IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

update redirection after set password to passphrase

Browse Source
This commit is contained in:
Dario 2019-10-18 11:04:29 +02:00
parent db083ab09a
commit bee2cc9e78
6 changed files with 32 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/cpp/Crypto/Obfus_array.cpp
View File

@ -12,15 +12,15 @@ ObfusArray::ObfusArray(size_t size, const unsigned char * data)
m_offsetSize = randombytes_random() % (int)roundf((m_arraySize - m_dataSize) * 0.8f); m_offsetSize = randombytes_random() % (int)roundf((m_arraySize - m_dataSize) * 0.8f);
printf("[ObfusArray::ObfusArray] array_size: %d, start by: %lld, size: %u, offset: %u\n", //printf("[ObfusArray::ObfusArray] array_size: %d, start by: %lld, size: %u, offset: %u\n",
m_arraySize, m_Data, size, m_offsetSize); //m_arraySize, m_Data, size, m_offsetSize);
assert(m_arraySize - m_offsetSize >= size); assert(m_arraySize - m_offsetSize >= size);
uint32_t* d = (uint32_t*)m_Data; uint32_t* d = (uint32_t*)m_Data;
size_t dMax = (size_t)floorf(m_arraySize / 4.0f); size_t dMax = (size_t)floorf(m_arraySize / 4.0f);
printf("d start by: %lld, dMax: %u\n", d, dMax); //printf("d start by: %lld, dMax: %u\n", d, dMax);
for (size_t i = 0; i < dMax; i++) { for (size_t i = 0; i < dMax; i++) {
d[i] = randombytes_random(); d[i] = randombytes_random();
} }
@ -30,7 +30,7 @@ ObfusArray::ObfusArray(size_t size, const unsigned char * data)
//d[m_arraySize - 4] = randombytes_random(); //d[m_arraySize - 4] = randombytes_random();
memcpy(&m_Data[m_offsetSize], data, size); memcpy(&m_Data[m_offsetSize], data, size);
printf("[ObfusArray] data: %lld\n", (int64_t)m_Data); //printf("[ObfusArray] data: %lld\n", (int64_t)m_Data);
} }
/* /*
@ -45,12 +45,12 @@ ObfusArray::ObfusArray(size_t size, const unsigned char * data)
ObfusArray::~ObfusArray() ObfusArray::~ObfusArray()
{ {
printf("[ObfusArray::~ObfusArray] data: %lld\n", (int64_t)m_Data); //printf("[ObfusArray::~ObfusArray] data: %lld\n", (int64_t)m_Data);
if (m_Data) { if (m_Data) {
free(m_Data); free(m_Data);
m_Data = nullptr; m_Data = nullptr;
} }
printf("[ObfusArray::~ObfusArray] finish\n"); //printf("[ObfusArray::~ObfusArray] finish\n");
} }

7
src/cpp/HTTPInterface/DashboardPage.cpp
View File

@ -71,9 +71,12 @@ void DashboardPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::N
#line 36 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\dashboard.cpsp" #line 36 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\dashboard.cpsp"
if(mSession->getSessionState() == SESSION_STATE_EMAIL_VERIFICATION_SEND) { responseStream << "\n"; if(mSession->getSessionState() == SESSION_STATE_EMAIL_VERIFICATION_SEND) { responseStream << "\n";
responseStream << "\t<p>Verification Code E-Mail wurde erfolgreich an dich verschickt, bitte schaue auch in dein Spam-Verzeichnis nach wenn du sie nicht findest und klicke auf den Link den du dort findest oder kopiere den Code hier her:</p>\n"; responseStream << "\t<p>Verification Code E-Mail wurde erfolgreich an dich verschickt, bitte schaue auch in dein Spam-Verzeichnis nach wenn du sie nicht findest und klicke auf den Link den du dort findest oder kopiere den Code hier her:</p>\n";
responseStream << "\t<form method=\"GET\" action=\"checkEmail\">\n"; responseStream << "\t<form method=\"GET\" action=\"";
#line 38 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\dashboard.cpsp"
responseStream << ( uri_start );
responseStream << "/checkEmail\">\n";
responseStream << "\t\t<input type=\"number\" name=\"email-verification-code\">\n"; responseStream << "\t\t<input type=\"number\" name=\"email-verification-code\">\n";
responseStream << "\t\t<input class=\"grd_bn_succeed\" type=\"submit\" value=\"Überprüfe Code\">\n"; responseStream << "\t\t<input class=\"grd_bn_succeed\" type=\"submit\" value=\"&Uuml;berpr&uuml;fe Code\">\n";
responseStream << "\t</form>\n"; responseStream << "\t</form>\n";
responseStream << "\t"; responseStream << "\t";
#line 42 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\dashboard.cpsp" #line 42 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\dashboard.cpsp"

15
src/cpp/HTTPInterface/UpdateUserPasswordPage.cpp
View File

@ -9,6 +9,7 @@
#include "../SingletonManager/SessionManager.h" #include "../SingletonManager/SessionManager.h"
#include "Poco/Net/HTTPCookie.h" #include "Poco/Net/HTTPCookie.h"
#include "../ServerConfig.h"
UpdateUserPasswordPage::UpdateUserPasswordPage(Session* arg): UpdateUserPasswordPage::UpdateUserPasswordPage(Session* arg):
@ -25,10 +26,11 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request
if (_compressResponse) response.set("Content-Encoding", "gzip"); if (_compressResponse) response.set("Content-Encoding", "gzip");
Poco::Net::HTMLForm form(request, request.stream()); Poco::Net::HTMLForm form(request, request.stream());
#line 10 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp" #line 11 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp"
auto user = mSession->getUser(); auto user = mSession->getUser();
auto sm = SessionManager::getInstance(); auto sm = SessionManager::getInstance();
auto uri_start = ServerConfig::g_serverPath;
// remove old cookies if exist // remove old cookies if exist
sm->deleteLoginCookies(request, response, mSession); sm->deleteLoginCookies(request, response, mSession);
// save login cookie, because maybe we've get an new session // save login cookie, because maybe we've get an new session
@ -41,10 +43,11 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request
mSession->addError(new Error("Passwort", "Passw&ouml;rter sind nicht identisch.")); mSession->addError(new Error("Passwort", "Passw&ouml;rter sind nicht identisch."));
} else if(SessionManager::getInstance()->checkPwdValidation(pwd, mSession)) { } else if(SessionManager::getInstance()->checkPwdValidation(pwd, mSession)) {
if(user->setNewPassword(form.get("register-password"))) { if(user->setNewPassword(form.get("register-password"))) {
std::string referUri = request.get("Referer", "./"); //std::string referUri = request.get("Referer", uri_start + "/");
//printf("[updateUserPasswordPage] referUri: %s\n", referUri.data()); //printf("[updateUserPasswordPage] redirect to referUri: %s\n", referUri.data());
mSession->updateEmailVerification(mSession->getEmailVerificationCode());
mSession->getErrors(user); mSession->getErrors(user);
response.redirect(referUri); response.redirect(uri_start + "/passphrase");
return; return;
} }
@ -101,7 +104,7 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request
responseStream << "<div class=\"grd_container\">\n"; responseStream << "<div class=\"grd_container\">\n";
responseStream << "\t<h1>Passwort bestimmen</h1>\n"; responseStream << "\t<h1>Passwort bestimmen</h1>\n";
responseStream << "\t"; responseStream << "\t";
#line 81 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp" #line 84 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp"
responseStream << ( getErrorsHtml() ); responseStream << ( getErrorsHtml() );
responseStream << "\n"; responseStream << "\n";
responseStream << "\t<form method=\"POST\">\t\n"; responseStream << "\t<form method=\"POST\">\t\n";
@ -124,7 +127,7 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request
responseStream << "</div>\n"; responseStream << "</div>\n";
responseStream << "<div class=\"grd-time-used\">\n"; responseStream << "<div class=\"grd-time-used\">\n";
responseStream << "\t"; responseStream << "\t";
#line 101 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp" #line 104 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp"
responseStream << ( mTimeProfiler.string() ); responseStream << ( mTimeProfiler.string() );
responseStream << "\n"; responseStream << "\n";
responseStream << "</div>\n"; responseStream << "</div>\n";

6
src/cpp/model/User.cpp
View File

@ -14,7 +14,7 @@
using namespace Poco::Data::Keywords; using namespace Poco::Data::Keywords;
#define DEBUG_USER_DELETE_ENV //#define DEBUG_USER_DELETE_ENV
// ------------------------------------------------------------------------------------------------- // -------------------------------------------------------------------------------------------------
@ -359,7 +359,7 @@ UserStates User::getUserState()
// TODO: if a password and privkey already exist, load current private key and re encrypt with new crypto key // TODO: if a password and privkey already exist, load current private key and re encrypt with new crypto key
bool User::setNewPassword(const std::string& newPassword) bool User::setNewPassword(const std::string& newPassword)
{ {
Profiler timeUsed;
if (newPassword == "") { if (newPassword == "") {
lock(); lock();
addError(new Error("Passwort", "Ist leer.")); addError(new Error("Passwort", "Ist leer."));
@ -384,6 +384,8 @@ bool User::setNewPassword(const std::string& newPassword)
savePassword->scheduleTask(savePassword); savePassword->scheduleTask(savePassword);
unlock(); unlock();
printf("[User::setNewPassword] timeUsed: %s\n", timeUsed.string().data());
return true; return true;
} }

4
src/cpsp/dashboard.cpsp
View File

@ -35,9 +35,9 @@
<p><%= mSession->getSessionStateString() %></p> <p><%= mSession->getSessionStateString() %></p>
<% if(mSession->getSessionState() == SESSION_STATE_EMAIL_VERIFICATION_SEND) { %> <% if(mSession->getSessionState() == SESSION_STATE_EMAIL_VERIFICATION_SEND) { %>
<p>Verification Code E-Mail wurde erfolgreich an dich verschickt, bitte schaue auch in dein Spam-Verzeichnis nach wenn du sie nicht findest und klicke auf den Link den du dort findest oder kopiere den Code hier her:</p> <p>Verification Code E-Mail wurde erfolgreich an dich verschickt, bitte schaue auch in dein Spam-Verzeichnis nach wenn du sie nicht findest und klicke auf den Link den du dort findest oder kopiere den Code hier her:</p>
<form method="GET" action="checkEmail"> <form method="GET" action="<%= uri_start %>/checkEmail">
<input type="number" name="email-verification-code"> <input type="number" name="email-verification-code">
<input class="grd_bn_succeed" type="submit" value="Überprüfe Code"> <input class="grd_bn_succeed" type="submit" value="&Uuml;berpr&uuml;fe Code">
</form> </form>
<% } else if(mSession->getSessionState() == SESSION_STATE_EMAIL_VERIFICATION_WRITTEN) { %> <% } else if(mSession->getSessionState() == SESSION_STATE_EMAIL_VERIFICATION_WRITTEN) { %>
<p>Hast du schon eine E-Mail mit einem Verification Code erhalten? Wenn ja kannst du ihn hier hinein kopieren:</p> <p>Hast du schon eine E-Mail mit einem Verification Code erhalten? Wenn ja kannst du ihn hier hinein kopieren:</p>

9
src/cpsp/updateUserPassword.cpsp
View File

@ -6,10 +6,12 @@
<%! <%!
#include "../SingletonManager/SessionManager.h" #include "../SingletonManager/SessionManager.h"
#include "Poco/Net/HTTPCookie.h" #include "Poco/Net/HTTPCookie.h"
#include "../ServerConfig.h"
%> %>
<%% <%%
auto user = mSession->getUser(); auto user = mSession->getUser();
auto sm = SessionManager::getInstance(); auto sm = SessionManager::getInstance();
auto uri_start = ServerConfig::g_serverPath;
// remove old cookies if exist // remove old cookies if exist
sm->deleteLoginCookies(request, response, mSession); sm->deleteLoginCookies(request, response, mSession);
// save login cookie, because maybe we've get an new session // save login cookie, because maybe we've get an new session
@ -22,10 +24,11 @@
mSession->addError(new Error("Passwort", "Passw&ouml;rter sind nicht identisch.")); mSession->addError(new Error("Passwort", "Passw&ouml;rter sind nicht identisch."));
} else if(SessionManager::getInstance()->checkPwdValidation(pwd, mSession)) { } else if(SessionManager::getInstance()->checkPwdValidation(pwd, mSession)) {
if(user->setNewPassword(form.get("register-password"))) { if(user->setNewPassword(form.get("register-password"))) {
std::string referUri = request.get("Referer", "./"); //std::string referUri = request.get("Referer", uri_start + "/");
//printf("[updateUserPasswordPage] referUri: %s\n", referUri.data()); //printf("[updateUserPasswordPage] redirect to referUri: %s\n", referUri.data());
mSession->updateEmailVerification(mSession->getEmailVerificationCode());
mSession->getErrors(user); mSession->getErrors(user);
response.redirect(referUri); response.redirect(uri_start + "/passphrase");
return; return;
} }