libzeep

PrevUpHomeNext

Class login_controller

zeep::http::login_controller — http controller that handles login and logout

Synopsis

// In header: <zeep/http/login-controller.hpp>


class login_controller : public zeep::http::controller {
public:
  // construct/copy/destruct
  login_controller(const std::string & = "/");

  // public member functions
  virtual void set_server(server *);
  virtual bool handle_request(request &, reply &);
  virtual xml::document load_login_form(const request &) const;
  virtual void create_unauth_reply(const request &, reply &);
};

Description

There is a html version of this controller as well, that one is a bit nicer

login_controller public construct/copy/destruct

  1. login_controller(const std::string & prefix_path = "/");

login_controller public member functions

  1. virtual void set_server(server * server);
    bind this controller to server

    Makes sure the server has a security context and adds rules to this security context to allow access to the /login page

  2. virtual bool handle_request(request & req, reply & rep);
    will handle the actual requests
  3. virtual xml::document load_login_form(const request & req) const;
    return the XHTML login form, subclasses can override this to provide custom login forms

    The document returned should have input fields for 'username', 'password' and a hidden '_csrf' and 'uri' value.

    The _csrf value is used to guard against CSRF attacks. The uri is the location to redirect to in case of a valid login.

  4. virtual void create_unauth_reply(const request & req, reply & reply);
    Create an error reply for an unauthorized access.

    An error handler may call this method to create a decent login screen.

    Parameters:

    req

    The request that triggered this call


PrevUpHomeNext