authentication middleware

1 files changed, 30 insertions, 0 deletions

diff --git a/lib/Ultramarine/Middleware/Authentication.pm6 b/lib/Ultramarine/Middleware/Authentication.pm6
new file mode 100644
index 0000000..d71f75c
--- /dev/null
+++ b/lib/Ultramarine/Middleware/Authentication.pm6
@@ -0,0 +1,30 @@
+use v6.d.PREVIEW;
+use Cro::HTTP::Middleware;
+
+# mixin for requests, carrying authentication info
+role Ultramarine::Request::Authed {
+    has Str $.user;
+}
+
+class Ultramarine::Middleware::Authentication
+ does Cro::HTTP::Middleware::Request {
+    has $.users;
+    method process(Supply:D $request-stream) {
+        supply whenever $request-stream -> $request {
+            # here we would have some proper authentication logic
+            my $user = $request.query-value('u')[0];
+            my $valid;
+            if (my $password = $request.query-value('p')[0]) {
+                $valid = $.users.authenticate(:$user,:$password);
+            }
+            elsif (my $token = $request.query-value('t')[0]
+                   and my $salt = $request.query-value('s')[0]) {
+                $valid = $.users.authenticate(:$user,:$token,:$salt);
+            }
+            $request does Ultramarine::Request::Authed(:user($user))
+                if $valid;
+
+            emit $request;
+        }
+    }
+}