Expose digest auth checking functions

PUBLISHED_FROM=1bfc6e332f56b68eb6155bb729a97a0d8d5a316c
2025-06-07 17:42:30 +08:00 · 2017-11-28 01:45:13 +02:00 · 2017-11-28 01:45:13 +02:00 · 9ab6d084df
commit 9ab6d084df
parent cf8d0a25aa
5 changed files with 54 additions and 10 deletions
--- a/docs/c-api/http.h/intro.md
+++ b/docs/c-api/http.h/intro.md
@ -5,6 +5,8 @@ decl_name: "http.h"
 items:
  - { name: mg_connect_ws.md }
  - { name: mg_connect_ws_opt.md }
+  - { name: mg_http_is_authorized.md }
+  - { name: mg_http_send_digest_auth_request.md }
  - { name: mg_printf_websocket_frame.md }
  - { name: mg_send_websocket_frame.md }
  - { name: mg_send_websocket_framev.md }
--- a/docs/c-api/http.h/mg_http_is_authorized.md
+++ b/docs/c-api/http.h/mg_http_is_authorized.md
@ -0,0 +1,16 @@
+---
+title: "mg_http_is_authorized()"
+decl_name: "mg_http_is_authorized"
+symbol_kind: "func"
+signature: |
+  int mg_http_is_authorized(struct http_message *hm, struct mg_str path,
+                            int is_directory, const char *domain,
+                            const char *passwords_file, int is_global_pass_file);
+---
+
+Checks whether an http request is authorized. `domain` is the authentication
+realm, `passwords_file` is a htdigest file (can be created e.g. with
+`htdigest` utility). If either `domain` or `passwords_file` is NULL, this
+function always returns 1; otherwise checks the authentication in the
+http request and returns 1 only if there is a match; 0 otherwise. 
+
--- a/docs/c-api/http.h/mg_http_send_digest_auth_request.md
+++ b/docs/c-api/http.h/mg_http_send_digest_auth_request.md
@ -0,0 +1,11 @@
+---
+title: "mg_http_send_digest_auth_request()"
+decl_name: "mg_http_send_digest_auth_request"
+symbol_kind: "func"
+signature: |
+  void mg_http_send_digest_auth_request(struct mg_connection *c,
+                                        const char *domain);
+---
+
+Sends 401 Unauthorized response. 
+
--- a/mongoose.c
+++ b/mongoose.c
@ -7363,10 +7363,9 @@ int mg_check_digest_auth(struct mg_str method, struct mg_str uri,
  return 0;
 }

-static int mg_http_is_authorized(struct http_message *hm, struct mg_str path,
+int mg_http_is_authorized(struct http_message *hm, struct mg_str path,
                          int is_directory, const char *domain,
-                                 const char *passwords_file,
-                                 int is_global_pass_file) {
+                          const char *passwords_file, int is_global_pass_file) {
  char buf[MG_MAX_PATH];
  const char *p;
  FILE *fp;
@ -7399,10 +7398,9 @@ static int mg_http_is_authorized(struct http_message *hm, struct mg_str path,
  return authorized;
 }
 #else
-static int mg_http_is_authorized(struct http_message *hm,
-                                 const struct mg_str path, int is_directory,
-                                 const char *domain, const char *passwords_file,
-                                 int is_global_pass_file) {
+int mg_http_is_authorized(struct http_message *hm, const struct mg_str path,
+                          int is_directory, const char *domain,
+                          const char *passwords_file, int is_global_pass_file) {
  (void) hm;
  (void) path;
  (void) is_directory;
@ -7942,7 +7940,7 @@ MG_INTERNAL int mg_is_not_modified(struct http_message *hm, cs_stat_t *st) {
  }
 }

-static void mg_http_send_digest_auth_request(struct mg_connection *c,
+void mg_http_send_digest_auth_request(struct mg_connection *c,
                                      const char *domain) {
  mg_printf(c,
            "HTTP/1.1 401 Unauthorized\r\n"
--- a/mongoose.h
+++ b/mongoose.h
@ -4541,6 +4541,23 @@ extern void mg_hash_md5_v(size_t num_msgs, const uint8_t *msgs[],
 extern void mg_hash_sha1_v(size_t num_msgs, const uint8_t *msgs[],
                           const size_t *msg_lens, uint8_t *digest);

+/*
+ * Checks whether an http request is authorized. `domain` is the authentication
+ * realm, `passwords_file` is a htdigest file (can be created e.g. with
+ * `htdigest` utility). If either `domain` or `passwords_file` is NULL, this
+ * function always returns 1; otherwise checks the authentication in the
+ * http request and returns 1 only if there is a match; 0 otherwise.
+ */
+int mg_http_is_authorized(struct http_message *hm, struct mg_str path,
+                          int is_directory, const char *domain,
+                          const char *passwords_file, int is_global_pass_file);
+
+/*
+ * Sends 401 Unauthorized response.
+ */
+void mg_http_send_digest_auth_request(struct mg_connection *c,
+                                      const char *domain);
+
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */