diff --git a/src/cpp/HTTPInterface/LoginPage.cpp b/src/cpp/HTTPInterface/LoginPage.cpp index 55e455225..f6a8ce3c0 100644 --- a/src/cpp/HTTPInterface/LoginPage.cpp +++ b/src/cpp/HTTPInterface/LoginPage.cpp @@ -95,11 +95,17 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net:: langCatalog = mSession->getLanguageCatalog(); } auto userState = mSession->loadUser(email, password); + auto user = mSession->getNewUser(); + if(!user->getModel()->getPublicKey()) { + mSession->generateKeys(true, true); + } else { + printf("pubkey exist: %d\n",user->getModel()->getPublicKey()); + } getErrors(mSession); auto uri_start = request.serverParams().getServerName(); auto lastExternReferer = mSession->getLastReferer(); - printf("user state: %d\n", userState); + switch(userState) { case USER_EMPTY: case USER_PASSWORD_INCORRECT: @@ -111,9 +117,6 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net:: case USER_KEYS_DONT_MATCH: addError(new Error(langCatalog->gettext("User"), langCatalog->gettext("Error in saved data, the server admin will look at it."))); break; - case USER_NO_KEYS: - mSession->generateKeys(true, true); - // no break, correct, if user has no keys, he will be redirect also to dashboard after login case USER_NO_PRIVATE_KEY: case USER_COMPLETE: case USER_EMAIL_NOT_ACTIVATED: @@ -128,6 +131,7 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net:: refererString.find("login") == std::string::npos && refererString.find("logout") == std::string::npos && refererString.find("user_delete") == std::string::npos ) { + printf("redirect to: %s\n", refererString.data()); response.redirect(refererString); } else { response.redirect(ServerConfig::g_php_serverPath + "/"); @@ -216,20 +220,20 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net:: responseStream << "
\n"; responseStream << "
\n"; responseStream << " \n"; responseStream << "\t\t\t\n"; responseStream << "\t\t\t\t\n"; responseStream << "\t\t\t\t \n"; responseStream << "\t\t\t\t\"logo\"\n"; responseStream << "\t\t\t\n"; @@ -241,14 +245,14 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net:: responseStream << "
\n"; responseStream << "\t\t\t
\n"; responseStream << "\t\t\t\t"; -#line 159 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp" +#line 163 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp" responseStream << ( getErrorsHtml() ); responseStream << "\t \n"; responseStream << "\t\t\t
\n"; responseStream << "
\n"; responseStream << " \n"; responseStream << "\t\t\t \n"; responseStream << "\t\t\t "; @@ -288,46 +292,46 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net:: // end include flags.cpsp responseStream << "\n"; responseStream << "\t\t\t
\n"; responseStream << "
\n"; responseStream << "
\n"; responseStream << "
\n"; responseStream << " gettext("E-Mail") ); responseStream << "\" value=\""; -#line 169 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp" +#line 173 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp" responseStream << ( presetEmail ); responseStream << "\"/>\n"; responseStream << "
\n"; responseStream << "
\n"; responseStream << " gettext("Password") ); responseStream << "\" />\n"; responseStream << "
\n"; responseStream << " \n"; responseStream << "
\n"; responseStream << "

"; -#line 176 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp" +#line 180 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp" responseStream << ( langCatalog->gettext("You haven't any account yet? Please follow the link to create one.") ); responseStream << "

\n"; responseStream << " "; -#line 177 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp" +#line 181 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp" responseStream << ( langCatalog->gettext("Create New Account") ); responseStream << "\n"; responseStream << "
\n"; responseStream << "\t\t\t\t\t
\n"; responseStream << "\t\t\t\t\t\t"; -#line 180 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp" +#line 184 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp" responseStream << ( langCatalog->gettext("Passwort vergessen") ); responseStream << "\n"; responseStream << "\t\t\t\t\t
\n"; diff --git a/src/cpp/controller/User.cpp b/src/cpp/controller/User.cpp index d728e9d2b..3f2fe349f 100644 --- a/src/cpp/controller/User.cpp +++ b/src/cpp/controller/User.cpp @@ -143,23 +143,30 @@ namespace controller { if (authenticated_encryption->getKeyHashed() == model->getPasswordHashed()) { MemoryBin* clear_private_key = nullptr; - if (!model->hasPrivateKeyEncrypted()) return 1; - auto priv_key_encrypted = model->getPrivateKeyEncrypted(); - auto priv_key_bin = MemoryManager::getInstance()->getFreeMemory(priv_key_encrypted.size()); - memcpy(*priv_key_bin, priv_key_encrypted.data(), priv_key_encrypted.size()); - if (AuthenticatedEncryption::AUTH_DECRYPT_OK == authenticated_encryption->decrypt(priv_key_bin, &clear_private_key)) { - auto gradido_key_pair = new KeyPairEd25519(clear_private_key); - if (*gradido_key_pair != model->getPublicKey()) { - delete authenticated_encryption; - delete gradido_key_pair; - return -1; - } - if (mGradidoKeyPair) delete mGradidoKeyPair; - mGradidoKeyPair = gradido_key_pair; - if (mPassword) delete mPassword; - mPassword = authenticated_encryption; + if (mPassword) delete mPassword; + mPassword = authenticated_encryption; + + if (!model->hasPrivateKeyEncrypted()) { return 1; } + else { + auto priv_key_encrypted = model->getPrivateKeyEncrypted(); + auto priv_key_bin = MemoryManager::getInstance()->getFreeMemory(priv_key_encrypted.size()); + memcpy(*priv_key_bin, priv_key_encrypted.data(), priv_key_encrypted.size()); + if (AuthenticatedEncryption::AUTH_DECRYPT_OK == authenticated_encryption->decrypt(priv_key_bin, &clear_private_key)) { + auto gradido_key_pair = new KeyPairEd25519(clear_private_key); + if (*gradido_key_pair != model->getPublicKey()) { + delete mPassword; + mPassword = nullptr; + delete gradido_key_pair; + return -1; + } + if (mGradidoKeyPair) delete mGradidoKeyPair; + mGradidoKeyPair = gradido_key_pair; + + return 1; + } + } } delete authenticated_encryption; diff --git a/src/cpp/model/Session.cpp b/src/cpp/model/Session.cpp index 69de34e18..6ed544be0 100644 --- a/src/cpp/model/Session.cpp +++ b/src/cpp/model/Session.cpp @@ -1112,17 +1112,20 @@ bool Session::generateKeys(bool savePrivkey, bool savePassphrase) // keys auto gradido_key_pair = KeyPairEd25519::create(passphrase); auto set_key_result = mNewUser->setGradidoKeyPair(gradido_key_pair); + size_t result_save_key = 0; if (1 == set_key_result && savePrivkey) { // save public key and private key in db - user_model->updatePubkeyAndPrivkey(); + result_save_key = user_model->updatePubkeyAndPrivkey(); } else { // save public key in db - user_model->updatePublickey(); + result_save_key = user_model->updatePublickey(); } - if (user_model->errorCount()) { + if (!result_save_key) { + user_model->addError(new Error(function_name, "Error saving new generated pubkey")); + user_model->addError(new ParamError(function_name, "e-mail: ", user_model->getEmail())); user_model->sendErrorsAsEmail(); - addError(new Error(gettext("Benutzer"), gettext("Fehler beim speichern der Keys, der Admin bekommt eine E-Mail. "))); + addError(new Error(gettext("Benutzer"), gettext("Fehler beim Speichern der Keys, der Admin bekommt eine E-Mail. Evt. nochmal versuchen oder abwarten!"))); return false; } return true; diff --git a/src/cpp/model/table/User.cpp b/src/cpp/model/table/User.cpp index 26947da8c..d32d4e16f 100644 --- a/src/cpp/model/table/User.cpp +++ b/src/cpp/model/table/User.cpp @@ -142,32 +142,27 @@ namespace model { size_t User::updatePrivkey() { - lock(); + Poco::ScopedLock _lock(mWorkMutex); if (mPrivateKey.isNull()) { - unlock(); return 0; } auto result = updateIntoDB("privkey", mPrivateKey.value()); - unlock(); return result; } size_t User::updatePublickey() { - lock(); + Poco::ScopedLock _lock(mWorkMutex); if (mPublicKey.isNull()) { - unlock(); return 0; } auto result = updateIntoDB("pubkey", mPublicKey.value()); - unlock(); return result; } size_t User::updatePrivkeyAndPasswordHash() { - lock(); + Poco::ScopedLock _lock(mWorkMutex); if (mPrivateKey.isNull() || !mPasswordHashed || !mID) { - unlock(); return 0; } auto cm = ConnectionManager::getInstance(); @@ -184,10 +179,8 @@ namespace model { return update.execute(); } catch (Poco::Exception& ex) { - lock("User::updatePrivkeyAndPasswordHash"); addError(new ParamError(getTableName(), "mysql error by insert", ex.displayText().data())); addError(new ParamError(getTableName(), "data set: ", toString().data())); - unlock(); } //printf("data valid: %s\n", toString().data()); return 0; @@ -195,9 +188,8 @@ namespace model { size_t User::updatePubkeyAndPrivkey() { - lock(); - if (mPrivateKey.isNull() || !mPublicKey || !mID) { - unlock(); + Poco::ScopedLock _lock(mWorkMutex); + if (mPrivateKey.isNull() || mPublicKey.isNull() || !mID) { return 0; } auto cm = ConnectionManager::getInstance(); @@ -214,10 +206,8 @@ namespace model { return update.execute(); } catch (Poco::Exception& ex) { - lock("User::updatePrivkeyAndPasswordHash"); addError(new ParamError(getTableName(), "mysql error by insert", ex.displayText().data())); addError(new ParamError(getTableName(), "data set: ", toString().data())); - unlock(); } //printf("data valid: %s\n", toString().data()); return 0; diff --git a/src/cpsp/login.cpsp b/src/cpsp/login.cpsp index 311a475a3..c177882a4 100644 --- a/src/cpsp/login.cpsp +++ b/src/cpsp/login.cpsp @@ -74,11 +74,17 @@ langCatalog = mSession->getLanguageCatalog(); } auto userState = mSession->loadUser(email, password); + auto user = mSession->getNewUser(); + if(!user->getModel()->getPublicKey()) { + mSession->generateKeys(true, true); + } else { + printf("pubkey exist: %d\n",user->getModel()->getPublicKey()); + } getErrors(mSession); auto uri_start = request.serverParams().getServerName(); auto lastExternReferer = mSession->getLastReferer(); - printf("user state: %d\n", userState); + switch(userState) { case USER_EMPTY: case USER_PASSWORD_INCORRECT: @@ -90,9 +96,6 @@ case USER_KEYS_DONT_MATCH: addError(new Error(langCatalog->gettext("User"), langCatalog->gettext("Error in saved data, the server admin will look at it."))); break; - case USER_NO_KEYS: - mSession->generateKeys(true, true); - // no break, correct, if user has no keys, he will be redirect also to dashboard after login case USER_NO_PRIVATE_KEY: case USER_COMPLETE: case USER_EMAIL_NOT_ACTIVATED: @@ -107,6 +110,7 @@ refererString.find("login") == std::string::npos && refererString.find("logout") == std::string::npos && refererString.find("user_delete") == std::string::npos ) { + printf("redirect to: %s\n", refererString.data()); response.redirect(refererString); } else { response.redirect(ServerConfig::g_php_serverPath + "/");