Files
adler32
aho_corasick
approx
arrayvec
ascii
backtrace
backtrace_sys
base64
bitflags
brotli2
brotli_sys
bstr
buf_redux
byteorder
bytes
cfg_if
chrono
chunked_transfer
color_quant
cookie
cookie_store
crc32fast
crossbeam_deque
crossbeam_epoch
crossbeam_queue
crossbeam_utils
csv
csv_core
csv_user_import
deflate
diesel
associations
connection
expression
expression_methods
macros
migration
mysql
query_builder
query_dsl
query_source
sql_types
type_impls
types
diesel_derives
diesel_migrations
dirs
dotenv
dtoa
either
encoding_rs
error_chain
failure
failure_derive
filetime
flate2
fnv
foreign_types
foreign_types_shared
futures
futures_cpupool
gif
google_signin
gzip_header
h2
http
http_body
httparse
hyper
hyper_rustls
hyper_tls
idna
image
indexmap
inflate
iovec
itoa
jpeg_decoder
language_tags
lazy_static
libc
lock_api
log
lzw
matches
memchr
memoffset
migrations_internals
migrations_macros
mime
mime_guess
miniz_oxide
mio
multipart
mysqlclient_sys
native_tls
net2
nodrop
num_cpus
num_derive
num_integer
num_iter
num_rational
num_traits
openssl
openssl_probe
openssl_sys
ordered_float
owning_ref
parking_lot
parking_lot_core
percent_encoding
phf
phf_shared
png
proc_macro2
publicsuffix
quick_error
quote
r2d2
rand
rand_chacha
rand_core
rand_hc
rand_isaac
rand_jitter
rand_os
rand_pcg
rand_xorshift
rayon
rayon_core
regex
regex_automata
regex_syntax
remove_dir_all
reqwest
ring
rouille
rustc_demangle
rustls
rusttype
ryu
safemem
scheduled_thread_pool
scoped_threadpool
scopeguard
sct
serde
serde_derive
serde_json
serde_urlencoded
sha1
simplelog
siphasher
slab
smallvec
stable_deref_trait
stb_truetype
string
syn
synom
synstructure
tempdir
term
thread_local
threadpool
tiff
time
tiny_http
tokio
tokio_buf
tokio_current_thread
tokio_executor
tokio_io
tokio_reactor
tokio_sync
tokio_tcp
tokio_threadpool
tokio_timer
traitobject
try_from
try_lock
twoway
typeable
unicase
unicode_bidi
unicode_normalization
unicode_xid
untrusted
url
uuid
want
webdev_lib
webpki
webpki_roots
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
// Copyright (c) 2016 The Rouille developers
// Licensed under the Apache License, Version 2.0
// <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT
// license <LICENSE-MIT or http://opensource.org/licenses/MIT>,
// at your option. All files in the project carrying such
// notice may not be copied, modified, or distributed except
// according to those terms.

//! Analyze the request's headers and body.
//! 
//! This module provides functions and sub-modules that allow you to easily analyze or parse the
//! request's headers and body.
//! 
//! - In order to parse JSON, see [the `json` module](json/input.html).
//! - In order to parse input from HTML forms, see [the `post` module](post/input.html).
//! - In order to read a plain text body, see
//!   [the `plain_text_body` function](fn.plain_text_body.html).

use base64;
use Request;

/// Credentials returned by `basic_http_auth`.
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct HttpAuthCredentials {
    /// Login provided by the client.
    pub login: String,
    /// Password provided by the client.
    pub password: String,
}

/// Attempts to parse a `Authorization` header with basic HTTP auth.
///
/// If such a header is present and valid, a `HttpAuthCredentials` is returned.
///
/// # Example
///
/// ```
/// use rouille::input;
/// use rouille::Request;
/// use rouille::Response;
///
/// fn handle(request: &Request) -> Response {
///     let auth = match input::basic_http_auth(request) {
///         Some(a) => a,
///         None => return Response::basic_http_auth_login_required("realm")
///     };
///
///     if auth.login == "admin" && auth.password == "GT5GeKyLvKLxuc7mjF5h" {
///         handle_after_login(request)
///     } else {
///         Response::text("Bad login/password").with_status_code(403)
///     }
/// }
///
/// fn handle_after_login(request: &Request) -> Response {
///     Response::text("You are in a secret area")
/// }
/// ```
pub fn basic_http_auth(request: &Request) -> Option<HttpAuthCredentials> {
    let header = match request.header("Authorization") {
        None => return None,
        Some(h) => h,
    };

    let mut split = header.splitn(2, |c| c == ' ');
    let authtype = match split.next() { None => return None, Some(t) => t };

    if authtype != "Basic" {
        return None;
    }

    let authvalue = match split.next().and_then(|val| base64::decode(val).ok()) {
        Some(v) => v, None => return None
    };

    let mut split = authvalue.splitn(2, |&c| c == b':');

    let login = match split.next().map(Vec::from).and_then(|l| String::from_utf8(l).ok()) {
        Some(l) => l, None => return None
    };
    let password = match split.next().map(Vec::from).and_then(|p| String::from_utf8(p).ok()) {
        Some(p) => p, None => return None
    };

    Some(HttpAuthCredentials { login, password })
}

#[cfg(test)]
mod test {
    use Request;
    use super::HttpAuthCredentials;
    use super::basic_http_auth;

    #[test]
    fn basic_http_auth_no_header() {
        let request = Request::fake_http("GET", "/", vec![], Vec::new());
        assert_eq!(basic_http_auth(&request), None);
    }

    #[test]
    fn basic_http_auth_wrong_header() {
        let request = Request::fake_http("GET", "/",
                                         vec![("Authorization".to_owned(),
                                               "hello world".to_owned())],
                                         Vec::new());
        assert_eq!(basic_http_auth(&request), None);

        let request = Request::fake_http("GET", "/",
                                         vec![("Authorization".to_owned(),
                                               "Basic \0\0".to_owned())],
                                         Vec::new());
        assert_eq!(basic_http_auth(&request), None);
    }

    #[test]
    fn basic_http_auth_ok() {
        let request = Request::fake_http("GET", "/",
                                         vec![("Authorization".to_owned(),
                                               "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==".to_owned())],
                                         Vec::new());

        assert_eq!(basic_http_auth(&request), Some(HttpAuthCredentials {
            login: "Aladdin".to_owned(),
            password: "open sesame".to_owned(),
        }));
    }
}