Implement authorization header parsing

Basic HTTP authorization according to RFC 2617 is implemented. Added an example of its usage with REST handler.
2025-07-15 12:40:25 +00:00 · 2013-01-30 00:30:05 +04:00 · 2013-01-30 00:30:05 +04:00 · 54c6d3fa3a
commit 54c6d3fa3a
parent fd5a977a39
11 changed files with 228 additions and 0 deletions
--- a/examples/basic_auth/src/basic_auth.app.src
+++ b/examples/basic_auth/src/basic_auth.app.src
@ -0,0 +1,15 @@
+%% Feel free to use, reuse and abuse the code in this file.
+
+{application, basic_auth, [
+	{description, "Cowboy Basic HTTP Authorization example."},
+	{vsn, "1"},
+	{modules, []},
+	{registered, []},
+	{applications, [
+		kernel,
+		stdlib,
+		cowboy
+	]},
+	{mod, {basic_auth_app, []}},
+	{env, []}
+]}.
--- a/examples/basic_auth/src/basic_auth.erl
+++ b/examples/basic_auth/src/basic_auth.erl
@ -0,0 +1,14 @@
+%% Feel free to use, reuse and abuse the code in this file.
+
+-module(basic_auth).
+
+%% API.
+-export([start/0]).
+
+%% API.
+
+start() ->
+	ok = application:start(crypto),
+	ok = application:start(ranch),
+	ok = application:start(cowboy),
+	ok = application:start(basic_auth).
--- a/examples/basic_auth/src/basic_auth_app.erl
+++ b/examples/basic_auth/src/basic_auth_app.erl
@ -0,0 +1,25 @@
+%% Feel free to use, reuse and abuse the code in this file.
+
+%% @private
+-module(basic_auth_app).
+-behaviour(application).
+
+%% API.
+-export([start/2]).
+-export([stop/1]).
+
+%% API.
+
+start(_Type, _Args) ->
+	Dispatch = [
+		{'_', [
+			{[], toppage_handler, []}
+		]}
+	],
+	{ok, _} = cowboy:start_http(http, 100, [{port, 8080}], [
+		{env, [{dispatch, Dispatch}]}
+	]),
+	basic_auth_sup:start_link().
+
+stop(_State) ->
+	ok.
--- a/examples/basic_auth/src/basic_auth_sup.erl
+++ b/examples/basic_auth/src/basic_auth_sup.erl
@ -0,0 +1,23 @@
+%% Feel free to use, reuse and abuse the code in this file.
+
+%% @private
+-module(basic_auth_sup).
+-behaviour(supervisor).
+
+%% API.
+-export([start_link/0]).
+
+%% supervisor.
+-export([init/1]).
+
+%% API.
+
+-spec start_link() -> {ok, pid()}.
+start_link() ->
+	supervisor:start_link({local, ?MODULE}, ?MODULE, []).
+
+%% supervisor.
+
+init([]) ->
+	Procs = [],
+	{ok, {{one_for_one, 10, 10}, Procs}}.
--- a/examples/basic_auth/src/toppage_handler.erl
+++ b/examples/basic_auth/src/toppage_handler.erl
@ -0,0 +1,32 @@
+%% Feel free to use, reuse and abuse the code in this file.
+
+%% @doc Basic authorization Hello world handler.
+-module(toppage_handler).
+
+-export([init/3]).
+-export([content_types_provided/2]).
+-export([is_authorized/2]).
+-export([hello_to_text/2]).
+
+init(_Transport, _Req, []) ->
+	{upgrade, protocol, cowboy_rest}.
+
+
+is_authorized(Req, S) ->
+	{ok, Auth, Req1} = cowboy_req:parse_header(<<"authorization">>, Req),
+	case Auth of
+		{<<"basic">>, {User = <<"Alladin">>, <<"open sesame">>}} ->
+			{true, Req1, User};
+		_ ->
+			{{false, <<"Restricted">>}, Req1, S}
+	end.
+
+content_types_provided(Req, State) ->
+	{[
+		{<<"text/plain">>, hello_to_text}
+	], Req, State}.
+
+
+hello_to_text(Req, User) ->
+	{<< <<"Hello, ">>/binary, User/binary, <<"!\n">>/binary >>, Req, User}.
+