Cutelyst  2.14.2
csrf.cpp
1 /*
2  * Copyright (C) 2017 Matthias Fehring <kontakt@buschmann23.de>
3  *
4  * This library is free software; you can redistribute it and/or
5  * modify it under the terms of the GNU Lesser General Public
6  * License as published by the Free Software Foundation; either
7  * version 2.1 of the License, or (at your option) any later version.
8  *
9  * This library is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12  * Lesser General Public License for more details.
13  *
14  * You should have received a copy of the GNU Lesser General Public
15  * License along with this library; if not, write to the Free Software
16  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17  */
18 #include "csrf.h"
19 
20 #include <cutelee/exception.h>
21 #include <cutelee/parser.h>
22 
23 #include <Cutelyst/Context>
24 #include <Cutelyst/ParamsMultiMap>
25 #include <Cutelyst/Request>
26 #include <Cutelyst/Response>
27 
28 #ifdef PLUGIN_CSRFPROTECTION_ENABLED
29 #include <Cutelyst/Plugins/CSRFProtection/CSRFProtection>
30 #endif
31 
32 Cutelee::Node *CSRFTag::getNode(const QString &tagContent, Cutelee::Parser *p) const
33 {
34  Q_UNUSED(tagContent);
35  return new CSRF(p);
36 }
37 
38 CSRF::CSRF(Cutelee::Parser *parser) : Cutelee::Node(parser)
39 {
40 }
41 
42 void CSRF::render(Cutelee::OutputStream *stream, Cutelee::Context *gc) const
43 {
44 #ifdef PLUGIN_CSRFPROTECTION_ENABLED
45  // In case cutelyst context is not set as "c"
46  auto c = gc->lookup(m_cutelystContext).value<Cutelyst::Context *>();
47  if (!c) {
48  const QVariantHash hash = gc->stackHash(0);
49  auto it = hash.constBegin();
50  while (it != hash.constEnd()) {
51  if (it.value().userType() == qMetaTypeId<Cutelyst::Context *>()) {
52  c = it.value().value<Cutelyst::Context *>();
53  if (c) {
54  m_cutelystContext = it.key();
55  break;
56  }
57  }
58  ++it;
59  }
60 
61  if (!c) {
62  return;
63  }
64  }
65 
66  *stream << Cutelyst::CSRFProtection::getTokenFormField(c);
67 #else
68  Q_UNUSED(stream)
69  Q_UNUSED(gc)
70  qWarning("%s", "The CSRF protection plugin has not been built.");
71 #endif
72 }
73 
74 #include "moc_csrf.cpp"
Cutelyst::Context
The Cutelyst Context.
Definition: context.h:51
Cutelyst::CSRFProtection::getTokenFormField
static QString getTokenFormField(Context *c)
Definition: csrfprotection.cpp:206
Generated by   doxygen 1.8.6