/usr/include/Wt/Auth/AbstractPasswordService is in libwt-dev 3.3.0-1build1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 | // This may look like C code, but it's really -*- C++ -*-
/*
* Copyright (C) 2011 Emweb bvba, Kessel-Lo, Belgium.
*
* See the LICENSE file for terms of use.
*/
#ifndef WT_AUTH_ABSTRACT_PASSWORD_AUTH_H_
#define WT_AUTH_ABSTRACT_PASSWORD_AUTH_H_
#include <Wt/WValidator>
#include <Wt/WString>
#include <Wt/Auth/User>
namespace Wt {
namespace Auth {
class AuthService;
class User;
/*! \brief Enumeration for a password verification result
*
* \sa AbstractPasswordService::verifyPassword()
*
* \ingroup auth
*/
enum PasswordResult {
PasswordInvalid, //!< The password is invalid
LoginThrottling, //!< The attempt was not processed because of throttling
PasswordValid //!< The password is valid
};
/*! \class AbstractPasswordService Wt/Auth/AbstractPasswordService
* \brief Abstract password authentication service
*
* This abstract class defines the interface for password authentication.
*
* It provides methods to verify a password, to update a password, and to
* throttle password verification attempts.
*
* \sa PasswordService a default implementation
*
* \ingroup auth
*/
class WT_API AbstractPasswordService
{
public:
/*! \class StrengthValidatorResult
* \brief Result returned when validating password strength.
*
* This class contains information on the validity and the strength of
* the password together with possible messages.
* When the password is considered not strong enough, a message should
* be provided which helps the user pick a stronger password.
*
* \sa AbstractStrengthValidator::evaluateStrength()
*/
class StrengthValidatorResult {
public:
/*! \brief Constructor.
*/
StrengthValidatorResult(bool valid,
const WString &message,
int strength);
/*! \brief Returns whether the password is considered strong enough.
*/
bool isValid() { return valid_; }
/*! \brief Returns a message describing the password strength.
*/
WString message() { return message_; }
/*! \brief Returns the password strength in a scale of 0 to 5.
*/
int strength() { return strength_; }
private:
bool valid_;
WString message_;
int strength_;
};
/*! \class AbstractStrengthValidator
* \brief Validator for password strength.
*
* This class defines a specialized validator interface for evaluating
* password strength. The implementation allows to evaluate strength
* in addition to the normal validator functionality of validating a
* password.
*
* The evaluateStrength() computes the strength and returns
* an instance of StrenghtValidatorResult which contains information on the
* validity and the strength of the password together with possible messages.
*
* \sa strengthValidator()
*/
class WT_API AbstractStrengthValidator : public Wt::WValidator
{
public:
/*! \brief Evaluates the strength of a password.
*
* The result is an instance of StrengthValidatorResult which
* contains information on the validity and the strength of the password
* together with possible messages.
*
* The validator may take into account the user's login name and
* email address, to exclude passwords that are too similar to
* these.
*/
virtual StrengthValidatorResult
evaluateStrength(const WT_USTRING& password,
const WT_USTRING& loginName,
const std::string& email) const = 0;
/*! \brief Validates a password.
*
* This uses evaluateStrength(), isValid() and message() to return the
* result of password validation.
*/
virtual Result validate(const WT_USTRING& password,
const WT_USTRING& loginName,
const std::string& email) const;
/*! \brief Validates a password.
*
* Calls validate(password, WString::Empty, "");
*/
virtual Result validate(const WT_USTRING& password) const;
};
/*! \brief Destructor.
*/
virtual ~AbstractPasswordService();
/*! \brief Returns the basic authentication service.
*/
virtual const AuthService& baseAuth() const = 0;
/*! \brief Returns whether password attempt throttling is enabled.
*/
virtual bool attemptThrottlingEnabled() const = 0;
/*! \brief Returns a validator which checks that a password is strong enough.
*/
virtual AbstractStrengthValidator *strengthValidator() const = 0;
/*! \brief Returns the delay for this user for a next authentication
* attempt.
*
* If password attempt throttling is enabled, then this returns the
* number of seconds this user must wait for a new authentication
* attempt, presumably because of a number of failed attempts.
*
* \sa attemptThrottlingEnabled()
*/
virtual int delayForNextAttempt(const User& user) const = 0;
/*! \brief Verifies a password for a given user.
*
* The supplied password is verified against the user's credentials
* stored in the database. If password account throttling is
* enabled, it may also refuse an authentication attempt.
*
* \sa setVerifier(), setAttemptThrottlingEnabled()
*/
virtual PasswordResult verifyPassword(const User& user,
const WT_USTRING& password) const = 0;
/*! \brief Sets a new password for the given user.
*
* This stores a new password for the user in the database.
*/
virtual void updatePassword(const User& user, const WT_USTRING& password)
const = 0;
};
}
}
#endif // WT_AUTH_ABSTRACT_PASSWORD_AUTH
|