mirror of
https://github.com/IT4Change/gradido.git
synced 2025-12-13 07:45:54 +00:00
adding admin user password reset
This commit is contained in:
Dario
parent
24ff367157
commit
9f9bc0c1ef
@ -160,6 +160,16 @@ bool KeyPair::generateFromPassphrase(const char* passphrase, const Mnemonic* wor
|
||||
return true;
|
||||
}
|
||||
|
||||
bool KeyPair::generateFromPassphrase(const std::string& passphrase)
|
||||
{
|
||||
//static bool validatePassphrase(const std::string& passphrase, Mnemonic** wordSource = nullptr);
|
||||
Mnemonic* wordSource = nullptr;
|
||||
if (validatePassphrase(passphrase, &wordSource)) {
|
||||
return generateFromPassphrase(passphrase.data(), wordSource);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
MemoryBin* KeyPair::createWordIndices(const std::string& passphrase, const Mnemonic* word_source)
|
||||
{
|
||||
auto er = ErrorManager::getInstance();
|
||||
@ -366,4 +376,35 @@ bool KeyPair::savePrivKey(int userId)
|
||||
bool KeyPair::isPubkeysTheSame(const unsigned char* pubkey) const
|
||||
{
|
||||
return sodium_memcmp(pubkey, mPublicKey, ed25519_pubkey_SIZE) == 0;
|
||||
}
|
||||
}
|
||||
|
||||
bool KeyPair::validatePassphrase(const std::string& passphrase, Mnemonic** wordSource/* = nullptr*/)
|
||||
{
|
||||
std::istringstream iss(passphrase);
|
||||
std::vector<std::string> results(std::istream_iterator<std::string>{iss},
|
||||
std::istream_iterator<std::string>());
|
||||
|
||||
for (int i = 0; i < ServerConfig::Mnemonic_Types::MNEMONIC_MAX; i++) {
|
||||
Mnemonic& m = ServerConfig::g_Mnemonic_WordLists[i];
|
||||
bool existAll = true;
|
||||
for (auto it = results.begin(); it != results.end(); it++) {
|
||||
if (*it == "\0" || *it == "" || it->size() < 3) continue;
|
||||
if (!m.isWordExist(*it)) {
|
||||
if (i == 1) {
|
||||
int zahl = 0;
|
||||
}
|
||||
//printf("wordlist: %d, word not found: %s\n", i, it->data());
|
||||
existAll = false;
|
||||
continue;
|
||||
}
|
||||
}
|
||||
if (existAll) {
|
||||
if (wordSource) {
|
||||
*wordSource = &m;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -29,8 +29,10 @@ public:
|
||||
~KeyPair();
|
||||
|
||||
bool generateFromPassphrase(const char* passphrase, const Mnemonic* word_source);
|
||||
bool generateFromPassphrase(const std::string& passphrase);
|
||||
static std::string passphraseTransform(const std::string& passphrase, const Mnemonic* currentWordSource, const Mnemonic* targetWordSource);
|
||||
static std::string filterPassphrase(const std::string& passphrase);
|
||||
static bool validatePassphrase(const std::string& passphrase, Mnemonic** wordSource = nullptr);
|
||||
|
||||
std::string getPubkeyHex();
|
||||
bool savePrivKey(int userId);
|
||||
|
||||
265
src/cpp/HTTPInterface/AdminUserPasswordReset.cpp
Normal file
265
src/cpp/HTTPInterface/AdminUserPasswordReset.cpp
Normal file
@ -0,0 +1,265 @@
|
||||
#include "AdminUserPasswordReset.h"
|
||||
#include "Poco/Net/HTTPServerRequest.h"
|
||||
#include "Poco/Net/HTTPServerResponse.h"
|
||||
#include "Poco/Net/HTMLForm.h"
|
||||
#include "Poco/DeflatingStream.h"
|
||||
|
||||
|
||||
#line 7 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
|
||||
// includes
|
||||
#include "../controller/User.h"
|
||||
#include "../controller/EmailVerificationCode.h"
|
||||
#include "../controller/UserBackups.h"
|
||||
|
||||
|
||||
enum PageState
|
||||
{
|
||||
PAGE_ASK_EMAIL,
|
||||
PAGE_SHOW_EMAIL
|
||||
};
|
||||
#line 1 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
|
||||
|
||||
#include "../ServerConfig.h"
|
||||
|
||||
|
||||
AdminUserPasswordReset::AdminUserPasswordReset(Session* arg):
|
||||
SessionHTTPRequestHandler(arg)
|
||||
{
|
||||
}
|
||||
|
||||
|
||||
void AdminUserPasswordReset::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response)
|
||||
{
|
||||
response.setChunkedTransferEncoding(true);
|
||||
response.setContentType("text/html");
|
||||
bool _compressResponse(request.hasToken("Accept-Encoding", "gzip"));
|
||||
if (_compressResponse) response.set("Content-Encoding", "gzip");
|
||||
|
||||
Poco::Net::HTMLForm form(request, request.stream());
|
||||
#line 19 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
|
||||
// code
|
||||
PageState state = PAGE_ASK_EMAIL;
|
||||
Poco::AutoPtr<controller::User> user = controller::User::create();
|
||||
Poco::AutoPtr<controller::EmailVerificationCode> code;
|
||||
Poco::AutoPtr<controller::UserBackups> userBackup;
|
||||
bool validUser = false;
|
||||
std::string pageName = "Admin User Passwort Reset";
|
||||
|
||||
if(!form.empty()) {
|
||||
auto email = form.get("user-email", "");
|
||||
|
||||
if("" != email) {
|
||||
if(1 != user->load(email)) {
|
||||
addError(new Error("Benutzer Email", "Konnte keinen passenden Benutzer finden!"));
|
||||
} else {
|
||||
validUser = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
if(validUser) {
|
||||
auto userId = user->getModel()->getID();
|
||||
code = controller::EmailVerificationCode::load(userId, model::table::EMAIL_OPT_IN_RESET_PASSWORD);
|
||||
if(code.isNull()) {
|
||||
code = controller::EmailVerificationCode::create(userId, model::table::EMAIL_OPT_IN_RESET_PASSWORD);
|
||||
if(!code->getModel()->insertIntoDB(false)) {
|
||||
addError(new Error("E-Mail Verification Code", "Fehler beim speichern!"));
|
||||
getErrors(code->getModel());
|
||||
}
|
||||
}
|
||||
|
||||
auto backups = controller::UserBackups::load(userId);
|
||||
auto userPubkey = user->getModel()->getPublicKey();
|
||||
for(auto it = backups.begin(); it != backups.end(); it++) {
|
||||
auto keys = (*it)->getKeyPair();
|
||||
if(keys->isPubkeysTheSame(userPubkey)) {
|
||||
userBackup = *it;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if(userBackup.isNull()) {
|
||||
addError(new Error("User Backup", "Kein passendes User Backup gefunden!"));
|
||||
}
|
||||
|
||||
if(!userBackup.isNull() && !code.isNull()) {
|
||||
state = PAGE_SHOW_EMAIL;
|
||||
}
|
||||
}
|
||||
|
||||
std::ostream& _responseStream = response.send();
|
||||
Poco::DeflatingOutputStream _gzipStream(_responseStream, Poco::DeflatingStreamBuf::STREAM_GZIP, 1);
|
||||
std::ostream& responseStream = _compressResponse ? _gzipStream : _responseStream;
|
||||
responseStream << "\n";
|
||||
// begin include header_old.cpsp
|
||||
responseStream << "\n";
|
||||
responseStream << "<!DOCTYPE html>\n";
|
||||
responseStream << "<html>\n";
|
||||
responseStream << "<head>\n";
|
||||
responseStream << "<meta charset=\"UTF-8\">\n";
|
||||
responseStream << "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n";
|
||||
responseStream << "<title>Gradido Login Server: ";
|
||||
#line 9 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
|
||||
responseStream << ( pageName );
|
||||
responseStream << "</title>\n";
|
||||
responseStream << "<!--<link rel=\"stylesheet\" type=\"text/css\" href=\"css/styles.min.css\">-->\n";
|
||||
responseStream << "<link rel=\"stylesheet\" type=\"text/css\" href=\"";
|
||||
#line 11 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
|
||||
responseStream << ( ServerConfig::g_php_serverPath );
|
||||
responseStream << "/css/styles.css\">\n";
|
||||
responseStream << "<style type=\"text/css\" >\n";
|
||||
responseStream << ".grd_container\n";
|
||||
responseStream << "{\n";
|
||||
responseStream << " max-width:820px;\n";
|
||||
responseStream << " margin-left:auto;\n";
|
||||
responseStream << " margin-right:auto;\n";
|
||||
responseStream << "}\n";
|
||||
responseStream << "\n";
|
||||
responseStream << "input:not([type='radio']) {\n";
|
||||
responseStream << "\twidth:200px;\n";
|
||||
responseStream << "}\n";
|
||||
responseStream << "label:not(.grd_radio_label) {\n";
|
||||
responseStream << "\twidth:80px;\n";
|
||||
responseStream << "\tdisplay:inline-block;\n";
|
||||
responseStream << "}\n";
|
||||
responseStream << ".grd_container_small\n";
|
||||
responseStream << "{\n";
|
||||
responseStream << " max-width:500px;\n";
|
||||
responseStream << "}\n";
|
||||
responseStream << ".grd_text {\n";
|
||||
responseStream << " max-width:550px;\n";
|
||||
responseStream << " margin-bottom: 5px;\n";
|
||||
responseStream << "}\n";
|
||||
responseStream << ".dev-info {\n";
|
||||
responseStream << "\tposition: fixed;\n";
|
||||
responseStream << "\tcolor:grey;\n";
|
||||
responseStream << "\tfont-size: smaller;\n";
|
||||
responseStream << "\tleft:8px;\n";
|
||||
responseStream << "}\n";
|
||||
responseStream << ".grd-time-used { \n";
|
||||
responseStream << " bottom:0;\n";
|
||||
responseStream << "} \n";
|
||||
responseStream << "\n";
|
||||
responseStream << ".versionstring {\n";
|
||||
responseStream << "\ttop:0;\n";
|
||||
responseStream << "}\n";
|
||||
responseStream << "</style>\n";
|
||||
responseStream << "</head>\n";
|
||||
responseStream << "<body>\n";
|
||||
responseStream << "<div class=\"versionstring dev-info\">\n";
|
||||
responseStream << "\t<p class=\"grd_small\">Login Server in Entwicklung</p>\n";
|
||||
responseStream << "\t<p class=\"grd_small\">Alpha ";
|
||||
#line 53 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
|
||||
responseStream << ( ServerConfig::g_versionString );
|
||||
responseStream << "</p>\n";
|
||||
responseStream << "</div>\n";
|
||||
// end include header_old.cpsp
|
||||
responseStream << "\n";
|
||||
responseStream << "<div class=\"grd_container\">\n";
|
||||
responseStream << "\t";
|
||||
#line 70 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
responseStream << ( getErrorsHtml() );
|
||||
responseStream << "\n";
|
||||
responseStream << "\t<h1>Admin User Passwort Reset</h1>\n";
|
||||
responseStream << "\t<p>Ein Benutzer hat ein Passwort Reset angefordert, hat aber seine Passphrase nicht.</p>\n";
|
||||
responseStream << "\t";
|
||||
#line 73 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
if(PAGE_ASK_EMAIL == state) { responseStream << "\n";
|
||||
responseStream << "\t\t<fieldset class=\"grd_container_small\">\n";
|
||||
responseStream << "\t\t<form method=\"POST\">\n";
|
||||
responseStream << "\t\t\t<p class=\"grd_small\">\n";
|
||||
responseStream << "\t\t\t\t<label for=\"user-email\">Benutzer E-Mail</label>\n";
|
||||
responseStream << "\t\t\t\t<input id=\"user-email\" type=\"text\" name=\"user-email\" value=\"";
|
||||
#line 78 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
responseStream << ( !form.empty() ? form.get("user-email") : "" );
|
||||
responseStream << "\"/>\n";
|
||||
responseStream << "\t\t\t</p>\n";
|
||||
responseStream << "\t\t\t<p><input type=\"submit\" style=\"width:auto\" value=\"Anzeigen\"></p>\n";
|
||||
responseStream << "\t\t</form>\n";
|
||||
responseStream << "\t\t</fieldset>\n";
|
||||
responseStream << "\t";
|
||||
#line 83 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
} responseStream << "\n";
|
||||
responseStream << "\t";
|
||||
#line 84 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
if(validUser) {
|
||||
auto userModel = user->getModel(); responseStream << "\n";
|
||||
responseStream << "\t\t<h3>Benutzer gefunden</h3>\n";
|
||||
responseStream << "\t\t<ul>\n";
|
||||
responseStream << "\t\t\t<li>";
|
||||
#line 88 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
responseStream << ( userModel->getFirstName() );
|
||||
responseStream << " ";
|
||||
#line 88 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
responseStream << ( userModel->getLastName() );
|
||||
responseStream << "</li>\n";
|
||||
responseStream << "\t\t\t<li>";
|
||||
#line 89 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
responseStream << ( userModel->getEmail() );
|
||||
responseStream << "</li>\n";
|
||||
responseStream << "\t\t\t<li>Public Key: ";
|
||||
#line 90 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
responseStream << ( userModel->getPublicKeyHex() );
|
||||
responseStream << "</li>\n";
|
||||
responseStream << "\t\t\t<li>E-Mail überprüft: ";
|
||||
#line 91 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
responseStream << ( std::to_string(userModel->isEmailChecked()) );
|
||||
responseStream << "</li>\n";
|
||||
responseStream << "\t\t\t<li>Private Key verschlüsselt: ";
|
||||
#line 92 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
responseStream << ( std::to_string(userModel->existPrivateKeyCrypted()) );
|
||||
responseStream << "</li>\n";
|
||||
responseStream << "\t\t\t<li>Passwort gesetzt: ";
|
||||
#line 93 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
responseStream << ( std::to_string(userModel->getPasswordHashed() != 0) );
|
||||
responseStream << "</li>\n";
|
||||
responseStream << "\t\t</ul>\n";
|
||||
responseStream << "\t";
|
||||
#line 95 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
} responseStream << "\n";
|
||||
responseStream << "\t";
|
||||
#line 96 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
if(PAGE_SHOW_EMAIL == state) { responseStream << "\n";
|
||||
responseStream << "\t\t<fieldset><legend>E-Mail</legend>\n";
|
||||
responseStream << "\t\t\t<p>An: ";
|
||||
#line 98 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
responseStream << ( user->getEmailWithNames() );
|
||||
responseStream << "\n";
|
||||
responseStream << "\t\t\t<p><label style=\"width:auto\" for=\"memo-text\">E-Mail Text:</label></p>\n";
|
||||
responseStream << "<pre>Liebe(r) ";
|
||||
#line 100 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
responseStream << ( user->getModel()->getFirstName() );
|
||||
responseStream << ",\n";
|
||||
responseStream << "\n";
|
||||
responseStream << "hier findst du deine Passphrase mit dessen Hilfe du dir ein neues Passwort einstellen kannst.\n";
|
||||
responseStream << "Bitte schreibe sie dir auf und packe sie gut weg.\n";
|
||||
responseStream << "\n";
|
||||
#line 105 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
responseStream << ( userBackup->getPassphrase(ServerConfig::Mnemonic_Types::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER) );
|
||||
responseStream << "\n";
|
||||
responseStream << "Unter diesem Link kannst du dir mit hilfe der Passphrase ein neues Passwort setzen:\n";
|
||||
#line 109 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
responseStream << ( code->getLink() );
|
||||
responseStream << "\n";
|
||||
responseStream << "Liebe Grüße\n";
|
||||
responseStream << "Dario, Softwareentwickler bei Gradido\n";
|
||||
responseStream << "</pre>\n";
|
||||
responseStream << "\t\t</fieldset>\n";
|
||||
responseStream << "\t";
|
||||
#line 115 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminUserPasswordReset.cpsp"
|
||||
} responseStream << "\n";
|
||||
responseStream << "</div>\n";
|
||||
// begin include footer.cpsp
|
||||
responseStream << "\t<div class=\"grd-time-used dev-info\">\n";
|
||||
responseStream << "\t\t\t";
|
||||
#line 2 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\footer.cpsp"
|
||||
responseStream << ( mTimeProfiler.string() );
|
||||
responseStream << "\n";
|
||||
responseStream << "\t</div>\n";
|
||||
responseStream << "</body>\n";
|
||||
responseStream << "</html>";
|
||||
// end include footer.cpsp
|
||||
responseStream << "\n";
|
||||
responseStream << "\t\n";
|
||||
if (_compressResponse) _gzipStream.close();
|
||||
}
|
||||
20
src/cpp/HTTPInterface/AdminUserPasswordReset.h
Normal file
20
src/cpp/HTTPInterface/AdminUserPasswordReset.h
Normal file
@ -0,0 +1,20 @@
|
||||
#ifndef AdminUserPasswordReset_INCLUDED
|
||||
#define AdminUserPasswordReset_INCLUDED
|
||||
|
||||
|
||||
#include "Poco/Net/HTTPRequestHandler.h"
|
||||
|
||||
|
||||
#include "SessionHTTPRequestHandler.h"
|
||||
|
||||
|
||||
class AdminUserPasswordReset: public SessionHTTPRequestHandler
|
||||
{
|
||||
public:
|
||||
AdminUserPasswordReset(Session*);
|
||||
|
||||
void handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response);
|
||||
};
|
||||
|
||||
|
||||
#endif // AdminUserPasswordReset_INCLUDED
|
||||
@ -92,6 +92,14 @@ namespace controller {
|
||||
return mPublicHex;
|
||||
}
|
||||
|
||||
std::string User::getEmailWithNames()
|
||||
{
|
||||
std::stringstream ss;
|
||||
auto model = getModel();
|
||||
ss << model->getFirstName() << " " << model->getLastName() << "<" << model->getEmail() << ">";
|
||||
return ss.str();
|
||||
}
|
||||
|
||||
Poco::JSON::Object User::getJson()
|
||||
{
|
||||
auto json = getModel()->getJson();
|
||||
|
||||
@ -35,7 +35,7 @@ namespace controller {
|
||||
inline const model::table::User* getModel() const { return _getModel<model::table::User>(); }
|
||||
|
||||
|
||||
|
||||
std::string getEmailWithNames();
|
||||
const std::string& getPublicHex();
|
||||
|
||||
|
||||
|
||||
@ -46,4 +46,42 @@ namespace controller {
|
||||
|
||||
}
|
||||
|
||||
Poco::SharedPtr<KeyPair> UserBackups::getKeyPair()
|
||||
{
|
||||
if (!mKeyPair.isNull()) {
|
||||
return mKeyPair;
|
||||
}
|
||||
mKeyPair = new KeyPair;
|
||||
auto model = getModel();
|
||||
auto passphrase = model->getPassphrase();
|
||||
|
||||
mKeyPair->generateFromPassphrase(passphrase);
|
||||
return mKeyPair;
|
||||
}
|
||||
|
||||
std::string UserBackups::getPassphrase(ServerConfig::Mnemonic_Types type)
|
||||
{
|
||||
if ((int)type < 0 || (int)type >= ServerConfig::Mnemonic_Types::MNEMONIC_MAX) {
|
||||
return "<invalid type>";
|
||||
}
|
||||
auto passphrase = getModel()->getPassphrase();
|
||||
Mnemonic* wordSource = nullptr;
|
||||
if (KeyPair::validatePassphrase(passphrase, &wordSource)) {
|
||||
for (int i = 0; i < ServerConfig::Mnemonic_Types::MNEMONIC_MAX; i++) {
|
||||
Mnemonic* m = &ServerConfig::g_Mnemonic_WordLists[i];
|
||||
if (m == wordSource) {
|
||||
if (type == i) {
|
||||
return passphrase;
|
||||
}
|
||||
else {
|
||||
return KeyPair::passphraseTransform(passphrase, m, &ServerConfig::g_Mnemonic_WordLists[type]);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
return "<invalid passphrase>";
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@ -2,6 +2,9 @@
|
||||
#define GRADIDO_LOGIN_SERVER_CONTROLLER_USER_BACKUPS_INCLUDE
|
||||
|
||||
#include "../model/table/UserBackups.h"
|
||||
#include "../Crypto/KeyPair.h"
|
||||
|
||||
#include "Poco/SharedPtr.h"
|
||||
|
||||
#include "TableControllerBase.h"
|
||||
|
||||
@ -20,10 +23,13 @@ namespace controller {
|
||||
|
||||
inline Poco::AutoPtr<model::table::UserBackups> getModel() { return _getModel<model::table::UserBackups>(); }
|
||||
|
||||
//! \return create keyPair from passphrase if not exist, else return existing pointer
|
||||
Poco::SharedPtr<KeyPair> getKeyPair();
|
||||
std::string getPassphrase(ServerConfig::Mnemonic_Types type);
|
||||
|
||||
protected:
|
||||
UserBackups(model::table::UserBackups* dbModel);
|
||||
|
||||
Poco::SharedPtr<KeyPair> mKeyPair;
|
||||
|
||||
};
|
||||
}
|
||||
|
||||
@ -550,33 +550,8 @@ std::string User::generateNewPassphrase(Mnemonic* word_source)
|
||||
|
||||
bool User::validatePassphrase(const std::string& passphrase, Mnemonic** wordSource/* = nullptr*/)
|
||||
{
|
||||
std::istringstream iss(passphrase);
|
||||
std::vector<std::string> results(std::istream_iterator<std::string>{iss},
|
||||
std::istream_iterator<std::string>());
|
||||
return KeyPair::validatePassphrase(passphrase, wordSource);
|
||||
|
||||
for (int i = 0; i < ServerConfig::Mnemonic_Types::MNEMONIC_MAX; i++) {
|
||||
Mnemonic& m = ServerConfig::g_Mnemonic_WordLists[i];
|
||||
bool existAll = true;
|
||||
for (auto it = results.begin(); it != results.end(); it++) {
|
||||
if (*it == "\0" || *it == "" || it->size() < 3) continue;
|
||||
if (!m.isWordExist(*it)) {
|
||||
if (i == 1) {
|
||||
int zahl = 0;
|
||||
}
|
||||
//printf("wordlist: %d, word not found: %s\n", i, it->data());
|
||||
existAll = false;
|
||||
continue;
|
||||
}
|
||||
}
|
||||
if (existAll) {
|
||||
if (wordSource) {
|
||||
*wordSource = &m;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
bool User::isEmptyPassword()
|
||||
|
||||
0
src/cpp/model/email/EmailModificate.cpp
Normal file
0
src/cpp/model/email/EmailModificate.cpp
Normal file
12
src/cpp/model/email/EmailModificate.h
Normal file
12
src/cpp/model/email/EmailModificate.h
Normal file
@ -0,0 +1,12 @@
|
||||
/*!
|
||||
*
|
||||
* \author: einhornimmond
|
||||
*
|
||||
* \date: 22.04.20
|
||||
*
|
||||
* \brief: make email modificateable
|
||||
*/
|
||||
|
||||
|
||||
namespace model {
|
||||
}
|
||||
@ -153,6 +153,7 @@ enum PageState {
|
||||
</p>
|
||||
<p><input type="submit" style="width:auto" name="transfer" value="Guthaben auf neue Adresse überweisen!"></p>
|
||||
</form>
|
||||
</fieldset>
|
||||
<% } else if(PAGE_STATE_SUCCESS == state) { %>
|
||||
<p>Gradidos wurden erfolgreich überwiesen.</p>
|
||||
<a href="<%= ServerConfig::g_serverPath %>/passphrased_transaction">Weitere Gradidos überweisen</a>
|
||||
|
||||
118
src/cpsp/adminUserPasswordReset.cpsp
Normal file
118
src/cpsp/adminUserPasswordReset.cpsp
Normal file
@ -0,0 +1,118 @@
|
||||
<%@ page class="AdminUserPasswordReset" %>
|
||||
<%@ page form="true" %>
|
||||
<%@ page compressed="true" %>
|
||||
<%@ page baseClass="SessionHTTPRequestHandler" %>
|
||||
<%@ page ctorArg="Session*" %>
|
||||
<%@ header include="SessionHTTPRequestHandler.h" %>
|
||||
<%!
|
||||
// includes
|
||||
#include "../controller/User.h"
|
||||
#include "../controller/EmailVerificationCode.h"
|
||||
#include "../controller/UserBackups.h"
|
||||
|
||||
|
||||
enum PageState
|
||||
{
|
||||
PAGE_ASK_EMAIL,
|
||||
PAGE_SHOW_EMAIL
|
||||
};
|
||||
%><%%
|
||||
// code
|
||||
PageState state = PAGE_ASK_EMAIL;
|
||||
Poco::AutoPtr<controller::User> user = controller::User::create();
|
||||
Poco::AutoPtr<controller::EmailVerificationCode> code;
|
||||
Poco::AutoPtr<controller::UserBackups> userBackup;
|
||||
bool validUser = false;
|
||||
std::string pageName = "Admin User Passwort Reset";
|
||||
|
||||
if(!form.empty()) {
|
||||
auto email = form.get("user-email", "");
|
||||
|
||||
if("" != email) {
|
||||
if(1 != user->load(email)) {
|
||||
addError(new Error("Benutzer Email", "Konnte keinen passenden Benutzer finden!"));
|
||||
} else {
|
||||
validUser = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
if(validUser) {
|
||||
auto userId = user->getModel()->getID();
|
||||
code = controller::EmailVerificationCode::load(userId, model::table::EMAIL_OPT_IN_RESET_PASSWORD);
|
||||
if(code.isNull()) {
|
||||
code = controller::EmailVerificationCode::create(userId, model::table::EMAIL_OPT_IN_RESET_PASSWORD);
|
||||
if(!code->getModel()->insertIntoDB(false)) {
|
||||
addError(new Error("E-Mail Verification Code", "Fehler beim speichern!"));
|
||||
getErrors(code->getModel());
|
||||
}
|
||||
}
|
||||
|
||||
auto backups = controller::UserBackups::load(userId);
|
||||
auto userPubkey = user->getModel()->getPublicKey();
|
||||
for(auto it = backups.begin(); it != backups.end(); it++) {
|
||||
auto keys = (*it)->getKeyPair();
|
||||
if(keys->isPubkeysTheSame(userPubkey)) {
|
||||
userBackup = *it;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if(userBackup.isNull()) {
|
||||
addError(new Error("User Backup", "Kein passendes User Backup gefunden!"));
|
||||
}
|
||||
|
||||
if(!userBackup.isNull() && !code.isNull()) {
|
||||
state = PAGE_SHOW_EMAIL;
|
||||
}
|
||||
}
|
||||
|
||||
%><%@ include file="header_old.cpsp" %>
|
||||
<div class="grd_container">
|
||||
<%= getErrorsHtml() %>
|
||||
<h1>Admin User Passwort Reset</h1>
|
||||
<p>Ein Benutzer hat ein Passwort Reset angefordert, hat aber seine Passphrase nicht.</p>
|
||||
<% if(PAGE_ASK_EMAIL == state) { %>
|
||||
<fieldset class="grd_container_small">
|
||||
<form method="POST">
|
||||
<p class="grd_small">
|
||||
<label for="user-email">Benutzer E-Mail</label>
|
||||
<input id="user-email" type="text" name="user-email" value="<%= !form.empty() ? form.get("user-email") : "" %>"/>
|
||||
</p>
|
||||
<p><input type="submit" style="width:auto" value="Anzeigen"></p>
|
||||
</form>
|
||||
</fieldset>
|
||||
<% } %>
|
||||
<% if(validUser) {
|
||||
auto userModel = user->getModel(); %>
|
||||
<h3>Benutzer gefunden</h3>
|
||||
<ul>
|
||||
<li><%= userModel->getFirstName() %> <%= userModel->getLastName() %></li>
|
||||
<li><%= userModel->getEmail() %></li>
|
||||
<li>Public Key: <%= userModel->getPublicKeyHex() %></li>
|
||||
<li>E-Mail überprüft: <%= std::to_string(userModel->isEmailChecked()) %></li>
|
||||
<li>Private Key verschlüsselt: <%= std::to_string(userModel->existPrivateKeyCrypted()) %></li>
|
||||
<li>Passwort gesetzt: <%= std::to_string(userModel->getPasswordHashed() != 0) %></li>
|
||||
</ul>
|
||||
<% } %>
|
||||
<% if(PAGE_SHOW_EMAIL == state) { %>
|
||||
<fieldset><legend>E-Mail</legend>
|
||||
<p>An: <%= user->getEmailWithNames() %>
|
||||
<p><label style="width:auto" for="memo-text">E-Mail Text:</label></p>
|
||||
<pre>Liebe(r) <%= user->getModel()->getFirstName() %>,
|
||||
|
||||
hier findst du deine Passphrase mit dessen Hilfe du dir ein neues Passwort einstellen kannst.
|
||||
Bitte schreibe sie dir auf und packe sie gut weg.
|
||||
|
||||
<%= userBackup->getPassphrase(ServerConfig::Mnemonic_Types::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER) %>
|
||||
|
||||
|
||||
Unter diesem Link kannst du dir mit hilfe der Passphrase ein neues Passwort setzen:
|
||||
<%= code->getLink() %>
|
||||
|
||||
Liebe Grüße
|
||||
Dario, Softwareentwickler bei Gradido
|
||||
</pre>
|
||||
</fieldset>
|
||||
<% } %>
|
||||
</div>
|
||||
<%@ include file="footer.cpsp" %>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user