IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

take updates from stage1 for allow vue-client connecting

Browse Source
This commit is contained in:
einhornimmond 2021-03-04 17:34:47 +01:00 committed by Ulf Gebhardt
parent e49802c9bc
commit d6b59d5dfd
No known key found for this signature in database
GPG Key ID: 81308EFE29ABFEBD
8 changed files with 57 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/cpp/Gradido_LoginServer.cpp
View File

@ -256,8 +256,8 @@ int Gradido_LoginServer::main(const std::vector<std::string>& args)
// load pending tasks not finished in last session
PendingTasksManager::getInstance()->load();
CronManager::getInstance()->init();
int php_server_ping = config().getInt("phpServer.ping", 600000);
CronManager::getInstance()->init(php_server_ping);
printf("[Gradido_LoginServer::main] started in %s\n", usedTime.string().data());
// wait for CTRL-C or kill
@ -270,7 +270,6 @@ int Gradido_LoginServer::main(const std::vector<std::string>& args)
// Stop the json server
json_srv.stop();
ServerConfig::unload();
Poco::Net::uninitializeSSL();
// Optional: Delete all global objects allocated by libprotobuf.

12
src/cpp/JSONInterface/JsonCreateUser.cpp
View File

@ -18,6 +18,7 @@ Poco::JSON::Object* JsonCreateUser::handle(Poco::Dynamic::Var params)
bool login_after_register = false;
int emailType;
int group_id;
auto em = EmailManager::getInstance();
auto sm = SessionManager::getInstance();
@ -35,6 +36,7 @@ Poco::JSON::Object* JsonCreateUser::handle(Poco::Dynamic::Var params)
paramJsonObject->get("last_name").convert(last_name);
paramJsonObject->get("emailType").convert(emailType);
paramJsonObject->get("group_id").convert(group_id);
if ((ServerConfig::g_AllowUnsecureFlags & ServerConfig::UNSECURE_PASSWORD_REQUESTS)) {
paramJsonObject->get("password").convert(password);
}
@ -52,15 +54,15 @@ Poco::JSON::Object* JsonCreateUser::handle(Poco::Dynamic::Var params)
auto user = controller::User::create();
if (user->load(email) > 0) {
// return customStateError("exist", "user already exist");
Poco::JSON::Object* result = new Poco::JSON::Object;
/*Poco::JSON::Object* result = new Poco::JSON::Object;
result->set("state", "exist");
result->set("msg", "user already exist");
return result;
return result;*/
return customStateError("exist", "user already exist");
}
if (password.size()) {
ErrorList errors;
NotificationList errors;
if (!sm->checkPwdValidation(password, &errors)) {
Poco::JSON::Object* result = new Poco::JSON::Object;
result->set("state", "error");
@ -91,7 +93,7 @@ Poco::JSON::Object* JsonCreateUser::handle(Poco::Dynamic::Var params)
UniLib::controller::TaskPtr create_authenticated_encrypten_key = new AuthenticatedEncryptionCreateKeyTask(user, password);
create_authenticated_encrypten_key->scheduleTask(create_authenticated_encrypten_key);
}
auto emailOptIn = controller::EmailVerificationCode::create(userModel->getID(), model::table::EMAIL_OPT_IN_REGISTER);
auto emailOptInModel = emailOptIn->getModel();
if (!emailOptInModel->insertIntoDB(false)) {

49
src/cpp/JSONInterface/JsonGetLogin.cpp
View File

@ -16,50 +16,15 @@ Poco::JSON::Object* JsonGetLogin::handle(Poco::Dynamic::Var params)
auto pt = PendingTasksManager::getInstance();
auto observer = SingletonTaskObserver::getInstance();
if (params.isStruct()) {
session_id = params["session_id"];
//std::string miau = params["miau"];
}
else if (params.isVector()) {
try {
const Poco::URI::QueryParameters queryParams = params.extract<Poco::URI::QueryParameters>();
for (auto it = queryParams.begin(); it != queryParams.end(); it++) {
if (it->first == "session_id") {
auto numberParseResult = DataTypeConverter::strToInt(it->second, session_id);
if (DataTypeConverter::NUMBER_PARSE_OKAY != numberParseResult) {
return stateError("error parsing session_id", DataTypeConverter::numberParseStateToString(numberParseResult));
}
break;
}
}
//auto var = params[0];
}
catch (Poco::Exception& ex) {
return stateError("error parsing query params, Poco Error", ex.displayText());
}
}
if (!session_id) {
return stateError("empty session id");
}
auto session = sm->getSession(session_id);
if (!session) {
return customStateError("not found", "session not found");
}
auto userNew = session->getNewUser();
//auto user = session->getUser();
if (userNew.isNull()) {
return customStateError("not found", "Session didn't contain user");
}
auto userModel = userNew->getModel();
if(userModel.isNull()) {
return customStateError("not found", "User is empty");
auto session_check_result = checkAndLoadSession(params, true);
if (session_check_result) {
return session_check_result;
}
Poco::JSON::Object* result = new Poco::JSON::Object;
result->set("state", "success");
result->set("clientIP", session->getClientIp().toString());
//result->set("clientIP", mSession->getClientIp().toString());
auto userNew = mSession->getNewUser();
try {
result->set("user", userNew->getJson());
}
@ -82,7 +47,7 @@ Poco::JSON::Object* JsonGetLogin::handle(Poco::Dynamic::Var params)
//pending = some_must_sign.size();
result->set("Transactions.can_signed", some_must_sign.size());
auto executing = observer->getTaskCount(userModel->getEmail(), TASK_OBSERVER_SIGN_TRANSACTION);
auto executing = observer->getTaskCount(userNew->getModel()->getEmail(), TASK_OBSERVER_SIGN_TRANSACTION);
if (executing < 0) {
executing = 0;
}

5
src/cpp/JSONInterface/JsonRequestHandler.cpp
View File

@ -29,7 +29,6 @@ JsonRequestHandler::JsonRequestHandler(Session* session)
void JsonRequestHandler::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response)
{
response.setChunkedTransferEncoding(false);
response.setContentType("application/json");
if (ServerConfig::g_AllowUnsecureFlags & ServerConfig::UNSECURE_CORS_ALL) {
@ -72,12 +71,12 @@ void JsonRequestHandler::handleRequest(Poco::Net::HTTPServerRequest& request, Po
json_result->get("session_id").convert(session_id);
}
catch (Poco::Exception& e) {
ErrorList erros;
NotificationList erros;
erros.addError(new Error("json request", "invalid session_id"));
erros.sendErrorsAsEmail();
}
if (session_id) {
auto session = SessionManager::getInstance()->getSession("session_id");
auto session = SessionManager::getInstance()->getSession(session_id);
response.addCookie(session->getLoginCookie());
}
}

15
src/cpp/JSONInterface/JsonRequestHandlerFactory.cpp
View File

@ -14,8 +14,10 @@
#include "JsonTransaction.h"
#include "JsonGetRunningUserTasks.h"
#include "JsonGetUsers.h"
#include "JsonLogout.h"
#include "JsonNetworkInfos.h"
#include "JsonGetUserInfos.h"
#include "JsonUnsecureLogin.h"
#include "JsonUpdateUserInfos.h"
#include "JsonUnsecureLogin.h"
#include "JsonLogout.h"
@ -63,6 +65,12 @@ Poco::Net::HTTPRequestHandler* JsonRequestHandlerFactory::createRequestHandler(c
s = sm->getSession(session_id);
}
auto client_host = request.clientAddress().host();
//auto client_ip = request.clientAddress();
// X-Real-IP forwarded ip from nginx config
auto client_host_string = request.get("X-Real-IP", client_host.toString());
client_host = Poco::Net::IPAddress(client_host_string);
if (url_first_part == "/login") {
return new JsonGetLogin;
}
@ -107,6 +115,9 @@ Poco::Net::HTTPRequestHandler* JsonRequestHandlerFactory::createRequestHandler(c
requestHandler->setSession(s);
return requestHandler;
}
else if (url_first_part == "/unsecureLogin" && (ServerConfig::g_AllowUnsecureFlags & ServerConfig::UNSECURE_PASSWORD_REQUESTS)) {
return new JsonUnsecureLogin(client_host);
}
else if (url_first_part == "/appLogin") {
return new JsonAppLogin;
}
@ -115,5 +126,9 @@ Poco::Net::HTTPRequestHandler* JsonRequestHandlerFactory::createRequestHandler(c
sm->releaseSession(s);
}
}
else if (url_first_part == "/logout") {
return new JsonLogout(client_host);
}
return new JsonUnknown;
}

3
src/cpp/JSONInterface/JsonUnsecureLogin.cpp
View File

@ -52,7 +52,7 @@ Poco::JSON::Object* JsonUnsecureLogin::handle(Poco::Dynamic::Var params)
return stateError("user with email not found", email);
}
ErrorList pwd_errors;
NotificationList pwd_errors;
Poco::JSON::Object* result = new Poco::JSON::Object;
if (!password.size() || !sm->checkPwdValidation(password, &pwd_errors)) {
@ -110,5 +110,4 @@ Poco::JSON::Object* JsonUnsecureLogin::handle(Poco::Dynamic::Var params)
sm->releaseSession(session);
return result;
}

19
src/cpp/ServerConfig.cpp
View File

@ -59,8 +59,10 @@ namespace ServerConfig {
ServerSetupType g_ServerSetupType = SERVER_TYPE_PRODUCTION;
std::string g_gRPCRelayServerFullURL;
MemoryBin* g_CryptoAppSecret = nullptr;
AllowUnsecure g_AllowUnsecureFlags = NOT_UNSECURE;
HederaConsensusMessageFormat g_ConsensusMessageFormat = HEDERA_CONSENSUS_FORMAT_BINARY;
HederaNetworkType g_HederaNetworkType = HEDERA_TESTNET;
Poco::Timespan g_HederaDefaultTimeout;
#ifdef __linux__
#include <stdio.h>
@ -262,6 +264,23 @@ namespace ServerConfig {
}
//g_CryptoAppSecret
// unsecure flags
//g_AllowUnsecureFlags
if (cfg.getInt("unsecure.allow_passwort_via_json_request", 0) == 1) {
g_AllowUnsecureFlags = (AllowUnsecure)(g_AllowUnsecureFlags | UNSECURE_PASSWORD_REQUESTS);
}
if (cfg.getInt("unsecure.allow_auto_sign_transactions", 0) == 1) {
g_AllowUnsecureFlags = (AllowUnsecure)(g_AllowUnsecureFlags | UNSECURE_AUTO_SIGN_TRANSACTIONS);
}
if (cfg.getInt("unsecure.allow_cors_all", 0) == 1) {
g_AllowUnsecureFlags = (AllowUnsecure)(g_AllowUnsecureFlags | UNSECURE_CORS_ALL);
}
if (cfg.getInt("unsecure.allow_all_passwords", 0) == 1) {
g_AllowUnsecureFlags = (AllowUnsecure)(g_AllowUnsecureFlags | UNSECURE_ALLOW_ALL_PASSWORDS);
}
g_HederaDefaultTimeout = cfg.getInt("hedera.default_timeout", 5);
g_gRPCRelayServerFullURL = cfg.getString("grpc.server", "");
// unsecure flags

4
src/cpp/ServerConfig.h
View File

@ -61,6 +61,8 @@ namespace ServerConfig {
HEDERA_UNKNOWN
};
extern Mnemonic g_Mnemonic_WordLists[MNEMONIC_MAX];
@ -90,6 +92,8 @@ namespace ServerConfig {
extern AllowUnsecure g_AllowUnsecureFlags;
extern HederaConsensusMessageFormat g_ConsensusMessageFormat;
extern HederaNetworkType g_HederaNetworkType;
extern Poco::Timespan g_HederaDefaultTimeout;
bool loadMnemonicWordLists();
bool initServerCrypto(const Poco::Util::LayeredConfiguration& cfg);