fix bearer token validation

add option to change listener mode
2022-10-19 15:45:37 +07:00
parent e1175ea6db
commit de7e9e616f
5 changed files with 47 additions and 9 deletions
--- a/TorchRemote.Plugin/Modules/BearerTokenModule.cs
+++ b/TorchRemote.Plugin/Modules/BearerTokenModule.cs
@@ -0,0 +1,27 @@
+using System.Net;
+using EmbedIO;
+
+namespace TorchRemote.Plugin.Modules;
+
+internal class BearerTokenModule : WebModuleBase
+{
+    private readonly string _token;
+
+    public BearerTokenModule(string baseRoute, string token) : base(baseRoute)
+    {
+        _token = token;
+    }
+
+    protected override Task OnRequestAsync(IHttpContext context)
+    {
+        const string bearer = "Bearer ";
+        if (context.Request.Headers["Authorization"] is { } headerValue && 
+            headerValue.StartsWith(bearer, StringComparison.OrdinalIgnoreCase) && 
+            headerValue.Substring(bearer.Length) == _token)
+            return Task.CompletedTask;
+        
+        throw HttpException.Unauthorized();
+    }
+
+    public override bool IsFinalHandler => false;
+}