IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix bug with pubkeys and new accounts

Browse Source
This commit is contained in:
Dario 2020-01-22 15:43:54 +01:00
parent 58833b1b44
commit 3b21cad114
11 changed files with 41 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/cpp/HTTPInterface/UpdateUserPasswordPage.cpp
View File

@ -56,7 +56,7 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request
auto sessionState = mSession->getSessionState();
if(user->updatePassword(pwd, "")) {
if(user->updatePassword(pwd, "", mSession->getNewUser())) {
//std::string referUri = request.get("Referer", uri_start + "/");
//printf("[updateUserPasswordPage] redirect to referUri: %s\n", referUri.data());

9
src/cpp/JSONInterface/JsonRequestHandlerFactory.cpp
View File

@ -11,7 +11,7 @@
#include "JsonGetUsers.h"
JsonRequestHandlerFactory::JsonRequestHandlerFactory()
: mRemoveGETParameters("^/([a-zA-Z0-9_-]*)")
: mRemoveGETParameters("^/([a-zA-Z0-9_-]*)"), mLogging(Poco::Logger::get("requestLog"))
{
}
@ -19,8 +19,15 @@ Poco::Net::HTTPRequestHandler* JsonRequestHandlerFactory::createRequestHandler(c
{
std::string uri = request.getURI();
std::string url_first_part;
std::stringstream logStream;
mRemoveGETParameters.extract(uri, url_first_part);
std::string dateTimeString = Poco::DateTimeFormatter::format(Poco::DateTime(), "%d.%m.%y %H:%M:%S");
logStream << dateTimeString << " call " << uri;
mLogging.information(logStream.str());
if (url_first_part == "/login") {
return new JsonGetLogin;
}

3
src/cpp/JSONInterface/JsonRequestHandlerFactory.h
View File

@ -4,6 +4,8 @@
#include "Poco/Net/HTTPRequestHandlerFactory.h"
#include "Poco/RegularExpression.h"
#include "Poco/Logger.h"
#define HTTP_PAGES_COUNT 1
class JsonRequestHandlerFactory : public Poco::Net::HTTPRequestHandlerFactory
@ -14,6 +16,7 @@ public:
protected:
Poco::RegularExpression mRemoveGETParameters;
Poco::Logger& mLogging;
};
#endif // __DR_JSON_REQUEST_HANDLER_FACTORY_H

1
src/cpp/controller/User.cpp
View File

@ -96,6 +96,7 @@ namespace controller {
{
auto json = getModel()->getJson();
auto pubkey = getPublicHex();
//printf("[controller::User::getJson] this: %d\n", (int)this);
if (pubkey != "") {
json.set("public_hex", pubkey);
}

2
src/cpp/controller/User.h
View File

@ -34,6 +34,8 @@ namespace controller {
inline Poco::AutoPtr<model::table::User> getModel() { return _getModel<model::table::User>(); }
inline const model::table::User* getModel() const { return _getModel<model::table::User>(); }
const std::string& getPublicHex();

2
src/cpp/main.cpp
View File

@ -22,7 +22,7 @@ int main(int argc, char** argv)
printf("error initing sodium, early exit\n");
return -1;
}
ServerConfig::g_versionString = "0.20.KW03.01";
ServerConfig::g_versionString = "0.20.KW03.02";
printf("User size: %d Bytes, Session size: %d Bytes\n", sizeof(User), sizeof(Session));
printf("model sizes: User: %d Bytes, EmailOptIn: %d Bytes\n", sizeof(model::table::User), sizeof(model::table::EmailOptIn));

3
src/cpp/model/Session.cpp
View File

@ -114,6 +114,7 @@ void Session::reset()
mState = SESSION_STATE_EMPTY;
mPassphrase = "";
mLastExternReferer = "";
mClientLoginIP = Poco::Net::IPAddress();
unlock();
//printf("[Session::reset] finished\n");
@ -189,7 +190,7 @@ bool Session::createUser(const std::string& first_name, const std::string& last_
//prepareEmail->scheduleTask(prepareEmail);
// create user crypto key
UniLib::controller::TaskPtr cryptoKeyTask(new UserCreateCryptoKey(mSessionUser, password, ServerConfig::g_CryptoCPUScheduler));
UniLib::controller::TaskPtr cryptoKeyTask(new UserCreateCryptoKey(mSessionUser, mNewUser, password, ServerConfig::g_CryptoCPUScheduler));
cryptoKeyTask->setFinishCommand(new SessionStateUpdateCommand(SESSION_STATE_CRYPTO_KEY_GENERATED, this));
cryptoKeyTask->scheduleTask(cryptoKeyTask);

23
src/cpp/model/User.cpp
View File

@ -22,8 +22,8 @@ using namespace Poco::Data::Keywords;
// -------------------------------------------------------------------------------------------------
UserCreateCryptoKey::UserCreateCryptoKey(Poco::AutoPtr<User> user, const std::string& password, UniLib::controller::CPUSheduler* cpuScheduler)
: UniLib::controller::CPUTask(cpuScheduler), mUser(user), mPassword(password) {
UserCreateCryptoKey::UserCreateCryptoKey(Poco::AutoPtr<User> user, Poco::AutoPtr<controller::User> newUser, const std::string& password, UniLib::controller::CPUSheduler* cpuScheduler)
: UniLib::controller::CPUTask(cpuScheduler), mUser(user), mNewUser(newUser), mPassword(password) {
#ifdef _UNI_LIB_DEBUG
setName(user->getEmail());
#endif
@ -42,7 +42,7 @@ int UserCreateCryptoKey::run()
auto pwdHashed = mUser->createPasswordHashed(cryptoKey);
mUser->setPwdHashed(pwdHashed);
mNewUser->getModel()->setPasswordHashed(pwdHashed);
//printf("crypto key created\n");
setTaskFinished();
@ -65,10 +65,17 @@ int UserGenerateKeys::run()
mUser->setPublicKeyHex(mKeys.getPubkeyHex());
mUser->setPublicKey(mKeys.getPublicKey());
auto newUserModel = mNewUser->getModel();
newUserModel->setPublicKey(mKeys.getPublicKey());
if (mUser->hasCryptoKey()) {
mUser->setPrivKey(mKeys.getPrivateKey());
newUserModel->setPrivateKey(mUser->getPrivKey());
}
//printf("[UserGenerateKeys::run] controller::User: %d\n", (int)mNewUser.get());
return 0;
}
@ -435,7 +442,7 @@ User::User(Poco::AutoPtr<controller::User> ctrl_user)
mState = USER_LOADED_FROM_DB;
if (!mEmailChecked) { mState = USER_EMAIL_NOT_ACTIVATED; }
else if (!mPublicKey) { mState = USER_NO_KEYS; }
else if (!pubkey) { mState = USER_NO_KEYS; }
else if (!mPrivateKey) { mState = USER_NO_PRIVATE_KEY; }
else { mState = USER_COMPLETE; }
}
@ -628,7 +635,7 @@ bool User::setNewPassword(const std::string& newPassword)
return true;
}
*/
bool User::updatePassword(const std::string& newPassword, const std::string& passphrase)
bool User::updatePassword(const std::string& newPassword, const std::string& passphrase, Poco::AutoPtr<controller::User> newUser)
{
static const char* functionName("User::updatePassword");
if (newPassword == "") {
@ -659,7 +666,7 @@ bool User::updatePassword(const std::string& newPassword, const std::string& pas
duplicate();
lock(functionName);
//printf("[User::setNewPassword] start create crypto key task with this: %d\n", this);
mCreateCryptoKeyTask = new UserCreateCryptoKey(this, newPassword, ServerConfig::g_CPUScheduler);
mCreateCryptoKeyTask = new UserCreateCryptoKey(this, newUser, newPassword, ServerConfig::g_CPUScheduler);
mCreateCryptoKeyTask->scheduleTask(mCreateCryptoKeyTask);
unlock();
}
@ -697,7 +704,7 @@ bool User::updatePassword(const std::string& newPassword, const std::string& pas
if (passphrase != "") {
duplicate();
UniLib::controller::TaskPtr genKeys(new UserGenerateKeys(this, passphrase));
UniLib::controller::TaskPtr genKeys(new UserGenerateKeys(this, newUser, passphrase));
genKeys->scheduleTask(genKeys);
@ -940,7 +947,7 @@ bool User::generateKeys(bool savePrivkey, const std::string& passphrase, Session
//Profiler timeUsed;
duplicate();
UniLib::controller::TaskPtr generateKeysTask(new UserGenerateKeys(this, passphrase));
UniLib::controller::TaskPtr generateKeysTask(new UserGenerateKeys(this, session->getNewUser(), passphrase));
//generateKeysTask->setFinishCommand(new SessionStateUpdateCommand(SESSION_STATE_KEY_PAIR_GENERATED, session));
//generateKeysTask->scheduleTask(generateKeysTask);
// run directly because we like to show pubkey on interface, shouldn't last to long

10
src/cpp/model/User.h
View File

@ -107,7 +107,7 @@ public:
void setEmailChecked();
bool isEmptyPassword();
//bool setNewPassword(const std::string& newPassword);
bool updatePassword(const std::string& newPassword, const std::string& passphrase);
bool updatePassword(const std::string& newPassword, const std::string& passphrase, Poco::AutoPtr<controller::User> newUser);
bool validatePwd(const std::string& pwd, ErrorList* validationErrorsToPrint);
bool validateIdentHash(HASH hash);
@ -185,21 +185,22 @@ private:
class UserCreateCryptoKey : public UniLib::controller::CPUTask
{
public:
UserCreateCryptoKey(Poco::AutoPtr<User> user, const std::string& password, UniLib::controller::CPUSheduler* cpuScheduler);
UserCreateCryptoKey(Poco::AutoPtr<User> user, Poco::AutoPtr<controller::User> newUser, const std::string& password, UniLib::controller::CPUSheduler* cpuScheduler);
virtual int run();
virtual const char* getResourceType() const { return "UserCreateCryptoKey"; };
private:
Poco::AutoPtr<User> mUser;
Poco::AutoPtr<controller::User> mNewUser;
std::string mPassword;
};
class UserGenerateKeys : public UniLib::controller::CPUTask
{
public:
UserGenerateKeys(Poco::AutoPtr<User> user, const std::string& passphrase)
: mUser(user), mPassphrase(passphrase) {
UserGenerateKeys(Poco::AutoPtr<User> user, Poco::AutoPtr<controller::User> newUser, const std::string& passphrase)
: mUser(user), mNewUser(newUser), mPassphrase(passphrase) {
#ifdef _UNI_LIB_DEBUG
setName(user->getEmail());
#endif
@ -214,6 +215,7 @@ public:
virtual const char* getResourceType() const { return "UserGenerateKeys"; };
protected:
Poco::AutoPtr<User> mUser;
Poco::AutoPtr<controller::User> mNewUser;
std::string mPassphrase;
KeyPair mKeys;
};

2
src/cpp/model/table/User.cpp
View File

@ -52,7 +52,7 @@ namespace model {
mPublicKey = Poco::Nullable<Poco::Data::BLOB>();
}
else {
mPrivateKey = Poco::Nullable<Poco::Data::BLOB>(Poco::Data::BLOB(publicKey, 32));
mPublicKey = Poco::Nullable<Poco::Data::BLOB>(Poco::Data::BLOB(publicKey, 32));
}
}

2
src/cpsp/updateUserPassword.cpsp
View File

@ -34,7 +34,7 @@ enum PageState {
auto sessionState = mSession->getSessionState();
if(user->updatePassword(pwd, "")) {
if(user->updatePassword(pwd, "", mSession->getNewUser())) {
//std::string referUri = request.get("Referer", uri_start + "/");
//printf("[updateUserPasswordPage] redirect to referUri: %s\n", referUri.data());