# include <QTcpServer>
#endif
+#include "authenticator.h"
#include "bufferinfo.h"
#include "message.h"
#include "oidentdconfiggenerator.h"
return instance()->_storage->validateUser(userName, password);
}
+ //! Authenticate user against auth backend
+ /**
+ * \param userName The user's login name
+ * \param password The user's uncrypted password
+ * \return The user's ID if valid; 0 otherwise
+ */
+ static inline UserId authenticateUser(const QString &userName, const QString &password) {
+ return instance()->_authenticator->validateUser(userName, password);
+ }
+
+ //! Add a new user, exposed so auth providers can call this without being the storage.
+ /**
+ * \param userName The user's login name
+ * \param password The user's uncrypted password
+ * \param authenticator The name of the auth provider service used to log the user in, defaults to "Database".
+ * \return The user's ID if valid; 0 otherwise
+ */
+ static inline UserId addUser(const QString &userName, const QString &password, const QString &authenticator = "Database") {
+ return instance()->_storage->addUser(userName, password, authenticator);
+ }
+
+ //! Does a comparison test against the authenticator in the database and the authenticator currently in use for a UserID.
+ /**
+ * \param userid The user's ID (note: not login name).
+ * \param authenticator The name of the auth provider service used to log the user in, defaults to "Database".
+ * \return True if the userid was configured with the passed authenticator, false otherwise.
+ */
+ static inline bool checkAuthProvider(const UserId userid, const QString &authenticator) {
+ return instance()->_storage->getUserAuthenticator(userid) == authenticator;
+ }
//! Change a user's password
/**
*/
static bool changeUserPassword(UserId userId, const QString &password);
+ //! Check if we can change a user password.
+ /**
+ * \param userID The user's ID
+ * \return true, if we can change their password, false otherwise
+ */
+ static bool canChangeUserPassword(UserId userId);
+
//! Store a user setting persistently
/**
* \param userId The users Id
static bool reloadCerts();
static QVariantList backendInfo();
+ static QVariantList authenticatorInfo();
/**
* Checks if a storage backend is the default storage backend. This
return (backend->displayName() == "SQLite") ? true : false;
}
- static QString setup(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData);
+ static QString setup(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authBackend, const QVariantMap &authSetupMap);
static inline QTimer &syncTimer() { return instance()->_storageSyncTimer; }
*/
void syncStorage();
void setupInternalClientSession(InternalPeer *clientConnection);
- QString setupCore(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData);
+ QString setupCore(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authBackend, const QVariantMap &authSetupMap);
signals:
//! Sent when a BufferInfo is updated in storage.
void clientDisconnected();
bool initStorage(const QString &backend, const QVariantMap &settings, bool setup = false);
+ bool initAuthenticator(const QString &backend, const QVariantMap &settings, bool setup = false);
void socketError(QAbstractSocket::SocketError err, const QString &errorString);
void setupClientSession(RemotePeer *, UserId);
bool registerStorageBackend(Storage *);
void unregisterStorageBackends();
void unregisterStorageBackend(Storage *);
+
+ void registerAuthenticatorBackends();
+ bool registerAuthenticatorBackend(Authenticator *);
+ void unregisterAuthenticatorBackends();
+ void unregisterAuthenticatorBackend(Authenticator *);
+
bool selectBackend(const QString &backend);
bool createUser();
bool saveBackendSettings(const QString &backend, const QVariantMap &settings);
+ void saveAuthBackendSettings(const QString &backend, const QVariantMap &settings);
QVariantMap promptForSettings(const Storage *storage);
private:
QSet<CoreAuthHandler *> _connectingClients;
QHash<UserId, SessionThread *> _sessions;
+
+ // Have both a storage backend and an authenticator backend.
Storage *_storage;
+ Authenticator *_authenticator;
QTimer _storageSyncTimer;
#ifdef HAVE_SSL
OidentdConfigGenerator *_oidentdConfigGenerator;
QHash<QString, Storage *> _storageBackends;
+ QHash<QString, Authenticator *> _authenticatorBackends;
QDateTime _startTime;