Use middleware for authorization

sebastian-heinz · May 10, 2024 · 46b9073 · 46b9073
1 parent dd88bd2
commit 46b9073
Show file tree

Hide file tree

Showing 5 changed files with 41 additions and 79 deletions.
diff --git a/Arrowgene.Ddon.Rpc.Web/Interceptor/IInterceptor.cs b/Arrowgene.Ddon.Rpc.Web/Interceptor/IInterceptor.cs
diff --git a/...on.Rpc.Web/Interceptor/AuthInterceptor.cs → ...Ddon.Rpc.Web/Middleware/AuthMiddleware.cs b/...on.Rpc.Web/Interceptor/AuthInterceptor.cs → ...Ddon.Rpc.Web/Middleware/AuthMiddleware.cs
@@ -1,29 +1,42 @@
 #nullable enable
 
 using System;
+using System.Collections.Generic;
 using System.Text;
 using System.Threading.Tasks;
 using Arrowgene.Ddon.Database;
 using Arrowgene.Ddon.Database.Model;
 using Arrowgene.Ddon.Shared.Crypto;
 using Arrowgene.Logging;
 using Arrowgene.WebServer;
+using Arrowgene.WebServer.Middleware;
 
-public class AuthInterceptor : IInterceptor
+public class AuthMiddleware : IWebMiddleware
 {
-    private static readonly ILogger Logger = LogProvider.Logger<Logger>(typeof(AuthInterceptor));
+    private static readonly ILogger Logger = LogProvider.Logger<Logger>(typeof(AuthMiddleware));
 
     private readonly IDatabase _database;
-    private readonly AccountStateType _minimumState;
+    private readonly Dictionary<string, AccountStateType> _routeAndRequiredMinimumState;
 
-    public AuthInterceptor(IDatabase database, AccountStateType minimumState)
+    public AuthMiddleware(IDatabase database)
     {
         _database = database;
-        _minimumState = minimumState;
+        _routeAndRequiredMinimumState = new Dictionary<string, AccountStateType>();
     }
 
-    public async Task<WebResponse?> InterceptRequest(WebRequest request)
+    public void Require(AccountStateType minimumState, string route)
     {
+        _routeAndRequiredMinimumState.Add(route, minimumState);
+    }
+
+    public async Task<WebResponse> Handle(WebRequest request, WebMiddlewareDelegate next)
+    {
+        if(!_routeAndRequiredMinimumState.ContainsKey(request.Path))
+        {
+            // Don't intercept request if the request path isn't registered in the middleware
+            return await next(request);
+        }
+
         string authHeader = request.Header.Get("authorization");
         if(authHeader == null)
         {
@@ -77,15 +90,16 @@ public AuthInterceptor(IDatabase database, AccountStateType minimumState)
             return response;
         }
 
-        if(account.State < _minimumState)
+        AccountStateType minimumRequiredAccountStateType = _routeAndRequiredMinimumState[request.Path];
+        if(account.State < minimumRequiredAccountStateType)
         {
-            Logger.Error($"Attempted to access auth protected route as {username} without enough permissions (Account has {account.State}, minimum required {_minimumState}).");
+            Logger.Error($"Attempted to access auth protected route as {username} without enough permissions (Account has {account.State}, minimum required {minimumRequiredAccountStateType}).");
             WebResponse response = new WebResponse();
             response.StatusCode = 403;
             await response.WriteAsync($"Attempted to access auth protected route as {username} without enough permissions.");
             return response;
         }
 
-        return null;
+        return await next(request);
     }
 }
diff --git a/Arrowgene.Ddon.Rpc.Web/Route/InterceptedRpcWebRoute.cs b/Arrowgene.Ddon.Rpc.Web/Route/InterceptedRpcWebRoute.cs
diff --git a/Arrowgene.Ddon.Rpc.Web/RpcWebServer.cs b/Arrowgene.Ddon.Rpc.Web/RpcWebServer.cs
@@ -21,7 +21,13 @@ public void Init()
         {
             _webServer.AddRoute(new SpawnRoute(this));
             _webServer.AddRoute(new InfoRoute(this));
-            _webServer.AddRoute(new InterceptedRpcWebRoute(this, new ChatRoute(this), new AuthInterceptor(_gameServer.Database, AccountStateType.GameMaster)));
+
+            ChatRoute chatRoute = new ChatRoute(this);
+            _webServer.AddRoute(chatRoute);
+
+            AuthMiddleware authMiddleware = new AuthMiddleware(_gameServer.Database);
+            authMiddleware.Require(AccountStateType.GameMaster, chatRoute.Route);
+            _webServer.AddMiddleware(authMiddleware);
         }
     }
 }
diff --git a/Arrowgene.Ddon.WebServer/DdonWebServer.cs b/Arrowgene.Ddon.WebServer/DdonWebServer.cs
@@ -2,6 +2,7 @@
 using Arrowgene.Ddon.Database;
 using Arrowgene.Logging;
 using Arrowgene.WebServer;
+using Arrowgene.WebServer.Middleware;
 using Arrowgene.WebServer.Route;
 using Arrowgene.WebServer.Server;
 using Arrowgene.WebServer.Server.Kestrel;
@@ -33,12 +34,21 @@ public DdonWebServer(WebServerSetting setting, IDatabase database)
                 Logger.Info(servingFile);
             }
 
-            _webService.AddMiddleware(staticFile);
+            AddMiddleware(staticFile);
 
             AddRoute(new IndexRoute());
             AddRoute(new AccountRoute(database));
         }
 
+        public void AddMiddleware(IWebMiddleware middleware)
+        {
+            _webService.AddMiddleware(middleware);
+            if (_running)
+            {
+                Logger.Info($"Registered new middleware `{middleware.GetType().Name}`");
+            }
+        }
+
         public void AddRoute(IWebRoute route)
         {
             _webService.AddRoute(route);