Class AuthMiddleware

Class Documentation

class AuthMiddleware

Middleware class for handling HTTP authentication/authorization.

Separates the authentication middleware logic from the REST server, following the Single Responsibility Principle (SRP).

This class:

  • Extracts bearer tokens from Authorization headers

  • Delegates token validation to AuthManager

  • Produces appropriate HTTP responses for auth failures

@verifies REQ_INTEROP_086

Public Functions

AuthMiddleware(const AuthConfig &config, AuthManager *auth_manager)

Construct AuthMiddleware with configuration and auth manager.

Parameters:

  • config – Authentication configuration

  • auth_manager – Pointer to the auth manager (not owned)

inline bool is_enabled() const

Check if authentication is enabled.

Returns:

true if auth is enabled

AuthMiddlewareResult process(const AuthRequest &request) const

Process an authentication request.

Checks if authentication is required, validates the token, and checks authorization for the requested resource.

Parameters:

request – The HTTP request abstraction

Returns:

AuthMiddlewareResult with success/failure and response details

Public Static Functions

static std::optional<std::string> extract_bearer_token(const std::string &auth_header)

Extract bearer token from Authorization header.

Parameters:

auth_header – The Authorization header value

Returns:

Token string if valid Bearer format, nullopt otherwise

static AuthRequest from_httplib_request(const httplib::Request &req)

Build AuthRequest from httplib::Request.

Parameters:

req – The httplib request

Returns:

AuthRequest abstraction

static void apply_to_response(const AuthMiddlewareResult &result, httplib::Response &res)

Apply AuthMiddlewareResult to httplib::Response.

Parameters:

  • result – The auth result

  • res – The httplib response to modify