Merge branch 'main' into zs/web-ui-improvements

1 files changed, 91 insertions, 0 deletions

diff --git a/src/zenhttp/httpclient.cpp b/src/zenhttp/httpclient.cpp
index 16729ce38..d3b59df2b 100644
--- a/src/zenhttp/httpclient.cpp
+++ b/src/zenhttp/httpclient.cpp
@@ -25,6 +25,7 @@
 #	include <zencore/scopeguard.h>
 #	include <zencore/testing.h>
 #	include <zencore/testutils.h>
+#	include <zenhttp/security/passwordsecurityfilter.h>
 #	include "servers/httpasio.h"
 #	include "servers/httpsys.h"
 
@@ -662,6 +663,96 @@ TEST_CASE("httpclient.requestfilter")
 	}
 }
 
+TEST_CASE("httpclient.password")
+{
+	using namespace std::literals;
+
+	struct TestHttpService : public HttpService
+	{
+		TestHttpService() = default;
+
+		virtual const char* BaseUri() const override { return "/test/"; }
+		virtual void		HandleRequest(HttpServerRequest& HttpServiceRequest) override
+		{
+			if (HttpServiceRequest.RelativeUri() == "yo")
+			{
+				return HttpServiceRequest.WriteResponse(HttpResponseCode::OK, HttpContentType::kText, "hey family");
+			}
+
+			{
+				CHECK(HttpServiceRequest.RelativeUri() != "should_filter");
+				return HttpServiceRequest.WriteResponse(HttpResponseCode::InternalServerError);
+			}
+
+			{
+				CHECK(HttpServiceRequest.RelativeUri() != "should_forbid");
+				return HttpServiceRequest.WriteResponse(HttpResponseCode::InternalServerError);
+			}
+		}
+	};
+
+	TestHttpService			 TestService;
+	ScopedTemporaryDirectory TmpDir;
+
+	Ref<HttpServer> AsioServer = CreateHttpAsioServer(AsioConfig{});
+
+	int Port = AsioServer->Initialize(7575, TmpDir.Path());
+	REQUIRE(Port != -1);
+
+	AsioServer->RegisterService(TestService);
+
+	std::thread ServerThread([&]() { AsioServer->Run(false); });
+
+	{
+		auto _ = MakeGuard([&]() {
+			if (ServerThread.joinable())
+			{
+				ServerThread.join();
+			}
+			AsioServer->Close();
+		});
+
+		SUBCASE("usernamepassword")
+		{
+			CbObjectWriter Writer;
+			{
+				Writer.BeginObject("basic");
+				{
+					Writer << "username"sv
+						   << "me";
+					Writer << "password"sv
+						   << "456123789";
+				}
+				Writer.EndObject();
+				Writer << "protect-machine-local-requests" << true;
+			}
+
+			PasswordHttpFilter::Configuration PasswordFilterOptions = PasswordHttpFilter::ReadConfiguration(Writer.Save());
+
+			PasswordHttpFilter MyFilter(PasswordFilterOptions);
+
+			AsioServer->SetHttpRequestFilter(&MyFilter);
+
+			HttpClient Client(fmt::format("localhost:{}", Port),
+							  HttpClientSettings{},
+							  /*CheckIfAbortFunction*/ {});
+
+			ZEN_INFO("Request using {}", Client.GetBaseUri());
+
+			HttpClient::Response ForbiddenResponse = Client.Get("/test/yo");
+			CHECK(!ForbiddenResponse.IsSuccess());
+			CHECK_EQ(ForbiddenResponse.StatusCode, HttpResponseCode::Forbidden);
+
+			HttpClient::Response WithBasicResponse =
+				Client.Get("/test/yo",
+						   std::pair<std::string, std::string>("Authorization",
+															   fmt::format("Basic {}", PasswordFilterOptions.PasswordConfig.Password)));
+			CHECK(WithBasicResponse.IsSuccess());
+			AsioServer->SetHttpRequestFilter(nullptr);
+		}
+		AsioServer->RequestExit();
+	}
+}
 void
 httpclient_forcelink()
 {