abstract const class fanr::WebRepoAuth
WebRepoAuth is used to plug in authentication and permission authorization for a WebRepoMod.
abstract Bool allowPublish(Obj? user, PodSpec? pod)
Is the given user allowed to publish the given pod? If pod is null, return if user is allowed to publish anything.
abstract Bool allowQuery(Obj? user, PodSpec? pod)
Is the given user allowed to query the given pod? If pod is null, return if user is allowed to query anything.
abstract Bool allowRead(Obj? user, PodSpec? pod)
Is the given user allowed to read/download/install the given pod? If pod is null, return if user is allowed to install anything.
Get the salt used for the SALTED-HMAC-SHA1 secret algorithm for the given user. If the user doesn't exist or salts aren't supported, then return null.
abstract Buf secret(Obj? user, Str algorithm)
Get the secret as a byte buffer for the given user and algorithm which can be used to verify the digital signature of a request. See
secretAlgorithmsfor list of algorithms (parameter is guaranteed to be in all upper case).
abstract Str secretAlgorithms()
What algorithms are supported to compute the "secret" to use for digital signatures. They should be sorted from most preferred to least preferred. Standard values are:
PASSWORD: simple plaintext password is used as secret
SALTED-HMAC-SHA1: HMAC of "user:salt" with password as key
virtual Str signatureAlgorithms()
What algorithms are supported for computing the signature of a request. They should be sorted from most preferred to least preferred. Standard values are:
HMAC-SHA1: SHA-1 HMAC using secret as key The default implementation of both client and server only supports "HMAC-SHA1".
abstract Obj? user(Str username)
Given a username, return an implementation specific object which models the user for the given username. Or return null if username doesn't map to a valid user.