use v6.d.PREVIEW;
use Cro::HTTP::Middleware;
role Ultramarine::Request::Authed {
has Str $.user;
}
class Ultramarine::Middleware::Authentication
does Cro::HTTP::Middleware::Request {
has $.users;
method process(Supply:D $request-stream) {
supply whenever $request-stream -> $request {
my $user = $request.query-value('u')[0];
my $valid;
if (my $password = $request.query-value('p')[0]) {
$valid = $.users.authenticate(:$user,:$password);
}
elsif (my $token = $request.query-value('t')[0]
and my $salt = $request.query-value('s')[0]) {
$valid = $.users.authenticate(:$user,:$token,:$salt);
}
$request does Ultramarine::Request::Authed(:user($user))
if $valid;
emit $request;
}
}
}