A /_whoami handler to provide client apps with access to the active userCtx for their session.

Thanks to the CouchDB University students and janl for helping to implement this.


git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@788971 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 20 insertions, 1 deletions

diff --git a/src/couchdb/couch_httpd_misc_handlers.erl b/src/couchdb/couch_httpd_misc_handlers.erl
index 36dfa0ac..a49bbef6 100644
--- a/src/couchdb/couch_httpd_misc_handlers.erl
+++ b/src/couchdb/couch_httpd_misc_handlers.erl
@@ -15,7 +15,7 @@
 -export([handle_welcome_req/2,handle_favicon_req/2,handle_utils_dir_req/2,
     handle_all_dbs_req/1,handle_replicate_req/1,handle_restart_req/1,
     handle_uuids_req/1,handle_config_req/1,handle_log_req/1,
-    handle_task_status_req/1,handle_sleep_req/1]).
+    handle_task_status_req/1,handle_sleep_req/1,handle_whoami_req/1]).
     
 -export([increment_update_seq_req/2]).
 
@@ -216,3 +216,22 @@ handle_log_req(#httpd{method='GET'}=Req) ->
     send_chunk(Resp, "");
 handle_log_req(Req) ->
     send_method_not_allowed(Req, "GET").
+
+
+% whoami handler
+handle_whoami_req(#httpd{method='GET', user_ctx=UserCtx}=Req) ->
+    Name = UserCtx#user_ctx.name,
+    Roles = UserCtx#user_ctx.roles,
+    ForceLogin = couch_httpd:qs_value(Req, "force_login", "false"),
+    case {Name, ForceLogin} of
+        {null, "true"} ->
+            throw({unauthorized, <<"Please login.">>});
+        _False -> ok
+    end,
+    send_json(Req, {[
+        {ok, true},
+        {name, Name},
+        {roles, Roles}
+    ]});
+handle_whoami_req(Req) ->
+    send_method_not_allowed(Req, "GET").