Basic access authentication

Iman Rahmatizadeh edited this page Oct 4, 2015 · 2 revisions

by AUGER Mickael (form France)

This document explains the use of basic access authentication defined by HTTP protocol. This method uses the base64 encoding.

Contents of archive

The joined archive contains the following files :

 basic_auth/    → library to use the basic authentication (detailed below)
     etc/       → original etc folder
         basic_example.kl1  → protected page by basic authentication (detailed below)
         example_without_basic.kl1  → standard KL1 page
 Makefile       → used for tests with the 2.1.1 KLone version
 README.TXT     → simple user manual

basic_auth library

Add library

To use the “basic_auth” library you can add the “basic_auth” folder in your mainly project’s folder and modify the mainly “Makefile” like :

SUBDIR += $(CURDIR)/basic_auth
WEBAPP_LDADD += $(CURDIR)/basic_auth/libbasic_auth.a

Prototype of functions

This is the contents of “basic_auth.h” file :

//maximum length of string concatenation of login and password
//used by "base64decode" function

* Test if the user (client) is connected.
* This function must be call by all pages protected by password.
* @param _request request (global var) of KLone server
* @param _response response (global var) of KLone server
* @param _out standard output (global var) of KLone server
* @return false if the user is not connected
bool is_connected(request_t *_request, response_t *_response,io_t *_out);

* Split a string by character.
* The last word of array is NULL
* Warning : this array must be free after use with the 'free_explode' function
* @param str the input string 
* @param separator the boundary character
* @return a array with NULL like last value
char** explode(const char* str, char separator);

* Free an array initialized by the "explode" function
* @param var the array
void free_explode(char **var);

* Decode a base64 string like "login:password"
* Warning : free the returned string after use
* @param encodedstring string encoded in base64
* @return decoded string like "login:password"
char *base64decode(const char *encodedstring);

Use basic_auth library

Warning : the used static login/password is “toto/1234” (see the source code of “is_connected” function to modify it)

Protected page template

The use of “basic_auth” library is very simple. The page template is :

#include "basic_auth/basic_auth.h"

  return ;
accessible contents after authentication

Rem : the not protected pages are KL1 or KLX standard page.

Example of protected page

Here an example of protected page by basic access authentication. This example is “basic_example.kl1” file :

#include "basic_auth/basic_auth.h"

  return ;

  <title>Basic access authentication</title>
<p style="color:red:font-weight:bold">Access authorized !<p>

See also