then
Swap @VM with ' or ' in Groups
Message = 'User is not a member of the ' : Groups : ' groups.'
end else
Message = 'User is not a member of the ' : Group : ' group.'
end
HTTP_Services('SetResponseStatus', 401, 'Authentication failed. ':Message)
Case Password NE Credentials<PASSWORD$>
// Return 401, unable to validate password
Message = 'Unable to validate username. Please re-enter.'
HTTP_Services('SetResponseStatus', 401, 'Authentication failed. ':Message)
Case Otherwise$
HTTP_Services('SetResponseStatus', 500, 'Error in the ' : CurrentAPI : ' API. Unhandled case.')
End Case
end else
// Error reading user record
ErrorMsg = Error_Services('GetMessage')
HTTP_Services('SetResponseStatus', 500, 'Error in the ' : CurrentAPI : ' API. Message: ': ErrorMsg)
end
end else
HTTP_Services('SetResponseStatus', 400, 'Error in the ' : CurrentAPI : ' API. Error parsing JSON.')
end
end else
HTTP_Services('SetResponseStatus', 400, 'Error in the ' : CurrentAPI : ' API. Empty request.')
end
end api
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Internal GoSubs
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
Reference in New Issue View Git Blame Copy Permalink