Protection senario check

[mhf-ir]

Add cookie parser for check request and system status.

Consider HTTP request always carry the cookie of client unique identifier.
For example Cookie: cuid=blahblahblah;

• Add Cookie parser for parse multiple cookie parse what' you need

• Know status of protection: Consider statuses N, P{N}
  Which means Normal N every thing is good so let all request go.
  By P**{N}**
  Depend on config file we follow these:
  Define cookie name for example asm_prt=xxxxx*

  SampleConfig: P1: Protection Level 1
  cookie ttl: **604800**
  cookie parameters: 
     - CUID
  SampleConfig: P2: Protection Level 2
  cookie ttl: **86400**
  cookie parameters: 
     - CUID
     - IP Address
  SampleConfig: P3: Protection Level 3
  cookie ttl: **7200**
  cookie parameters: 
     - CUID
     - IP Address
     - User Agent

• JWT decode for parse general Auth base on Authorization and Cookie for status of user is guest or logged in user.
• If user not logged in : For guest members follow cookie mechanism (Not logged in and not authorized servers) Encryption and Decryption by special cookie for status of request (https://en.wikipedia.org/wiki/Advanced_Encryption_Standard)
  This method will use for captcha application to generate same cookie algorithm for Palantir proxy.
• For mobile application they are same but using special header X-Cuid: blahblahblah same follow for cookie.

1. Document workflow
2. Accpet workflow
3. Implementation