From 3b21cad114ed73c98041b8ea84890f9f1904d287 Mon Sep 17 00:00:00 2001 From: Dario Date: Wed, 22 Jan 2020 15:43:54 +0100 Subject: [PATCH] fix bug with pubkeys and new accounts --- .../HTTPInterface/UpdateUserPasswordPage.cpp | 2 +- .../JsonRequestHandlerFactory.cpp | 9 +++++++- .../JSONInterface/JsonRequestHandlerFactory.h | 3 +++ src/cpp/controller/User.cpp | 1 + src/cpp/controller/User.h | 2 ++ src/cpp/main.cpp | 2 +- src/cpp/model/Session.cpp | 3 ++- src/cpp/model/User.cpp | 23 ++++++++++++------- src/cpp/model/User.h | 10 ++++---- src/cpp/model/table/User.cpp | 2 +- src/cpsp/updateUserPassword.cpsp | 2 +- 11 files changed, 41 insertions(+), 18 deletions(-) diff --git a/src/cpp/HTTPInterface/UpdateUserPasswordPage.cpp b/src/cpp/HTTPInterface/UpdateUserPasswordPage.cpp index e4f5f572b..8440b2d50 100644 --- a/src/cpp/HTTPInterface/UpdateUserPasswordPage.cpp +++ b/src/cpp/HTTPInterface/UpdateUserPasswordPage.cpp @@ -56,7 +56,7 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request auto sessionState = mSession->getSessionState(); - if(user->updatePassword(pwd, "")) { + if(user->updatePassword(pwd, "", mSession->getNewUser())) { //std::string referUri = request.get("Referer", uri_start + "/"); //printf("[updateUserPasswordPage] redirect to referUri: %s\n", referUri.data()); diff --git a/src/cpp/JSONInterface/JsonRequestHandlerFactory.cpp b/src/cpp/JSONInterface/JsonRequestHandlerFactory.cpp index 03aaeba64..b7ab552a9 100644 --- a/src/cpp/JSONInterface/JsonRequestHandlerFactory.cpp +++ b/src/cpp/JSONInterface/JsonRequestHandlerFactory.cpp @@ -11,7 +11,7 @@ #include "JsonGetUsers.h" JsonRequestHandlerFactory::JsonRequestHandlerFactory() - : mRemoveGETParameters("^/([a-zA-Z0-9_-]*)") + : mRemoveGETParameters("^/([a-zA-Z0-9_-]*)"), mLogging(Poco::Logger::get("requestLog")) { } @@ -19,8 +19,15 @@ Poco::Net::HTTPRequestHandler* JsonRequestHandlerFactory::createRequestHandler(c { std::string uri = request.getURI(); std::string url_first_part; + std::stringstream logStream; + mRemoveGETParameters.extract(uri, url_first_part); + std::string dateTimeString = Poco::DateTimeFormatter::format(Poco::DateTime(), "%d.%m.%y %H:%M:%S"); + logStream << dateTimeString << " call " << uri; + + mLogging.information(logStream.str()); + if (url_first_part == "/login") { return new JsonGetLogin; } diff --git a/src/cpp/JSONInterface/JsonRequestHandlerFactory.h b/src/cpp/JSONInterface/JsonRequestHandlerFactory.h index 26fe5c023..2b5dcb510 100644 --- a/src/cpp/JSONInterface/JsonRequestHandlerFactory.h +++ b/src/cpp/JSONInterface/JsonRequestHandlerFactory.h @@ -4,6 +4,8 @@ #include "Poco/Net/HTTPRequestHandlerFactory.h" #include "Poco/RegularExpression.h" +#include "Poco/Logger.h" + #define HTTP_PAGES_COUNT 1 class JsonRequestHandlerFactory : public Poco::Net::HTTPRequestHandlerFactory @@ -14,6 +16,7 @@ public: protected: Poco::RegularExpression mRemoveGETParameters; + Poco::Logger& mLogging; }; #endif // __DR_JSON_REQUEST_HANDLER_FACTORY_H \ No newline at end of file diff --git a/src/cpp/controller/User.cpp b/src/cpp/controller/User.cpp index 9ece8fe62..bc2d7a62c 100644 --- a/src/cpp/controller/User.cpp +++ b/src/cpp/controller/User.cpp @@ -96,6 +96,7 @@ namespace controller { { auto json = getModel()->getJson(); auto pubkey = getPublicHex(); + //printf("[controller::User::getJson] this: %d\n", (int)this); if (pubkey != "") { json.set("public_hex", pubkey); } diff --git a/src/cpp/controller/User.h b/src/cpp/controller/User.h index 5bebe3fc7..f181dd087 100644 --- a/src/cpp/controller/User.h +++ b/src/cpp/controller/User.h @@ -34,6 +34,8 @@ namespace controller { inline Poco::AutoPtr getModel() { return _getModel(); } inline const model::table::User* getModel() const { return _getModel(); } + + const std::string& getPublicHex(); diff --git a/src/cpp/main.cpp b/src/cpp/main.cpp index bcb72085e..cff49fa3d 100644 --- a/src/cpp/main.cpp +++ b/src/cpp/main.cpp @@ -22,7 +22,7 @@ int main(int argc, char** argv) printf("error initing sodium, early exit\n"); return -1; } - ServerConfig::g_versionString = "0.20.KW03.01"; + ServerConfig::g_versionString = "0.20.KW03.02"; printf("User size: %d Bytes, Session size: %d Bytes\n", sizeof(User), sizeof(Session)); printf("model sizes: User: %d Bytes, EmailOptIn: %d Bytes\n", sizeof(model::table::User), sizeof(model::table::EmailOptIn)); diff --git a/src/cpp/model/Session.cpp b/src/cpp/model/Session.cpp index 7467df659..dff919135 100644 --- a/src/cpp/model/Session.cpp +++ b/src/cpp/model/Session.cpp @@ -114,6 +114,7 @@ void Session::reset() mState = SESSION_STATE_EMPTY; mPassphrase = ""; + mLastExternReferer = ""; mClientLoginIP = Poco::Net::IPAddress(); unlock(); //printf("[Session::reset] finished\n"); @@ -189,7 +190,7 @@ bool Session::createUser(const std::string& first_name, const std::string& last_ //prepareEmail->scheduleTask(prepareEmail); // create user crypto key - UniLib::controller::TaskPtr cryptoKeyTask(new UserCreateCryptoKey(mSessionUser, password, ServerConfig::g_CryptoCPUScheduler)); + UniLib::controller::TaskPtr cryptoKeyTask(new UserCreateCryptoKey(mSessionUser, mNewUser, password, ServerConfig::g_CryptoCPUScheduler)); cryptoKeyTask->setFinishCommand(new SessionStateUpdateCommand(SESSION_STATE_CRYPTO_KEY_GENERATED, this)); cryptoKeyTask->scheduleTask(cryptoKeyTask); diff --git a/src/cpp/model/User.cpp b/src/cpp/model/User.cpp index 0af7eb8ef..625480906 100644 --- a/src/cpp/model/User.cpp +++ b/src/cpp/model/User.cpp @@ -22,8 +22,8 @@ using namespace Poco::Data::Keywords; // ------------------------------------------------------------------------------------------------- -UserCreateCryptoKey::UserCreateCryptoKey(Poco::AutoPtr user, const std::string& password, UniLib::controller::CPUSheduler* cpuScheduler) - : UniLib::controller::CPUTask(cpuScheduler), mUser(user), mPassword(password) { +UserCreateCryptoKey::UserCreateCryptoKey(Poco::AutoPtr user, Poco::AutoPtr newUser, const std::string& password, UniLib::controller::CPUSheduler* cpuScheduler) + : UniLib::controller::CPUTask(cpuScheduler), mUser(user), mNewUser(newUser), mPassword(password) { #ifdef _UNI_LIB_DEBUG setName(user->getEmail()); #endif @@ -42,7 +42,7 @@ int UserCreateCryptoKey::run() auto pwdHashed = mUser->createPasswordHashed(cryptoKey); mUser->setPwdHashed(pwdHashed); - + mNewUser->getModel()->setPasswordHashed(pwdHashed); //printf("crypto key created\n"); setTaskFinished(); @@ -65,10 +65,17 @@ int UserGenerateKeys::run() mUser->setPublicKeyHex(mKeys.getPubkeyHex()); mUser->setPublicKey(mKeys.getPublicKey()); + + auto newUserModel = mNewUser->getModel(); + + newUserModel->setPublicKey(mKeys.getPublicKey()); if (mUser->hasCryptoKey()) { mUser->setPrivKey(mKeys.getPrivateKey()); + newUserModel->setPrivateKey(mUser->getPrivKey()); } + //printf("[UserGenerateKeys::run] controller::User: %d\n", (int)mNewUser.get()); + return 0; } @@ -435,7 +442,7 @@ User::User(Poco::AutoPtr ctrl_user) mState = USER_LOADED_FROM_DB; if (!mEmailChecked) { mState = USER_EMAIL_NOT_ACTIVATED; } - else if (!mPublicKey) { mState = USER_NO_KEYS; } + else if (!pubkey) { mState = USER_NO_KEYS; } else if (!mPrivateKey) { mState = USER_NO_PRIVATE_KEY; } else { mState = USER_COMPLETE; } } @@ -628,7 +635,7 @@ bool User::setNewPassword(const std::string& newPassword) return true; } */ -bool User::updatePassword(const std::string& newPassword, const std::string& passphrase) +bool User::updatePassword(const std::string& newPassword, const std::string& passphrase, Poco::AutoPtr newUser) { static const char* functionName("User::updatePassword"); if (newPassword == "") { @@ -659,7 +666,7 @@ bool User::updatePassword(const std::string& newPassword, const std::string& pas duplicate(); lock(functionName); //printf("[User::setNewPassword] start create crypto key task with this: %d\n", this); - mCreateCryptoKeyTask = new UserCreateCryptoKey(this, newPassword, ServerConfig::g_CPUScheduler); + mCreateCryptoKeyTask = new UserCreateCryptoKey(this, newUser, newPassword, ServerConfig::g_CPUScheduler); mCreateCryptoKeyTask->scheduleTask(mCreateCryptoKeyTask); unlock(); } @@ -697,7 +704,7 @@ bool User::updatePassword(const std::string& newPassword, const std::string& pas if (passphrase != "") { duplicate(); - UniLib::controller::TaskPtr genKeys(new UserGenerateKeys(this, passphrase)); + UniLib::controller::TaskPtr genKeys(new UserGenerateKeys(this, newUser, passphrase)); genKeys->scheduleTask(genKeys); @@ -940,7 +947,7 @@ bool User::generateKeys(bool savePrivkey, const std::string& passphrase, Session //Profiler timeUsed; duplicate(); - UniLib::controller::TaskPtr generateKeysTask(new UserGenerateKeys(this, passphrase)); + UniLib::controller::TaskPtr generateKeysTask(new UserGenerateKeys(this, session->getNewUser(), passphrase)); //generateKeysTask->setFinishCommand(new SessionStateUpdateCommand(SESSION_STATE_KEY_PAIR_GENERATED, session)); //generateKeysTask->scheduleTask(generateKeysTask); // run directly because we like to show pubkey on interface, shouldn't last to long diff --git a/src/cpp/model/User.h b/src/cpp/model/User.h index ce2450756..2c46cbde3 100644 --- a/src/cpp/model/User.h +++ b/src/cpp/model/User.h @@ -107,7 +107,7 @@ public: void setEmailChecked(); bool isEmptyPassword(); //bool setNewPassword(const std::string& newPassword); - bool updatePassword(const std::string& newPassword, const std::string& passphrase); + bool updatePassword(const std::string& newPassword, const std::string& passphrase, Poco::AutoPtr newUser); bool validatePwd(const std::string& pwd, ErrorList* validationErrorsToPrint); bool validateIdentHash(HASH hash); @@ -185,21 +185,22 @@ private: class UserCreateCryptoKey : public UniLib::controller::CPUTask { public: - UserCreateCryptoKey(Poco::AutoPtr user, const std::string& password, UniLib::controller::CPUSheduler* cpuScheduler); + UserCreateCryptoKey(Poco::AutoPtr user, Poco::AutoPtr newUser, const std::string& password, UniLib::controller::CPUSheduler* cpuScheduler); virtual int run(); virtual const char* getResourceType() const { return "UserCreateCryptoKey"; }; private: Poco::AutoPtr mUser; + Poco::AutoPtr mNewUser; std::string mPassword; }; class UserGenerateKeys : public UniLib::controller::CPUTask { public: - UserGenerateKeys(Poco::AutoPtr user, const std::string& passphrase) - : mUser(user), mPassphrase(passphrase) { + UserGenerateKeys(Poco::AutoPtr user, Poco::AutoPtr newUser, const std::string& passphrase) + : mUser(user), mNewUser(newUser), mPassphrase(passphrase) { #ifdef _UNI_LIB_DEBUG setName(user->getEmail()); #endif @@ -214,6 +215,7 @@ public: virtual const char* getResourceType() const { return "UserGenerateKeys"; }; protected: Poco::AutoPtr mUser; + Poco::AutoPtr mNewUser; std::string mPassphrase; KeyPair mKeys; }; diff --git a/src/cpp/model/table/User.cpp b/src/cpp/model/table/User.cpp index 0c1fd9b9e..c572ea790 100644 --- a/src/cpp/model/table/User.cpp +++ b/src/cpp/model/table/User.cpp @@ -52,7 +52,7 @@ namespace model { mPublicKey = Poco::Nullable(); } else { - mPrivateKey = Poco::Nullable(Poco::Data::BLOB(publicKey, 32)); + mPublicKey = Poco::Nullable(Poco::Data::BLOB(publicKey, 32)); } } diff --git a/src/cpsp/updateUserPassword.cpsp b/src/cpsp/updateUserPassword.cpsp index b3706d55b..2ff5975cb 100644 --- a/src/cpsp/updateUserPassword.cpsp +++ b/src/cpsp/updateUserPassword.cpsp @@ -34,7 +34,7 @@ enum PageState { auto sessionState = mSession->getSessionState(); - if(user->updatePassword(pwd, "")) { + if(user->updatePassword(pwd, "", mSession->getNewUser())) { //std::string referUri = request.get("Referer", uri_start + "/"); //printf("[updateUserPasswordPage] redirect to referUri: %s\n", referUri.data());