Fixed redis_auth.c logic + filling user_sid field
redis_auth.c was unable to receive session_id as long as user <-> session should be both ways
This commit is contained in:
parent
8d3718c9ae
commit
6cafa0aff9
@ -3,10 +3,10 @@
|
|||||||
#include "config.h"
|
#include "config.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
|
|
||||||
#define UUID_SIZE 36
|
#define UUID_SIZE 37
|
||||||
|
|
||||||
/* TODO: place cookie normally */
|
/* TODO: place cookie normally */
|
||||||
void
|
char *
|
||||||
validate_credentials()
|
validate_credentials()
|
||||||
{
|
{
|
||||||
char username[RA_USER_MAX_LENGTH + 1], password[RA_PASSWORD_MAX_LENGTH + 1];
|
char username[RA_USER_MAX_LENGTH + 1], password[RA_PASSWORD_MAX_LENGTH + 1];
|
||||||
@ -16,45 +16,38 @@ validate_credentials()
|
|||||||
|
|
||||||
err = cgiFormString("username", username, RA_USER_MAX_LENGTH + 1);
|
err = cgiFormString("username", username, RA_USER_MAX_LENGTH + 1);
|
||||||
if (err == cgiFormTruncated) {
|
if (err == cgiFormTruncated) {
|
||||||
fprintf(cgiOut, "Username too long(max %d chars)\n", RA_USER_MAX_LENGTH);
|
return "Username too long\n";
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
if (err == cgiFormNotFound) {
|
if (err == cgiFormNotFound) {
|
||||||
fprintf(cgiOut, "Username not provided\n");
|
return "Username not provided\n";
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
err = cgiFormString("password", password, RA_PASSWORD_MAX_LENGTH + 1);
|
err = cgiFormString("password", password, RA_PASSWORD_MAX_LENGTH + 1);
|
||||||
if (err == cgiFormTruncated) {
|
if (err == cgiFormTruncated) {
|
||||||
fprintf(cgiOut, "Password too long(max %d+1(NUL) bytes)\n", RA_PASSWORD_MAX_LENGTH);
|
return "Password too long\n";
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
if (err == cgiFormNotFound) {
|
if (err == cgiFormNotFound) {
|
||||||
fprintf(cgiOut, "Password not provided\n");
|
return "Password not provided\n";
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!is_valid_username(username)) {
|
if (!is_valid_username(username)) {
|
||||||
fprintf(cgiOut, "Username must be [A-Za-z0-9_]\n");
|
return "Username must be [A-Za-z0-9_]\n";
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!is_valid_password(password)) {
|
if (!is_valid_password(password)) {
|
||||||
fprintf(cgiOut, "Password must be a sequence of bytes in range 32-255\n");
|
return "Password must be a sequence of bytes in range 32-255\n";
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
auth = authenticate(username, password, session_id);
|
auth = authenticate(username, password, session_id);
|
||||||
if (auth < 0) {
|
if (auth < 0) {
|
||||||
fprintf(cgiOut, "Some error occured, contact system administrator\n");
|
return "Some error occured, contact system administrator\n";
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (auth) {
|
if (auth) {
|
||||||
cgiHeaderCookieSet(SESSION_COOKIE_NAME, session_id, RA_SESSION_EXPIRE, "/", HOSTNAME, 0);
|
cgiHeaderCookieSet(SESSION_COOKIE_NAME, session_id, RA_SESSION_EXPIRE, "/", HOSTNAME, 0);
|
||||||
fprintf(cgiOut, "You've successfully logged in as %s\n", username);
|
return "You've successfully logged in!\n";
|
||||||
} else {
|
} else {
|
||||||
fprintf(cgiOut, "Failed to log in, check credentials\n");
|
return "Failed to log in, check credentials\n";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -73,6 +66,14 @@ print_login_form()
|
|||||||
int
|
int
|
||||||
cgiMain()
|
cgiMain()
|
||||||
{
|
{
|
||||||
|
char *message;
|
||||||
|
if (cgiFormSubmitClicked("login") == cgiFormSuccess) {
|
||||||
|
message = validate_credentials();
|
||||||
|
} else {
|
||||||
|
message = "";
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
cgiHeaderContentType("text/html");
|
cgiHeaderContentType("text/html");
|
||||||
|
|
||||||
fprintf(cgiOut, "<html>\n");
|
fprintf(cgiOut, "<html>\n");
|
||||||
@ -83,9 +84,7 @@ cgiMain()
|
|||||||
|
|
||||||
fprintf(cgiOut, "<body>\n");
|
fprintf(cgiOut, "<body>\n");
|
||||||
|
|
||||||
if (cgiFormSubmitClicked("login") == cgiFormSuccess) {
|
fputs(message, cgiOut);
|
||||||
validate_credentials();
|
|
||||||
}
|
|
||||||
|
|
||||||
print_login_form();
|
print_login_form();
|
||||||
|
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#include <tomcrypt.h>
|
#include <tomcrypt.h>
|
||||||
|
|
||||||
#define UUID_SIZE 36
|
#define UUID_SIZE 37
|
||||||
#define SHA512_DIGEST_SIZE 64
|
#define SHA512_DIGEST_SIZE 64
|
||||||
|
|
||||||
#define FAIL_AUTH() do { \
|
#define FAIL_AUTH() do { \
|
||||||
@ -40,7 +40,7 @@ user_by_session_id(const char *session_id, char *username)
|
|||||||
goto defer;
|
goto defer;
|
||||||
}
|
}
|
||||||
|
|
||||||
reply = redisCommand(ctx, "GET session:%s", session_id);
|
reply = redisCommand(ctx, "GET username:%s", session_id);
|
||||||
if (reply->type != REDIS_REPLY_STRING) {
|
if (reply->type != REDIS_REPLY_STRING) {
|
||||||
strcpy(username, "");
|
strcpy(username, "");
|
||||||
} else {
|
} else {
|
||||||
@ -115,10 +115,14 @@ authenticate(const char *username, const char *password, char *session_id)
|
|||||||
|
|
||||||
sid_reply = redisCommand(ctx, "SET session:%s %s", username, session_id);
|
sid_reply = redisCommand(ctx, "SET session:%s %s", username, session_id);
|
||||||
freeReplyObject(sid_reply);
|
freeReplyObject(sid_reply);
|
||||||
|
sid_reply = redisCommand(ctx, "SET username:%s %s", session_id, username);
|
||||||
|
freeReplyObject(sid_reply);
|
||||||
} else {
|
} else {
|
||||||
strcpy(session_id, sid_reply->str);
|
strcpy(session_id, sid_reply->str);
|
||||||
}
|
}
|
||||||
sid_reply = redisCommand(ctx, "EXPIRE session:%s %d", username, RA_SESSION_EXPIRE);
|
sid_reply = redisCommand(ctx, "EXPIRE session:%s %d", username, RA_SESSION_EXPIRE);
|
||||||
|
freeReplyObject(sid_reply);
|
||||||
|
sid_reply = redisCommand(ctx, "EXPIRE username:%s %d", session_id, RA_SESSION_EXPIRE);
|
||||||
retval = 1;
|
retval = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -5,11 +5,16 @@
|
|||||||
#include "driver.h"
|
#include "driver.h"
|
||||||
#include "drivers/unix_fs/unix_fs_driver.h"
|
#include "drivers/unix_fs/unix_fs_driver.h"
|
||||||
#include "config.h"
|
#include "config.h"
|
||||||
|
#include "auth.h"
|
||||||
|
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <time.h>
|
#include <time.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
|
||||||
|
#define UUID_SIZE 37
|
||||||
|
|
||||||
|
char authorized_user_sid[RA_USER_MAX_LENGTH + 1], session_id[UUID_SIZE];
|
||||||
|
|
||||||
int
|
int
|
||||||
page_by_id(int id)
|
page_by_id(int id)
|
||||||
{
|
{
|
||||||
@ -196,7 +201,11 @@ handle_submitted_comment()
|
|||||||
time(&header.creation_time);
|
time(&header.creation_time);
|
||||||
header.reply_id = rid;
|
header.reply_id = rid;
|
||||||
header.text_length = strlen(sanitized_text);
|
header.text_length = strlen(sanitized_text);
|
||||||
|
if (strcmp(authorized_user_sid, "")) {
|
||||||
|
header.user_sid = authorized_user_sid;
|
||||||
|
} else {
|
||||||
header.user_sid = "web/anonymous";
|
header.user_sid = "web/anonymous";
|
||||||
|
}
|
||||||
header.user_displayname = displayname;
|
header.user_displayname = displayname;
|
||||||
|
|
||||||
if (driver.leave_comment(&driver_data, &header, sanitized_text) < 0) {
|
if (driver.leave_comment(&driver_data, &header, sanitized_text) < 0) {
|
||||||
@ -214,6 +223,11 @@ defer:
|
|||||||
int
|
int
|
||||||
cgiMain()
|
cgiMain()
|
||||||
{
|
{
|
||||||
|
if (cgiCookieString(SESSION_COOKIE_NAME, session_id, UUID_SIZE) == cgiFormSuccess) {
|
||||||
|
user_by_session_id(session_id, authorized_user_sid);
|
||||||
|
} else {
|
||||||
|
authorized_user_sid[0] = '\0';
|
||||||
|
}
|
||||||
cgiHeaderContentType("text/html");
|
cgiHeaderContentType("text/html");
|
||||||
|
|
||||||
fprintf(cgiOut, "<html>\n");
|
fprintf(cgiOut, "<html>\n");
|
||||||
|
Loading…
Reference in New Issue
Block a user