fix last bugs with register new user

2025-12-13 07:45:54 +00:00 · 2019-10-15 11:26:36 +02:00 · 2019-10-15 11:26:36 +02:00 · e443a7bb4c
commit e443a7bb4c
parent e74271def7
11 changed files with 60 additions and 24 deletions
--- a/src/cpp/HTTPInterface/CheckEmailPage.cpp
+++ b/src/cpp/HTTPInterface/CheckEmailPage.cpp
@ -39,7 +39,7 @@ void CheckEmailPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
 	if(mSession) {
 		getErrors(mSession);
 		if(mSession->getSessionState() < SESSION_STATE_EMAIL_VERIFICATION_SEND) {
-			state = MAIL_NOT_SEND;
+			//state = MAIL_NOT_SEND;
 		}
 	}
@ -93,22 +93,34 @@ void CheckEmailPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
 } else if(state == ASK_VERIFICATION_CODE) { 	responseStream << "\n";
 	responseStream << "\t<form method=\"GET\">\n";
 	responseStream << "\t\t<p>Bitte gebe deinen E-Mail Verification Code ein. </p>\n";
 	responseStream << "\t\t";
 #line 68 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\checkEmail.cpsp"
 if(mSession && !mSession->getUser().isNull()) {	responseStream << "\n";
 	responseStream << "\t\t\t<p>Er wurde an deine E-Mail Adresse: ";
 #line 69 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\checkEmail.cpsp"
 	responseStream << ( mSession->getUser()->getEmail() );
 	responseStream << " gesendet.</p>\n";
 	responseStream << "\t\t";
 #line 70 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\checkEmail.cpsp"
 } 	responseStream << "\n";
 	responseStream << "\t\t<input type=\"number\" name=\"email-verification-code\">\n";
 	responseStream << "\t\t<input class=\"grd_bn_succeed\" type=\"submit\" value=\"Überprüfe Code\">\n";
 	responseStream << "\t\t<p>Du hast bisher keinen Code erhalten? </p>\n";
 	responseStream << "\t\t<p>E-Mail erneut zuschicken (in Arbeit)</p>\n";
 	responseStream << "\t</form>\n";
 	responseStream << "\t";
-#line 71 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\checkEmail.cpsp"
+#line 76 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\checkEmail.cpsp"
 } else { 	responseStream << "\n";
 	responseStream << "\t<div class=\"grd_text\">\n";
 	responseStream << "\t\t\tUngültige Seite, wenn du das siehst stimmt hier etwas nicht. Bitte wende dich an den Server-Admin. \n";
 	responseStream << "\t\t</div>\n";
 	responseStream << "\t";
-#line 75 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\checkEmail.cpsp"
+#line 80 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\checkEmail.cpsp"
 } 	responseStream << "\n";
 	responseStream << "</div>\n";
 	responseStream << "<div class=\"grd-time-used\">\n";
 	responseStream << "\t";
-#line 78 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\checkEmail.cpsp"
+#line 83 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\checkEmail.cpsp"
 	responseStream << ( mTimeProfiler.string() );
 	responseStream << "\n";
 	responseStream << "</div>\n";
--- a/src/cpp/HTTPInterface/PageRequestHandlerFactory.cpp
+++ b/src/cpp/HTTPInterface/PageRequestHandlerFactory.cpp
@ -164,10 +164,10 @@ Poco::Net::HTTPRequestHandler* PageRequestHandlerFactory::handleCheckEmail(Sessi
 	// no session or active session don't belong to verification code
 	if (!session || session->getEmailVerificationCode() != verificationCode) {
-		sm->releaseSession(session);
+		//sm->releaseSession(session);
-		session = nullptr;
+		//session = nullptr;
 		// it is maybe unsafe
-		//session = sm->findByEmailVerificationCode(verificationCode);
+		session = sm->findByEmailVerificationCode(verificationCode);
 	}
 	// no suitable session in memory, try to create one from db data
 	if (!session) {
--- a/src/cpp/HTTPInterface/PassphrasePage.cpp
+++ b/src/cpp/HTTPInterface/PassphrasePage.cpp
@ -9,7 +9,7 @@
 #include "../model/Profiler.h"
 #include "../SingletonManager/SessionManager.h"
-
+#include "Poco/Net/HTTPServerParams.h"
 enum PageState 
 {
@ -37,6 +37,7 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
 	PageState state = PAGE_ASK_PASSPHRASE;
 	auto sm = SessionManager::getInstance();
 	auto uri_start = request.serverParams().getServerName();
 	// remove old cookies if exist
 	sm->deleteLoginCookies(request, response, mSession);
 	// save login cookie, because maybe we've get an new session
@ -101,11 +102,11 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
 	responseStream << "<div class=\"grd_container\">\n";
 	responseStream << "\t<h1>Einen neuen Account anlegen</h1>\n";
 	responseStream << "\t";
-#line 82 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
+#line 83 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
 	responseStream << ( getErrorsHtml() );
 	responseStream << "\n";
 	responseStream << "\t";
-#line 83 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
+#line 84 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
 if(state == PAGE_SHOW_PASSPHRASE) {	responseStream << "\n";
 	responseStream << "\t\t<div class=\"grd_text-max-width\">\n";
 	responseStream << "\t\t\t<div class=\"grd_text\">\n";
@ -113,17 +114,20 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
 	responseStream << "\t\t\t</div>\n";
 	responseStream << "\t\t\t<div class=\"grd_textarea\">\n";
 	responseStream << "\t\t\t\t";
-#line 89 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
+#line 90 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
 	responseStream << ( mSession->getPassphrase() );
 	responseStream << "\n";
 	responseStream << "\t\t\t</div>\n";
 	responseStream << "\t\t\t<a href=\"saveKeys\">Weiter</a>\n";
 	responseStream << "\t\t</div>\n";
 	responseStream << "\t";
-#line 93 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
+#line 94 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
 } else if(state == PAGE_ASK_PASSPHRASE) { 	responseStream << "\n";
 	responseStream << "\t<p>Deine E-Mail Adresse wurde erfolgreich bestätigt. </p>\n";
-	responseStream << "\t<form method=\"POST\" action=\"./passphrase\">\n";
+	responseStream << "\t<form method=\"POST\" action=\"";
 #line 96 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
 	responseStream << ( uri_start );
 	responseStream << "/passphrase\">\n";
 	responseStream << "\t\t<fieldset class=\"grd_container_small\">\n";
 	responseStream << "\t\t\t<legend>Neue Gradido Adresse anlegen / wiederherstellen</legend>\n";
 	responseStream << "\t\t\t<p>Hast du schonmal ein Gradido Konto besessen?</p>\n";
@ -136,7 +140,7 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
 	responseStream << "\t\t\t\t<label class=\"grd_radio_label\" for=\"passphrase-new-no\">Ja, bitte wiederherstellen!</label>\n";
 	responseStream << "\t\t\t</p>\n";
 	responseStream << "\t\t\t<textarea style=\"width:100%;height:100px\" name=\"passphrase-existing\">";
-#line 107 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
+#line 108 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
 	responseStream << ( !form.empty() ? form.get("passphrase-existing", "") : "" );
 	responseStream << "</textarea>\n";
 	responseStream << "\t\t</fieldset>\n";
@ -144,18 +148,18 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
 	responseStream << "\t\t\n";
 	responseStream << "\t</form>\n";
 	responseStream << "\t";
-#line 112 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
+#line 113 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
 } else { 	responseStream << "\n";
 	responseStream << "\t\t<div class=\"grd_text\">\n";
 	responseStream << "\t\t\tUngültige Seite, wenn du das siehst stimmt hier etwas nicht. Bitte wende dich an den Server-Admin. \n";
 	responseStream << "\t\t</div>\n";
 	responseStream << "\t";
-#line 116 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
+#line 117 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
 } 	responseStream << "\n";
 	responseStream << "</div>\n";
 	responseStream << "<div class=\"grd-time-used\">\n";
 	responseStream << "\t";
-#line 119 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
+#line 120 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\passphrase.cpsp"
 	responseStream << ( mTimeProfiler.string() );
 	responseStream << "\n";
 	responseStream << "</div>\n";
--- a/src/cpp/HTTPInterface/UpdateUserPasswordPage.cpp
+++ b/src/cpp/HTTPInterface/UpdateUserPasswordPage.cpp
@ -43,9 +43,11 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request
 				if(user->setNewPassword(form.get("register-password"))) {
 					std::string referUri = request.get("Referer", "./");
 					//printf("[updateUserPasswordPage] referUri: %s\n", referUri.data());
 					mSession->getErrors(user);
 					response.redirect(referUri);
 					return;
 				}
 			}
 		}
 	}
@ -99,7 +101,7 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request
 	responseStream << "<div class=\"grd_container\">\n";
 	responseStream << "\t<h1>Passwort bestimmen</h1>\n";
 	responseStream << "\t";
-#line 79 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp"
+#line 81 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp"
 	responseStream << ( getErrorsHtml() );
 	responseStream << "\n";
 	responseStream << "\t<form method=\"POST\">\t\n";
@ -122,7 +124,7 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request
 	responseStream << "</div>\n";
 	responseStream << "<div class=\"grd-time-used\">\n";
 	responseStream << "\t";
-#line 99 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp"
+#line 101 "I:\\Code\\C++\\Eigene_Projekte\\Gradido_LoginServer\\src\\cpsp\\UpdateUserPassword.cpsp"
 	responseStream << ( mTimeProfiler.string() );
 	responseStream << "\n";
 	responseStream << "</div>\n";
--- a/src/cpp/SingletonManager/SessionManager.cpp
+++ b/src/cpp/SingletonManager/SessionManager.cpp
@ -265,6 +265,10 @@ Session* SessionManager::findByEmailVerificationCode(long long emailVerification
 	for (auto it = mRequestSessionMap.begin(); it != mRequestSessionMap.end(); it++) {
 		if (it->second->getEmailVerificationCode() == emailVerificationCode) {
 			result = it->second;
 			if (!result->isActive()) {
 				result = nullptr;
 				continue;
 			}
 			break;
 		}
 	}
@ -315,6 +319,7 @@ void SessionManager::deleteLoginCookies(Poco::Net::HTTPServerRequest& request, P
 		}
 		// delete cookie
 		auto keks = Poco::Net::HTTPCookie("GRADIDO_LOGIN", it->second);
 		keks.setPath("/");
 		// max age of 0 delete cookie
 		keks.setMaxAge(0);
 		response.addCookie(keks);
--- a/src/cpp/SingletonManager/SessionManager.h
+++ b/src/cpp/SingletonManager/SessionManager.h
@ -46,6 +46,7 @@ public:
 	Session* getNewSession(int* handle = nullptr);
 	inline bool releaseSession(Session* requestSession) {
 		if (!requestSession) return false;
 		return releaseSession(requestSession->getHandle());
 	}
 	bool releaseSession(int requestHandleSession);
--- a/src/cpp/model/Session.cpp
+++ b/src/cpp/model/Session.cpp
@ -290,7 +290,7 @@ UserStates Session::loadUser(const std::string& email, const std::string& passwo
 	lock();
 	if (mSessionUser) mSessionUser = nullptr;
 	mSessionUser = new User(email.data());
-	if (mSessionUser->getUserState() == USER_LOADED_FROM_DB) {
+	if (mSessionUser->getUserState() >= USER_LOADED_FROM_DB) {
 		if (!mSessionUser->validatePwd(password, this)) {
 			return USER_PASSWORD_INCORRECT;
 		}
@ -406,6 +406,7 @@ Poco::Net::HTTPCookie Session::getLoginCookie()
 	auto keks = Poco::Net::HTTPCookie("GRADIDO_LOGIN", std::to_string(mHandleId));
 	// prevent reading or changing cookie with js
 	keks.setHttpOnly();
 	keks.setPath("/");
 	// send cookie only via https
 #ifndef WIN32
 	keks.setSecure(true);
--- a/src/cpp/model/User.cpp
+++ b/src/cpp/model/User.cpp
@ -340,6 +340,8 @@ bool User::isEmptyPassword()
 {
 	bool bRet = false;
 	lock();
 	printf("[User::isEmptyPassword] pwd hashed: %d, running: %d, this: %d\n",
 		mPasswordHashed, !mCreateCryptoKeyTask.isNull(), this);
 	bRet = mPasswordHashed == 0 && (mCreateCryptoKeyTask.isNull() || mCreateCryptoKeyTask->isTaskFinished());
 	unlock();
 	return bRet;
@ -372,6 +374,7 @@ bool User::setNewPassword(const std::string& newPassword)
 	}
 	duplicate();
 	lock();
 	printf("[User::setNewPassword] start create crypto key task with this: %d\n", this);
 	mCreateCryptoKeyTask = new UserCreateCryptoKey(this, newPassword, ServerConfig::g_CPUScheduler);
 	mCreateCryptoKeyTask->scheduleTask(mCreateCryptoKeyTask);
 	unlock();
@ -490,7 +493,7 @@ void User::release()
 	mWorkingMutex.lock();
 	mReferenceCount--;
 #ifdef DEBUG_USER_DELETE_ENV
-	printf("[User::release] new value: %d\n", mReferenceCount);
+	printf("[User::release] new value: %d, this: %d\n", mReferenceCount, this);
 #endif
 	if (0 == mReferenceCount) {
 		mWorkingMutex.unlock();
--- a/src/cpsp/checkEmail.cpsp
+++ b/src/cpsp/checkEmail.cpsp
@ -21,7 +21,7 @@ enum PageState
 	if(mSession) {
 		getErrors(mSession);
 		if(mSession->getSessionState() < SESSION_STATE_EMAIL_VERIFICATION_SEND) {
-			state = MAIL_NOT_SEND;
+			//state = MAIL_NOT_SEND;
 		}
 	}
@ -65,8 +65,13 @@ label:not(.grd_radio_label) {
 	<% } else if(state == ASK_VERIFICATION_CODE) { %>
 	<form method="GET">
 		<p>Bitte gebe deinen E-Mail Verification Code ein. </p>
 		<% if(mSession && !mSession->getUser().isNull()) {%>
 			<p>Er wurde an deine E-Mail Adresse: <%= mSession->getUser()->getEmail() %> gesendet.</p>
 		<% } %>
 		<input type="number" name="email-verification-code">
 		<input class="grd_bn_succeed" type="submit" value="Überprüfe Code">
 		<p>Du hast bisher keinen Code erhalten? </p>
 		<p>E-Mail erneut zuschicken (in Arbeit)</p>
 	</form>
 	<% } else { %>
 	<div class="grd_text">
--- a/src/cpsp/passphrase.cpsp
+++ b/src/cpsp/passphrase.cpsp
@ -7,7 +7,7 @@
 <%!
 #include "../model/Profiler.h"
 #include "../SingletonManager/SessionManager.h"
-
+#include "Poco/Net/HTTPServerParams.h"
 enum PageState 
 {
@ -19,6 +19,7 @@ enum PageState
 	PageState state = PAGE_ASK_PASSPHRASE;
 	auto sm = SessionManager::getInstance();
 	auto uri_start = request.serverParams().getServerName();
 	// remove old cookies if exist
 	sm->deleteLoginCookies(request, response, mSession);
 	// save login cookie, because maybe we've get an new session
@ -92,7 +93,7 @@ label:not(.grd_radio_label) {
 		</div>
 	<% } else if(state == PAGE_ASK_PASSPHRASE) { %>
 	<p>Deine E-Mail Adresse wurde erfolgreich bestätigt. </p>
-	<form method="POST" action="./passphrase">
+	<form method="POST" action="<%= uri_start %>/passphrase">
 		<fieldset class="grd_container_small">
 			<legend>Neue Gradido Adresse anlegen / wiederherstellen</legend>
 			<p>Hast du schonmal ein Gradido Konto besessen?</p>
--- a/src/cpsp/updateUserPassword.cpsp
+++ b/src/cpsp/updateUserPassword.cpsp
@ -24,9 +24,11 @@
 				if(user->setNewPassword(form.get("register-password"))) {
 					std::string referUri = request.get("Referer", "./");
 					//printf("[updateUserPasswordPage] referUri: %s\n", referUri.data());
 					mSession->getErrors(user);
 					response.redirect(referUri);
 					return;
 				}
 			}
 		}
 	}