From bee2cc9e78308f103ee850bcda2c5cdfa3ec80ac Mon Sep 17 00:00:00 2001 From: Dario Date: Fri, 18 Oct 2019 11:04:29 +0200 Subject: [PATCH] update redirection after set password to passphrase --- src/cpp/Crypto/Obfus_array.cpp | 12 ++++++------ src/cpp/HTTPInterface/DashboardPage.cpp | 7 +++++-- src/cpp/HTTPInterface/UpdateUserPasswordPage.cpp | 15 +++++++++------ src/cpp/model/User.cpp | 6 ++++-- src/cpsp/dashboard.cpsp | 4 ++-- src/cpsp/updateUserPassword.cpsp | 9 ++++++--- 6 files changed, 32 insertions(+), 21 deletions(-) diff --git a/src/cpp/Crypto/Obfus_array.cpp b/src/cpp/Crypto/Obfus_array.cpp index 8ae867bcf..6d01c5149 100644 --- a/src/cpp/Crypto/Obfus_array.cpp +++ b/src/cpp/Crypto/Obfus_array.cpp @@ -12,15 +12,15 @@ ObfusArray::ObfusArray(size_t size, const unsigned char * data) m_offsetSize = randombytes_random() % (int)roundf((m_arraySize - m_dataSize) * 0.8f); - printf("[ObfusArray::ObfusArray] array_size: %d, start by: %lld, size: %u, offset: %u\n", - m_arraySize, m_Data, size, m_offsetSize); + //printf("[ObfusArray::ObfusArray] array_size: %d, start by: %lld, size: %u, offset: %u\n", + //m_arraySize, m_Data, size, m_offsetSize); assert(m_arraySize - m_offsetSize >= size); uint32_t* d = (uint32_t*)m_Data; size_t dMax = (size_t)floorf(m_arraySize / 4.0f); - printf("d start by: %lld, dMax: %u\n", d, dMax); + //printf("d start by: %lld, dMax: %u\n", d, dMax); for (size_t i = 0; i < dMax; i++) { d[i] = randombytes_random(); } @@ -30,7 +30,7 @@ ObfusArray::ObfusArray(size_t size, const unsigned char * data) //d[m_arraySize - 4] = randombytes_random(); memcpy(&m_Data[m_offsetSize], data, size); - printf("[ObfusArray] data: %lld\n", (int64_t)m_Data); + //printf("[ObfusArray] data: %lld\n", (int64_t)m_Data); } /* @@ -45,12 +45,12 @@ ObfusArray::ObfusArray(size_t size, const unsigned char * data) ObfusArray::~ObfusArray() { - printf("[ObfusArray::~ObfusArray] data: %lld\n", (int64_t)m_Data); + //printf("[ObfusArray::~ObfusArray] data: %lld\n", (int64_t)m_Data); if (m_Data) { free(m_Data); m_Data = nullptr; } - printf("[ObfusArray::~ObfusArray] finish\n"); + //printf("[ObfusArray::~ObfusArray] finish\n"); } \ No newline at end of file diff --git a/src/cpp/HTTPInterface/DashboardPage.cpp b/src/cpp/HTTPInterface/DashboardPage.cpp index 8bdded698..d0db05183 100644 --- a/src/cpp/HTTPInterface/DashboardPage.cpp +++ b/src/cpp/HTTPInterface/DashboardPage.cpp @@ -71,9 +71,12 @@ void DashboardPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::N #line 36 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\dashboard.cpsp" if(mSession->getSessionState() == SESSION_STATE_EMAIL_VERIFICATION_SEND) { responseStream << "\n"; responseStream << "\t

Verification Code E-Mail wurde erfolgreich an dich verschickt, bitte schaue auch in dein Spam-Verzeichnis nach wenn du sie nicht findest und klicke auf den Link den du dort findest oder kopiere den Code hier her:

\n"; - responseStream << "\t
\n"; + responseStream << "\t\n"; responseStream << "\t\t\n"; - responseStream << "\t\t\n"; + responseStream << "\t\t\n"; responseStream << "\t
\n"; responseStream << "\t"; #line 42 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\dashboard.cpsp" diff --git a/src/cpp/HTTPInterface/UpdateUserPasswordPage.cpp b/src/cpp/HTTPInterface/UpdateUserPasswordPage.cpp index 0e12e2966..f4db3146a 100644 --- a/src/cpp/HTTPInterface/UpdateUserPasswordPage.cpp +++ b/src/cpp/HTTPInterface/UpdateUserPasswordPage.cpp @@ -9,6 +9,7 @@ #include "../SingletonManager/SessionManager.h" #include "Poco/Net/HTTPCookie.h" +#include "../ServerConfig.h" UpdateUserPasswordPage::UpdateUserPasswordPage(Session* arg): @@ -25,10 +26,11 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request if (_compressResponse) response.set("Content-Encoding", "gzip"); Poco::Net::HTMLForm form(request, request.stream()); -#line 10 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp" +#line 11 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp" auto user = mSession->getUser(); auto sm = SessionManager::getInstance(); + auto uri_start = ServerConfig::g_serverPath; // remove old cookies if exist sm->deleteLoginCookies(request, response, mSession); // save login cookie, because maybe we've get an new session @@ -41,10 +43,11 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request mSession->addError(new Error("Passwort", "Passwörter sind nicht identisch.")); } else if(SessionManager::getInstance()->checkPwdValidation(pwd, mSession)) { if(user->setNewPassword(form.get("register-password"))) { - std::string referUri = request.get("Referer", "./"); - //printf("[updateUserPasswordPage] referUri: %s\n", referUri.data()); + //std::string referUri = request.get("Referer", uri_start + "/"); + //printf("[updateUserPasswordPage] redirect to referUri: %s\n", referUri.data()); + mSession->updateEmailVerification(mSession->getEmailVerificationCode()); mSession->getErrors(user); - response.redirect(referUri); + response.redirect(uri_start + "/passphrase"); return; } @@ -101,7 +104,7 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request responseStream << "
\n"; responseStream << "\t

Passwort bestimmen

\n"; responseStream << "\t"; -#line 81 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp" +#line 84 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp" responseStream << ( getErrorsHtml() ); responseStream << "\n"; responseStream << "\t
\t\n"; @@ -124,7 +127,7 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request responseStream << "
\n"; responseStream << "
\n"; responseStream << "\t"; -#line 101 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp" +#line 104 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp" responseStream << ( mTimeProfiler.string() ); responseStream << "\n"; responseStream << "
\n"; diff --git a/src/cpp/model/User.cpp b/src/cpp/model/User.cpp index 53e87111f..b24e43dec 100644 --- a/src/cpp/model/User.cpp +++ b/src/cpp/model/User.cpp @@ -14,7 +14,7 @@ using namespace Poco::Data::Keywords; -#define DEBUG_USER_DELETE_ENV +//#define DEBUG_USER_DELETE_ENV // ------------------------------------------------------------------------------------------------- @@ -359,7 +359,7 @@ UserStates User::getUserState() // TODO: if a password and privkey already exist, load current private key and re encrypt with new crypto key bool User::setNewPassword(const std::string& newPassword) { - + Profiler timeUsed; if (newPassword == "") { lock(); addError(new Error("Passwort", "Ist leer.")); @@ -384,6 +384,8 @@ bool User::setNewPassword(const std::string& newPassword) savePassword->scheduleTask(savePassword); unlock(); + + printf("[User::setNewPassword] timeUsed: %s\n", timeUsed.string().data()); return true; } diff --git a/src/cpsp/dashboard.cpsp b/src/cpsp/dashboard.cpsp index 3d93c82f1..1132d4b8d 100644 --- a/src/cpsp/dashboard.cpsp +++ b/src/cpsp/dashboard.cpsp @@ -35,9 +35,9 @@

<%= mSession->getSessionStateString() %>

<% if(mSession->getSessionState() == SESSION_STATE_EMAIL_VERIFICATION_SEND) { %>

Verification Code E-Mail wurde erfolgreich an dich verschickt, bitte schaue auch in dein Spam-Verzeichnis nach wenn du sie nicht findest und klicke auf den Link den du dort findest oder kopiere den Code hier her:

- + - + <% } else if(mSession->getSessionState() == SESSION_STATE_EMAIL_VERIFICATION_WRITTEN) { %>

Hast du schon eine E-Mail mit einem Verification Code erhalten? Wenn ja kannst du ihn hier hinein kopieren:

diff --git a/src/cpsp/updateUserPassword.cpsp b/src/cpsp/updateUserPassword.cpsp index cf4513545..168a29e0f 100644 --- a/src/cpsp/updateUserPassword.cpsp +++ b/src/cpsp/updateUserPassword.cpsp @@ -6,10 +6,12 @@ <%! #include "../SingletonManager/SessionManager.h" #include "Poco/Net/HTTPCookie.h" +#include "../ServerConfig.h" %> <%% auto user = mSession->getUser(); auto sm = SessionManager::getInstance(); + auto uri_start = ServerConfig::g_serverPath; // remove old cookies if exist sm->deleteLoginCookies(request, response, mSession); // save login cookie, because maybe we've get an new session @@ -22,10 +24,11 @@ mSession->addError(new Error("Passwort", "Passwörter sind nicht identisch.")); } else if(SessionManager::getInstance()->checkPwdValidation(pwd, mSession)) { if(user->setNewPassword(form.get("register-password"))) { - std::string referUri = request.get("Referer", "./"); - //printf("[updateUserPasswordPage] referUri: %s\n", referUri.data()); + //std::string referUri = request.get("Referer", uri_start + "/"); + //printf("[updateUserPasswordPage] redirect to referUri: %s\n", referUri.data()); + mSession->updateEmailVerification(mSession->getEmailVerificationCode()); mSession->getErrors(user); - response.redirect(referUri); + response.redirect(uri_start + "/passphrase"); return; }