skip routes #8

Author: viniciussanchez

samples/delphi/Samples.dpr

@@ -19,13 +19,20 @@ begin
 
   // The default header for receiving credentials is "Authorization".
   // You can change, if necessary:
-  // THorse.Use(HorseBasicAuthentication(MyCallbackValidation, 'X-My-Header-Authorization'));
+  // THorse.Use(HorseBasicAuthentication(MyCallbackValidation, THorseBasicAuthenticationConfig.New.Header('X-My-Header-Authorization')));
+
+  // You can also ignore routes:
+  // THorse.Use(HorseBasicAuthentication(MyCallbackValidation, THorseBasicAuthenticationConfig.New.SkipRoutes(['/ping'])));
 
   THorse.Get('/ping',
     procedure(Req: THorseRequest; Res: THorseResponse; Next: TProc)
     begin
       Res.Send('pong');
     end);
 
-  THorse.Listen(9000);
+  THorse.Listen(9000,
+    procedure(Horse: THorse)
+    begin
+      Writeln(Format('Server is runing on port %d', [Horse.Port]));
+    end);
 end.

samples/lazarus/Console.lpr

@@ -17,7 +17,7 @@ procedure GetPing(Req: THorseRequest; Res: THorseResponse; Next: TNextProc);
 
 procedure OnListen(Horse: THorse);
 begin
-  Writeln(Format('Server is runing on %s:%d', [Horse.Host, Horse.Port]));
+  Writeln(Format('Server is runing on port %d', [Horse.Port]));
 end;
 
 function DoLogin(const AUsername, APassword: string): Boolean;
@@ -32,7 +32,10 @@ function DoLogin(const AUsername, APassword: string): Boolean;
 
   // The default header for receiving credentials is "Authorization".
   // You can change, if necessary:
-  // THorse.Use(HorseBasicAuthentication(MyCallbackValidation, 'X-My-Header-Authorization'));
+  // THorse.Use(HorseBasicAuthentication(MyCallbackValidation, THorseBasicAuthenticationConfig.New.Header('X-My-Header-Authorization')));
+
+  // You can also ignore routes:
+  // THorse.Use(HorseBasicAuthentication(MyCallbackValidation, THorseBasicAuthenticationConfig.New.SkipRoutes(['/ping'])));
 
   THorse.Get('/ping', GetPing);
 

src/Horse.BasicAuthentication.pas

@@ -8,32 +8,64 @@ interface
 
 uses
   {$IF DEFINED(FPC)}
-    SysUtils, base64, Classes,
+    SysUtils, StrUtils, base64, Classes,
   {$ELSE}
-    System.SysUtils, System.NetEncoding, System.Classes,
+    System.SysUtils, System.NetEncoding, System.Classes, System.StrUtils,
   {$ENDIF}
   Horse, Horse.Commons;
 
 const
   AUTHORIZATION = 'authorization';
+  REALM_MESSAGE = 'Enter credentials';
+
+type
+  IHorseBasicAuthenticationConfig = interface
+    ['{DB16765F-156C-4BC1-8EDE-183CA9FE1985}']
+    function Header(const AValue: string): IHorseBasicAuthenticationConfig; overload;
+    function Header: string; overload;
+    function RealmMessage(const AValue: string): IHorseBasicAuthenticationConfig; overload;
+    function RealmMessage: string; overload;
+    function SkipRoutes(const AValues: TArray<string>): IHorseBasicAuthenticationConfig; overload;
+    function SkipRoutes: TArray<string>; overload;
+  end;
+
+  THorseBasicAuthenticationConfig = class(TInterfacedObject, IHorseBasicAuthenticationConfig)
+  private
+    FHeader: string;
+    FRealmMessage: string;
+    FSkipRoutes: TArray<string>;
+    function Header(const AValue: string): IHorseBasicAuthenticationConfig; overload;
+    function Header: string; overload;
+    function RealmMessage(const AValue: string): IHorseBasicAuthenticationConfig; overload;
+    function RealmMessage: string; overload;
+    function SkipRoutes(const AValues: TArray<string>): IHorseBasicAuthenticationConfig; overload;
+    function SkipRoutes: TArray<string>; overload;
+  public
+    constructor Create;
+    class function New: IHorseBasicAuthenticationConfig;
+  end;
 
 type
   THorseBasicAuthentication = {$IF NOT DEFINED(FPC)} reference to {$ENDIF} function(const AUsername, APassword: string): Boolean;
 
 procedure Middleware(Req: THorseRequest; Res: THorseResponse; Next: {$IF DEFINED(FPC)} TNextProc {$ELSE} TProc {$ENDIF} );
-function HorseBasicAuthentication(const AAuthenticate: THorseBasicAuthentication; const AHeader: string = AUTHORIZATION; const ARealmMessage: string = 'Enter credentials'): THorseCallback;
+function HorseBasicAuthentication(const AAuthenticate: THorseBasicAuthentication): THorseCallback; overload;
+function HorseBasicAuthentication(const AAuthenticate: THorseBasicAuthentication; const AConfig: IHorseBasicAuthenticationConfig): THorseCallback; overload;
 
 implementation
 
 var
-  Header: string;
-  RealmMessage: string;
+  Config: IHorseBasicAuthenticationConfig;
   Authenticate: THorseBasicAuthentication;
 
-function HorseBasicAuthentication(const AAuthenticate: THorseBasicAuthentication; const AHeader: string = AUTHORIZATION; const ARealmMessage: string = 'Enter credentials'): THorseCallback;
+function HorseBasicAuthentication(const AAuthenticate: THorseBasicAuthentication): THorseCallback;
 begin
-  Header := AHeader;
-  RealmMessage := ARealmMessage;
+  Result := HorseBasicAuthentication(AAuthenticate, THorseBasicAuthenticationConfig.New);
+end;
+
+function HorseBasicAuthentication(const AAuthenticate: THorseBasicAuthentication; const AConfig: IHorseBasicAuthenticationConfig): THorseCallback;
+begin
+  Config := AConfig;
   Authenticate := AAuthenticate;
   Result := Middleware;
 end;
@@ -47,14 +79,20 @@ procedure Middleware(Req: THorseRequest; Res: THorseResponse; Next: {$IF DEFINED
   LBasicAuthenticationDecode: TStringList;
   LIsAuthenticated: Boolean;
 begin
-  LBasicAuthenticationEncode := Req.Headers[Header];
-  if LBasicAuthenticationEncode.Trim.IsEmpty and not Req.Query.TryGetValue(Header, LBasicAuthenticationEncode) then
+  if MatchText(Req.RawWebRequest.PathInfo, Config.SkipRoutes) then
+  begin
+    Next();
+    Exit;
+  end;
+
+  LBasicAuthenticationEncode := Req.Headers[Config.Header];
+  if LBasicAuthenticationEncode.Trim.IsEmpty and not Req.Query.TryGetValue(Config.Header, LBasicAuthenticationEncode) then
   begin
     Res.Send('Authorization not found').Status(THTTPStatus.Unauthorized).RawWebResponse
     {$IF DEFINED(FPC)}
-      .WWWAuthenticate := Format('Basic realm=%s', [RealmMessage]);
+      .WWWAuthenticate := Format('Basic realm=%s', [Config.RealmMessage]);
     {$ELSE}
-      .Realm := RealmMessage;
+      .Realm := Config.RealmMessage;
     {$ENDIF}
     raise EHorseCallbackInterrupted.Create;
   end;
@@ -89,4 +127,56 @@ procedure Middleware(Req: THorseRequest; Res: THorseResponse; Next: {$IF DEFINED
   Next();
 end;
 
+{ THorseBasicAuthenticationConfig }
+
+constructor THorseBasicAuthenticationConfig.Create;
+begin
+  FHeader := AUTHORIZATION;
+  FRealmMessage := REALM_MESSAGE;
+  FSkipRoutes := [];
+end;
+
+function THorseBasicAuthenticationConfig.Header: string;
+begin
+  Result := FHeader;
+end;
+
+function THorseBasicAuthenticationConfig.Header(const AValue: string): IHorseBasicAuthenticationConfig;
+begin
+  FHeader := AValue;
+  Result := Self;
+end;
+
+class function THorseBasicAuthenticationConfig.New: IHorseBasicAuthenticationConfig;
+begin
+  Result := THorseBasicAuthenticationConfig.Create;
+end;
+
+function THorseBasicAuthenticationConfig.RealmMessage(const AValue: string): IHorseBasicAuthenticationConfig;
+begin
+  FRealmMessage := AValue;
+  Result := Self;
+end;
+
+function THorseBasicAuthenticationConfig.RealmMessage: string;
+begin
+  Result := FRealmMessage;
+end;
+
+function THorseBasicAuthenticationConfig.SkipRoutes(const AValues: TArray<string>): IHorseBasicAuthenticationConfig;
+var
+  I: Integer;
+begin
+  FSkipRoutes := AValues;
+  for I := 0 to Pred(Length(FSkipRoutes)) do
+    if Copy(Trim(FSkipRoutes[I]), 1, 1) <> '/' then
+      FSkipRoutes[I] := '/' + FSkipRoutes[I];
+  Result := Self;
+end;
+
+function THorseBasicAuthenticationConfig.SkipRoutes: TArray<string>;
+begin
+  Result := FSkipRoutes;
+end;
+
 end.