IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2026-02-06 09:56:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

take updates from stage1 for allow vue-client connecting

Browse Source
This commit is contained in:
einhornimmond 2021-03-04 17:34:47 +01:00 committed by Ulf Gebhardt
parent e49802c9bc
commit d6b59d5dfd
No known key found for this signature in database
GPG Key ID: 81308EFE29ABFEBD
8 changed files with 57 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/cpp/Gradido_LoginServer.cpp
View File

@ -256,8 +256,8 @@ int Gradido_LoginServer::main(const std::vector<std::string>& args)
// load pending tasks not finished in last session // load pending tasks not finished in last session
PendingTasksManager::getInstance()->load(); PendingTasksManager::getInstance()->load();
int php_server_ping = config().getInt("phpServer.ping", 600000);
CronManager::getInstance()->init(); CronManager::getInstance()->init(php_server_ping);
printf("[Gradido_LoginServer::main] started in %s\n", usedTime.string().data()); printf("[Gradido_LoginServer::main] started in %s\n", usedTime.string().data());
// wait for CTRL-C or kill // wait for CTRL-C or kill
@ -270,7 +270,6 @@ int Gradido_LoginServer::main(const std::vector<std::string>& args)
// Stop the json server // Stop the json server
json_srv.stop(); json_srv.stop();
ServerConfig::unload(); ServerConfig::unload();
Poco::Net::uninitializeSSL(); Poco::Net::uninitializeSSL();
// Optional: Delete all global objects allocated by libprotobuf. // Optional: Delete all global objects allocated by libprotobuf.

12
src/cpp/JSONInterface/JsonCreateUser.cpp
View File

@ -18,6 +18,7 @@ Poco::JSON::Object* JsonCreateUser::handle(Poco::Dynamic::Var params)
bool login_after_register = false; bool login_after_register = false;
int emailType; int emailType;
int group_id; int group_id;
auto em = EmailManager::getInstance(); auto em = EmailManager::getInstance();
auto sm = SessionManager::getInstance(); auto sm = SessionManager::getInstance();
@ -35,6 +36,7 @@ Poco::JSON::Object* JsonCreateUser::handle(Poco::Dynamic::Var params)
paramJsonObject->get("last_name").convert(last_name); paramJsonObject->get("last_name").convert(last_name);
paramJsonObject->get("emailType").convert(emailType); paramJsonObject->get("emailType").convert(emailType);
paramJsonObject->get("group_id").convert(group_id); paramJsonObject->get("group_id").convert(group_id);
if ((ServerConfig::g_AllowUnsecureFlags & ServerConfig::UNSECURE_PASSWORD_REQUESTS)) { if ((ServerConfig::g_AllowUnsecureFlags & ServerConfig::UNSECURE_PASSWORD_REQUESTS)) {
paramJsonObject->get("password").convert(password); paramJsonObject->get("password").convert(password);
} }
@ -52,15 +54,15 @@ Poco::JSON::Object* JsonCreateUser::handle(Poco::Dynamic::Var params)
auto user = controller::User::create(); auto user = controller::User::create();
if (user->load(email) > 0) { if (user->load(email) > 0) {
// return customStateError("exist", "user already exist"); /*Poco::JSON::Object* result = new Poco::JSON::Object;
Poco::JSON::Object* result = new Poco::JSON::Object;
result->set("state", "exist"); result->set("state", "exist");
result->set("msg", "user already exist"); result->set("msg", "user already exist");
return result; return result;*/
return customStateError("exist", "user already exist");
} }
if (password.size()) { if (password.size()) {
ErrorList errors; NotificationList errors;
if (!sm->checkPwdValidation(password, &errors)) { if (!sm->checkPwdValidation(password, &errors)) {
Poco::JSON::Object* result = new Poco::JSON::Object; Poco::JSON::Object* result = new Poco::JSON::Object;
result->set("state", "error"); result->set("state", "error");
@ -91,7 +93,7 @@ Poco::JSON::Object* JsonCreateUser::handle(Poco::Dynamic::Var params)
UniLib::controller::TaskPtr create_authenticated_encrypten_key = new AuthenticatedEncryptionCreateKeyTask(user, password); UniLib::controller::TaskPtr create_authenticated_encrypten_key = new AuthenticatedEncryptionCreateKeyTask(user, password);
create_authenticated_encrypten_key->scheduleTask(create_authenticated_encrypten_key); create_authenticated_encrypten_key->scheduleTask(create_authenticated_encrypten_key);
} }
auto emailOptIn = controller::EmailVerificationCode::create(userModel->getID(), model::table::EMAIL_OPT_IN_REGISTER); auto emailOptIn = controller::EmailVerificationCode::create(userModel->getID(), model::table::EMAIL_OPT_IN_REGISTER);
auto emailOptInModel = emailOptIn->getModel(); auto emailOptInModel = emailOptIn->getModel();
if (!emailOptInModel->insertIntoDB(false)) { if (!emailOptInModel->insertIntoDB(false)) {

49
src/cpp/JSONInterface/JsonGetLogin.cpp
View File

@ -16,50 +16,15 @@ Poco::JSON::Object* JsonGetLogin::handle(Poco::Dynamic::Var params)
auto pt = PendingTasksManager::getInstance(); auto pt = PendingTasksManager::getInstance();
auto observer = SingletonTaskObserver::getInstance(); auto observer = SingletonTaskObserver::getInstance();
if (params.isStruct()) { auto session_check_result = checkAndLoadSession(params, true);
session_id = params["session_id"]; if (session_check_result) {
//std::string miau = params["miau"]; return session_check_result;
}
else if (params.isVector()) {
try {
const Poco::URI::QueryParameters queryParams = params.extract<Poco::URI::QueryParameters>();
for (auto it = queryParams.begin(); it != queryParams.end(); it++) {
if (it->first == "session_id") {
auto numberParseResult = DataTypeConverter::strToInt(it->second, session_id);
if (DataTypeConverter::NUMBER_PARSE_OKAY != numberParseResult) {
return stateError("error parsing session_id", DataTypeConverter::numberParseStateToString(numberParseResult));
}
break;
}
}
//auto var = params[0];
}
catch (Poco::Exception& ex) {
return stateError("error parsing query params, Poco Error", ex.displayText());
}
}
if (!session_id) {
return stateError("empty session id");
}
auto session = sm->getSession(session_id);
if (!session) {
return customStateError("not found", "session not found");
}
auto userNew = session->getNewUser();
//auto user = session->getUser();
if (userNew.isNull()) {
return customStateError("not found", "Session didn't contain user");
}
auto userModel = userNew->getModel();
if(userModel.isNull()) {
return customStateError("not found", "User is empty");
} }
Poco::JSON::Object* result = new Poco::JSON::Object; Poco::JSON::Object* result = new Poco::JSON::Object;
result->set("state", "success"); result->set("state", "success");
result->set("clientIP", session->getClientIp().toString()); //result->set("clientIP", mSession->getClientIp().toString());
auto userNew = mSession->getNewUser();
try { try {
result->set("user", userNew->getJson()); result->set("user", userNew->getJson());
} }
@ -82,7 +47,7 @@ Poco::JSON::Object* JsonGetLogin::handle(Poco::Dynamic::Var params)
//pending = some_must_sign.size(); //pending = some_must_sign.size();
result->set("Transactions.can_signed", some_must_sign.size()); result->set("Transactions.can_signed", some_must_sign.size());
auto executing = observer->getTaskCount(userModel->getEmail(), TASK_OBSERVER_SIGN_TRANSACTION); auto executing = observer->getTaskCount(userNew->getModel()->getEmail(), TASK_OBSERVER_SIGN_TRANSACTION);
if (executing < 0) { if (executing < 0) {
executing = 0; executing = 0;
} }

5
src/cpp/JSONInterface/JsonRequestHandler.cpp
View File

@ -29,7 +29,6 @@ JsonRequestHandler::JsonRequestHandler(Session* session)
void JsonRequestHandler::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response) void JsonRequestHandler::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response)
{ {
response.setChunkedTransferEncoding(false); response.setChunkedTransferEncoding(false);
response.setContentType("application/json"); response.setContentType("application/json");
if (ServerConfig::g_AllowUnsecureFlags & ServerConfig::UNSECURE_CORS_ALL) { if (ServerConfig::g_AllowUnsecureFlags & ServerConfig::UNSECURE_CORS_ALL) {
@ -72,12 +71,12 @@ void JsonRequestHandler::handleRequest(Poco::Net::HTTPServerRequest& request, Po
json_result->get("session_id").convert(session_id); json_result->get("session_id").convert(session_id);
} }
catch (Poco::Exception& e) { catch (Poco::Exception& e) {
ErrorList erros; NotificationList erros;
erros.addError(new Error("json request", "invalid session_id")); erros.addError(new Error("json request", "invalid session_id"));
erros.sendErrorsAsEmail(); erros.sendErrorsAsEmail();
} }
if (session_id) { if (session_id) {
auto session = SessionManager::getInstance()->getSession("session_id"); auto session = SessionManager::getInstance()->getSession(session_id);
response.addCookie(session->getLoginCookie()); response.addCookie(session->getLoginCookie());
} }
} }

15
src/cpp/JSONInterface/JsonRequestHandlerFactory.cpp
View File

@ -14,8 +14,10 @@
#include "JsonTransaction.h" #include "JsonTransaction.h"
#include "JsonGetRunningUserTasks.h" #include "JsonGetRunningUserTasks.h"
#include "JsonGetUsers.h" #include "JsonGetUsers.h"
#include "JsonLogout.h"
#include "JsonNetworkInfos.h" #include "JsonNetworkInfos.h"
#include "JsonGetUserInfos.h" #include "JsonGetUserInfos.h"
#include "JsonUnsecureLogin.h"
#include "JsonUpdateUserInfos.h" #include "JsonUpdateUserInfos.h"
#include "JsonUnsecureLogin.h" #include "JsonUnsecureLogin.h"
#include "JsonLogout.h" #include "JsonLogout.h"
@ -63,6 +65,12 @@ Poco::Net::HTTPRequestHandler* JsonRequestHandlerFactory::createRequestHandler(c
s = sm->getSession(session_id); s = sm->getSession(session_id);
} }
auto client_host = request.clientAddress().host();
//auto client_ip = request.clientAddress();
// X-Real-IP forwarded ip from nginx config
auto client_host_string = request.get("X-Real-IP", client_host.toString());
client_host = Poco::Net::IPAddress(client_host_string);
if (url_first_part == "/login") { if (url_first_part == "/login") {
return new JsonGetLogin; return new JsonGetLogin;
} }
@ -107,6 +115,9 @@ Poco::Net::HTTPRequestHandler* JsonRequestHandlerFactory::createRequestHandler(c
requestHandler->setSession(s); requestHandler->setSession(s);
return requestHandler; return requestHandler;
} }
else if (url_first_part == "/unsecureLogin" && (ServerConfig::g_AllowUnsecureFlags & ServerConfig::UNSECURE_PASSWORD_REQUESTS)) {
return new JsonUnsecureLogin(client_host);
}
else if (url_first_part == "/appLogin") { else if (url_first_part == "/appLogin") {
return new JsonAppLogin; return new JsonAppLogin;
} }
@ -115,5 +126,9 @@ Poco::Net::HTTPRequestHandler* JsonRequestHandlerFactory::createRequestHandler(c
sm->releaseSession(s); sm->releaseSession(s);
} }
} }
else if (url_first_part == "/logout") {
return new JsonLogout(client_host);
}
return new JsonUnknown; return new JsonUnknown;
} }

3
src/cpp/JSONInterface/JsonUnsecureLogin.cpp
View File

@ -52,7 +52,7 @@ Poco::JSON::Object* JsonUnsecureLogin::handle(Poco::Dynamic::Var params)
return stateError("user with email not found", email); return stateError("user with email not found", email);
} }
ErrorList pwd_errors; NotificationList pwd_errors;
Poco::JSON::Object* result = new Poco::JSON::Object; Poco::JSON::Object* result = new Poco::JSON::Object;
if (!password.size() || !sm->checkPwdValidation(password, &pwd_errors)) { if (!password.size() || !sm->checkPwdValidation(password, &pwd_errors)) {
@ -110,5 +110,4 @@ Poco::JSON::Object* JsonUnsecureLogin::handle(Poco::Dynamic::Var params)
sm->releaseSession(session); sm->releaseSession(session);
return result; return result;
} }

19
src/cpp/ServerConfig.cpp
View File

@ -59,8 +59,10 @@ namespace ServerConfig {
ServerSetupType g_ServerSetupType = SERVER_TYPE_PRODUCTION; ServerSetupType g_ServerSetupType = SERVER_TYPE_PRODUCTION;
std::string g_gRPCRelayServerFullURL; std::string g_gRPCRelayServerFullURL;
MemoryBin* g_CryptoAppSecret = nullptr; MemoryBin* g_CryptoAppSecret = nullptr;
AllowUnsecure g_AllowUnsecureFlags = NOT_UNSECURE;
HederaConsensusMessageFormat g_ConsensusMessageFormat = HEDERA_CONSENSUS_FORMAT_BINARY; HederaConsensusMessageFormat g_ConsensusMessageFormat = HEDERA_CONSENSUS_FORMAT_BINARY;
HederaNetworkType g_HederaNetworkType = HEDERA_TESTNET; HederaNetworkType g_HederaNetworkType = HEDERA_TESTNET;
Poco::Timespan g_HederaDefaultTimeout;
#ifdef __linux__ #ifdef __linux__
#include <stdio.h> #include <stdio.h>
@ -262,6 +264,23 @@ namespace ServerConfig {
} }
//g_CryptoAppSecret //g_CryptoAppSecret
// unsecure flags
//g_AllowUnsecureFlags
if (cfg.getInt("unsecure.allow_passwort_via_json_request", 0) == 1) {
g_AllowUnsecureFlags = (AllowUnsecure)(g_AllowUnsecureFlags | UNSECURE_PASSWORD_REQUESTS);
}
if (cfg.getInt("unsecure.allow_auto_sign_transactions", 0) == 1) {
g_AllowUnsecureFlags = (AllowUnsecure)(g_AllowUnsecureFlags | UNSECURE_AUTO_SIGN_TRANSACTIONS);
}
if (cfg.getInt("unsecure.allow_cors_all", 0) == 1) {
g_AllowUnsecureFlags = (AllowUnsecure)(g_AllowUnsecureFlags | UNSECURE_CORS_ALL);
}
if (cfg.getInt("unsecure.allow_all_passwords", 0) == 1) {
g_AllowUnsecureFlags = (AllowUnsecure)(g_AllowUnsecureFlags | UNSECURE_ALLOW_ALL_PASSWORDS);
}
g_HederaDefaultTimeout = cfg.getInt("hedera.default_timeout", 5);
g_gRPCRelayServerFullURL = cfg.getString("grpc.server", ""); g_gRPCRelayServerFullURL = cfg.getString("grpc.server", "");
// unsecure flags // unsecure flags

4
src/cpp/ServerConfig.h
View File

@ -61,6 +61,8 @@ namespace ServerConfig {
HEDERA_UNKNOWN HEDERA_UNKNOWN
}; };
extern Mnemonic g_Mnemonic_WordLists[MNEMONIC_MAX]; extern Mnemonic g_Mnemonic_WordLists[MNEMONIC_MAX];
@ -90,6 +92,8 @@ namespace ServerConfig {
extern AllowUnsecure g_AllowUnsecureFlags; extern AllowUnsecure g_AllowUnsecureFlags;
extern HederaConsensusMessageFormat g_ConsensusMessageFormat; extern HederaConsensusMessageFormat g_ConsensusMessageFormat;
extern HederaNetworkType g_HederaNetworkType; extern HederaNetworkType g_HederaNetworkType;
extern Poco::Timespan g_HederaDefaultTimeout;
bool loadMnemonicWordLists(); bool loadMnemonicWordLists();
bool initServerCrypto(const Poco::Util::LayeredConfiguration& cfg); bool initServerCrypto(const Poco::Util::LayeredConfiguration& cfg);