From b7836163efaa2807523efe2e633995b50da6179a Mon Sep 17 00:00:00 2001
From: Stefan Haun <tux@netz39.de>
Date: Mon, 28 Sep 2020 00:04:51 +0200
Subject: [PATCH] Add AuthenticatedHandler base class

---
 app.py | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/app.py b/app.py
index cd31e35..5dc8a51 100644
--- a/app.py
+++ b/app.py
@@ -18,6 +18,26 @@ from gitmgr import GitManagerConfiguration, GitManager
 startup_timestamp = datetime.now()
 
 
+class AuthenticatedHandler(tornado.web.RequestHandler, metaclass=ABCMeta):
+    # noinspection PyAttributeOutsideInit
+    def initialize(self, auth_provider=None):
+        self.auth_provider = auth_provider
+
+    def prepare(self):
+        if self.auth_provider is None:
+            return
+
+        # check authentication
+        auth_hdr = "Authentication"
+        if auth_hdr not in self.request.headers:
+            raise tornado.web.HTTPError(401, reason="authentication not provided")
+
+        tk = self.request.headers[auth_hdr]
+
+        if not self.auth_provider.validate_token(tk):
+            raise tornado.web.HTTPError(403, reason="invalid authentication token provided")
+
+
 class HealthHandler(tornado.web.RequestHandler, metaclass=ABCMeta):
     # noinspection PyAttributeOutsideInit
     def initialize(self, sources=None):