Added possibility to define custom user validation callback. Updated …

…amalgamation to 5afcb642a7cd17759c38cb6b92efd853095e1a1f
QUaServer · Jul 4, 2019 · 4249317 · 4249317
1 parent 00b5ea7
commit 4249317
Show file tree

Hide file tree

Showing 5 changed files with 1,051 additions and 1,158 deletions.
diff --git a/examples/06_users/main.cpp b/examples/06_users/main.cpp
@@ -28,12 +28,28 @@ int main(int argc, char *argv[])
 
 	QUaServer server;
 
+	/*
+	// It is possible to provide a custom callback to validate the user and password
+	// send by the client. The implementation below is the default implementation of not defined.
+	// Overwriting this callback can be used to obtain a hash of the password sent by the client and
+	// compare it to a locally stored hash. In this way we avoid storing user's passwords which
+	// is considered an insecure practice. A function pointer can also be used as validation callback.
+	server.setKeyValidation(
+	[&server](const QString &strUserName, const QString &strPassword) {
+		if (!server.userExists(strUserName))
+		{
+			return false;
+		}
+		QString strKey = server.userKey(strUserName);
+		return strKey.compare(strPassword, Qt::CaseInsensitive) == 0;
+	});
+	*/
+
 	// Disable Anon login and create Users
 	server.setAnonymousLoginAllowed(false);
 	server.addUser("juan", "pass123");
 	server.addUser("john", "qwerty");
 
-
 	QUaFolderObject * objsFolder = server.objectsFolder();
 
 	// Individual variable access control