IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

adding json request (currently not used), removing cakephp cookie by login, adding no email option in properties for testing

Browse Source
This commit is contained in:
Dario 2019-12-13 11:11:50 +01:00
parent c9ee1d9178
commit eb1391f003
23 changed files with 484 additions and 157 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
src/cpp/HTTPInterface/CheckEmailPage.cpp
View File

@ -13,7 +13,8 @@
enum PageState
{
MAIL_NOT_SEND,
ASK_VERIFICATION_CODE
ASK_VERIFICATION_CODE,
KONTO_ALREADY_EXIST
};
#line 1 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header.cpsp"
@ -34,7 +35,7 @@ void CheckEmailPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
if (_compressResponse) response.set("Content-Encoding", "gzip");
Poco::Net::HTMLForm form(request, request.stream());
#line 17 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 18 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
const char* pageName = "Email Verification";
auto lm = LanguageManager::getInstance();
@ -119,7 +120,7 @@ void CheckEmailPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << " <div class=\"col-12 logo-section\">\n";
responseStream << " <a href=\"../../index.html\" class=\"logo\">\n";
responseStream << " <img src=\"";
#line 60 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 61 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
responseStream << ( ServerConfig::g_php_serverPath );
responseStream << "img/logo_schrift.webp\" alt=\"logo\" />\n";
responseStream << " </a>\n";
@ -130,25 +131,25 @@ void CheckEmailPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << " <div class=\"grid\">\n";
responseStream << " <div class=\"center-ul-container\">\n";
responseStream << " ";
#line 68 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 69 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
responseStream << ( getErrorsHtml() );
responseStream << "\n";
responseStream << " </div>\n";
responseStream << " <div class=\"grid-body\">\n";
responseStream << " <form action=\"";
#line 71 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 72 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
responseStream << ( ServerConfig::g_php_serverPath );
responseStream << "account/checkEmail\" method=\"GET\">\n";
responseStream << " <div class=\"row pull-right-row\">\n";
responseStream << " <div class=\"equel-grid pull-right\">\n";
responseStream << " <div class=\"grid-body-small text-center\">\n";
responseStream << " <button id=\"flag-england\" name=\"lang-btn\" value=\"en\" title=\"English\" type=\"submit\" ";
#line 75 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 76 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
if(lang != LANG_EN) { responseStream << "class=\"btn btn-outline-secondary flag-btn\"";
#line 75 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 76 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
}
else { responseStream << "class=\"btn btn-secondary disabled flag-btn\" disabled";
#line 76 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 77 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
} responseStream << ">\n";
responseStream << " <span class=\"flag-england\"></span>\n";
responseStream << " </button>\n";
@ -157,12 +158,12 @@ void CheckEmailPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << " <div class=\"equel-grid pull-right\">\n";
responseStream << " <div class=\"grid-body-small text-center\">\n";
responseStream << " <button id=\"flag-germany\" name=\"lang-btn\" value=\"de\" title=\"Deutsch\" type=\"submit\" ";
#line 83 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 84 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
if(lang != LANG_DE) { responseStream << "class=\"btn btn-outline-secondary flag-btn\"";
#line 83 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 84 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
}
else { responseStream << "class=\"btn btn-secondary disabled flag-btn\" disabled";
#line 84 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 85 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
} responseStream << ">\n";
responseStream << " <span class=\"flag-germany\"></span>\n";
responseStream << " </button>\n";
@ -172,51 +173,51 @@ void CheckEmailPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << " <div class=\"item-wrapper\">\n";
responseStream << " <div class=\"form-group\">\n";
responseStream << " <label for=\"email-verification-code\">";
#line 92 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 93 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
responseStream << ( langCatalog->gettext("Bitte gebe deinen E-Mail Verification Code ein:"));
responseStream << "</label>\n";
responseStream << " <input type=\"text\" class=\"form-control\" name=\"email-verification-code\" id=\"email-verification-code\" placeholder=\"";
#line 93 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 94 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
responseStream << ( langCatalog->gettext("Email Verification Code"));
responseStream << "\" ";
#line 93 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 94 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
if(verificationCode) { responseStream << "value=\"";
#line 93 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 94 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
responseStream << ( verificationCode );
responseStream << "\" ";
#line 93 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 94 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
} responseStream << ">\n";
responseStream << " </div>\n";
responseStream << " <button type=\"submit\" class=\"btn btn-sm btn-primary\">";
#line 95 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 96 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
responseStream << ( langCatalog->gettext("&Uuml;berpr&uuml;fe Code"));
responseStream << "</button>\n";
responseStream << " </div>\n";
responseStream << " </form>\n";
responseStream << " <!--<p class=\"margin-top-10\">\n";
responseStream << "\t\t\t\t";
#line 99 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 100 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
responseStream << ( langCatalog->gettext("Du hast bisher keinen Code erhalten?"));
responseStream << "<br> \n";
responseStream << "\t\t\t\t";
#line 100 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 101 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
responseStream << ( langCatalog->gettext("E-Mail erneut zuschicken (in Arbeit)"));
responseStream << "\n";
responseStream << "\t\t\t </p>-->\n";
responseStream << " <p class=\"margin-top-10\">\n";
responseStream << "\t\t\t\t";
#line 103 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 104 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
responseStream << ( langCatalog->gettext("Funktioniert dein E-Mail Verification Code nicht?"));
responseStream << "<br>\n";
responseStream << "\t\t\t\t";
#line 104 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 105 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
responseStream << ( langCatalog->gettext("Schicke uns eine E-Mail und wir k&uuml;mmern uns darum: "));
responseStream << "<br>\n";
responseStream << " <b><a href=\"mailto:coin@gradido.net?subject=Invalid E-Mail Verification Code&amp;body=Hallo Dario,%0D%0A%0D%0Amein E-Mail Verification-Code: ";
#line 105 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 106 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
responseStream << ( verificationCode );
responseStream << " funktioniert nicht,%0D%0Akannst du das prüfen?%0D%0A%0D%0AMit freundlichen Grüßen%0D%0A\">";
#line 105 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
#line 106 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkEmail.cpsp"
responseStream << ( langCatalog->gettext("E-Mail an Support schicken"));
responseStream << "</a></b>\n";
responseStream << "\t\t\t </p>\n";

15
src/cpp/HTTPInterface/DashboardPage.cpp
View File

@ -28,12 +28,8 @@ void DashboardPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::N
if (_compressResponse) response.set("Content-Encoding", "gzip");
Poco::Net::HTMLForm form(request, request.stream());
std::ostream& _responseStream = response.send();
Poco::DeflatingOutputStream _gzipStream(_responseStream, Poco::DeflatingStreamBuf::STREAM_GZIP, 1);
std::ostream& responseStream = _compressResponse ? _gzipStream : _responseStream;
responseStream << "\n";
#line 11 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
const char* pageName = "Dashboard";
//Poco::Net::NameValueCollection cookies;
//request.getCookies(cookies);
@ -43,6 +39,10 @@ void DashboardPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::N
auto uri_start = ServerConfig::g_serverPath;//request.serverParams().getServerName();
response.redirect(ServerConfig::g_php_serverPath + "/");
return;
std::ostream& _responseStream = response.send();
Poco::DeflatingOutputStream _gzipStream(_responseStream, Poco::DeflatingStreamBuf::STREAM_GZIP, 1);
std::ostream& responseStream = _compressResponse ? _gzipStream : _responseStream;
responseStream << "\n";
// begin include header_old.cpsp
responseStream << "\n";
responseStream << "<!DOCTYPE html>\n";
@ -100,7 +100,10 @@ void DashboardPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::N
responseStream << "<body>\n";
responseStream << "<div class=\"versionstring dev-info\">\n";
responseStream << "\t<p class=\"grd_small\">Login Server in Entwicklung</p>\n";
responseStream << "\t<p class=\"grd_small\">Alpha 0.8.1</p>\n";
responseStream << "\t<p class=\"grd_small\">Alpha ";
#line 53 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
responseStream << ( ServerConfig::g_versionString );
responseStream << "</p>\n";
responseStream << "</div>\n";
responseStream << "<!--<nav class=\"grd-left-bar expanded\" data-topbar role=\"navigation\">\n";
responseStream << "\t<div class=\"grd-left-bar-section\">\n";

59
src/cpp/HTTPInterface/ElopageWebhook.cpp
View File

@ -315,29 +315,50 @@ int HandleElopageRequestTask::run()
// write email verification code into db
UniLib::controller::TaskPtr saveEmailVerificationCode(new ModelInsertTask(emailVerification));
saveEmailVerificationCode->scheduleTask(saveEmailVerificationCode);
int noEMail = 0;
// send email to user
auto message = new Poco::Net::MailMessage;
std::string noEmailString = mRequestData.get("noEmail", "0");
try {
noEMail = stoi(noEmailString);
}
catch (const std::invalid_argument& ia) {
std::cerr << __FUNCTION__ << " Invalid argument: " << ia.what() << ", str: " << noEmailString << '\n';
}
catch (const std::out_of_range& oor) {
std::cerr << __FUNCTION__ << " Out of Range error: " << oor.what() << '\n';
}
catch (const std::logic_error & ler) {
std::cerr << __FUNCTION__ << " Logical error: " << ler.what() << '\n';
}
catch (...) {
std::cerr << __FUNCTION__ << " Unknown error" << '\n';
}
message->addRecipient(Poco::Net::MailRecipient(Poco::Net::MailRecipient::PRIMARY_RECIPIENT, mEmail));
message->setSubject("Gradido: E-Mail Verification");
std::stringstream ss;
ss << "Hallo " << mFirstName << " " << mLastName << "," << std::endl << std::endl;
ss << "Du oder jemand anderes hat sich soeben mit dieser E-Mail Adresse bei Gradido registriert. " << std::endl;
ss << "Wenn du es warst, klicke bitte auf den Link: " << ServerConfig::g_serverPath << "/checkEmail/" << emailVerification->getCode() << std::endl;
//ss << "oder kopiere den Code: " << mEmailVerificationCode << " selbst dort hinein." << std::endl;
ss << "oder kopiere den obigen Link in Dein Browserfenster." << std::endl;
ss << std::endl;
ss << "Mit freundlichen " << u8"Grüßen" << std::endl;
ss << "Dario, Gradido Server Admin" << std::endl;
if (noEMail != 1) {
message->addContent(new Poco::Net::StringPartSource(ss.str()));
// send email to user
auto message = new Poco::Net::MailMessage;
UniLib::controller::TaskPtr sendEmail(new SendEmailTask(message, ServerConfig::g_CPUScheduler, 1));
sendEmail->setParentTaskPtrInArray(prepareEmail, 0);
sendEmail->setParentTaskPtrInArray(saveEmailVerificationCode, 1);
sendEmail->scheduleTask(sendEmail);
message->addRecipient(Poco::Net::MailRecipient(Poco::Net::MailRecipient::PRIMARY_RECIPIENT, mEmail));
message->setSubject("Gradido: E-Mail Verification");
std::stringstream ss;
ss << "Hallo " << mFirstName << " " << mLastName << "," << std::endl << std::endl;
ss << "Du oder jemand anderes hat sich soeben mit dieser E-Mail Adresse bei Gradido registriert. " << std::endl;
ss << "Wenn du es warst, klicke bitte auf den Link: " << ServerConfig::g_serverPath << "/checkEmail/" << emailVerification->getCode() << std::endl;
//ss << "oder kopiere den Code: " << mEmailVerificationCode << " selbst dort hinein." << std::endl;
ss << "oder kopiere den obigen Link in Dein Browserfenster." << std::endl;
ss << std::endl;
ss << "Mit freundlichen " << u8"Grüßen" << std::endl;
ss << "Dario, Gradido Server Admin" << std::endl;
message->addContent(new Poco::Net::StringPartSource(ss.str()));
UniLib::controller::TaskPtr sendEmail(new SendEmailTask(message, ServerConfig::g_CPUScheduler, 1));
sendEmail->setParentTaskPtrInArray(prepareEmail, 0);
sendEmail->setParentTaskPtrInArray(saveEmailVerificationCode, 1);
sendEmail->scheduleTask(sendEmail);
}
}
// if errors occured, send via email

84
src/cpp/HTTPInterface/LoginPage.cpp
View File

@ -5,7 +5,7 @@
#include "Poco/DeflatingStream.h"
#line 6 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 7 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#include "../gettext.h"
@ -20,6 +20,12 @@
#include "../ServerConfig.h"
LoginPage::LoginPage(Session* arg):
SessionHTTPRequestHandler(arg)
{
}
void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response)
{
response.setChunkedTransferEncoding(true);
@ -28,7 +34,7 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
if (_compressResponse) response.set("Content-Encoding", "gzip");
Poco::Net::HTMLForm form(request, request.stream());
#line 16 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 17 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
const char* pageName = "Login";
auto sm = SessionManager::getInstance();
@ -37,6 +43,11 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
auto lang = chooseLanguage(request);
auto langCatalog = lm->getFreeCatalog(lang);
std::string presetEmail("");
if(mSession && mSession->getUser()) {
presetEmail = mSession->getUser()->getEmail();
}
if(!form.empty()) {
bool langUpdatedByBtn = false;
auto langBtn = form.get("lang-btn", "");
@ -58,10 +69,10 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
auto password = form.get("login-password", "");
if(email != "" && password != "") {
auto session = sm->getSession(request);
if(!session) {
session = sm->getNewSession();
session->setLanguageCatalog(langCatalog);
//auto session = sm->getSession(request);
if(!mSession) {
mSession = sm->getNewSession();
mSession->setLanguageCatalog(langCatalog);
// get language
// first check url, second check language header
// for debugging client ip
@ -71,13 +82,13 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
Poco::Logger::get("requestLog").information(clientIpString);
// debugging end
auto user_host = request.clientAddress().host();
session->setClientIp(user_host);
response.addCookie(session->getLoginCookie());
mSession->setClientIp(user_host);
response.addCookie(mSession->getLoginCookie());
} else {
langCatalog = session->getLanguageCatalog();
langCatalog = mSession->getLanguageCatalog();
}
auto userState = session->loadUser(email, password);
getErrors(session);
auto userState = mSession->loadUser(email, password);
getErrors(mSession);
auto uri_start = request.serverParams().getServerName();
@ -87,7 +98,7 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
addError(new Error(langCatalog->gettext("Login"), langCatalog->gettext("E-Mail or password isn't right, please try again!")));
break;
case USER_EMAIL_NOT_ACTIVATED:
session->addError(new Error(langCatalog->gettext("Account"), langCatalog->gettext("E-Mail Address not checked, do you already get one?")));
mSession->addError(new Error(langCatalog->gettext("Account"), langCatalog->gettext("E-Mail Address not checked, do you already get one?")));
response.redirect(ServerConfig::g_serverPath + "/checkEmail");
return;
case USER_NO_KEYS:
@ -105,10 +116,11 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
} else {
// on enter login page with empty form
auto session = sm->getSession(request);
//auto session = sm->getSession(request);
// remove old cookies and session if exist
if(session) {
sm->releaseSession(session);
if(mSession) {
getErrors(mSession);
sm->releaseSession(mSession);
}
sm->deleteLoginCookies(request, response);
}
@ -133,10 +145,13 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
responseStream << ( ServerConfig::g_php_serverPath );
responseStream << "css/loginServer/style.css\">\n";
responseStream << "</head>\n";
responseStream << "<body>\n";
responseStream << "<body class=\"header-fixed\">\n";
responseStream << "<div class=\"versionstring dev-info\">\n";
responseStream << "\t<p class=\"grd_small\">Login Server in Entwicklung</p>\n";
responseStream << "\t<p class=\"grd_small\">Alpha 0.8.0</p>\n";
responseStream << "\t<p class=\"grd_small\">Alpha ";
#line 15 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header.cpsp"
responseStream << ( ServerConfig::g_versionString );
responseStream << "</p>\n";
responseStream << "</div>\n";
responseStream << "<!--<nav class=\"grd-left-bar expanded\" data-topbar role=\"navigation\">\n";
responseStream << "\t<div class=\"grd-left-bar-section\">\n";
@ -156,7 +171,7 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
responseStream << " <div class=\"col-12 logo-section\">\n";
responseStream << " <a href=\"../../index.html\" class=\"logo\">\n";
responseStream << " <img src=\"";
#line 105 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 112 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( ServerConfig::g_php_serverPath );
responseStream << "img/logo_schrift.webp\" alt=\"logo\" />\n";
responseStream << " </a>\n";
@ -167,29 +182,29 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
responseStream << " <div class=\"grid\">\n";
responseStream << "\t\t\t<div class=\"center-ul-container\">\n";
responseStream << "\t\t\t\t";
#line 113 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 120 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( getErrorsHtml() );
responseStream << "\t \n";
responseStream << "\t\t\t</div>\n";
responseStream << " <div class=\"grid-body\">\n";
responseStream << " <form action=\"";
#line 116 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 123 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( ServerConfig::g_serverPath );
responseStream << "/\" method=\"POST\">\n";
responseStream << "\t\t\t <input type=\"hidden\" name=\"lang\" value=\"";
#line 117 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 124 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( LanguageManager::keyForLanguage(lang) );
responseStream << "\">\n";
responseStream << " <div class=\"row pull-right-row\">\n";
responseStream << " <div class=\"equel-grid pull-right\">\n";
responseStream << " <div class=\"grid-body-small text-center\">\n";
responseStream << " <button id=\"flag-england\" name=\"lang-btn\" value=\"en\" title=\"English\" type=\"submit\" ";
#line 121 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 128 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
if(lang != LANG_EN) { responseStream << "class=\"btn btn-outline-secondary flag-btn\"";
#line 121 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 128 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
}
else { responseStream << "class=\"btn btn-secondary disabled flag-btn\" disabled";
#line 122 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 129 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
} responseStream << ">\n";
responseStream << " <span class=\"flag-england\"></span>\n";
responseStream << " </button>\n";
@ -198,12 +213,12 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
responseStream << " <div class=\"equel-grid pull-right\">\n";
responseStream << " <div class=\"grid-body-small text-center\">\n";
responseStream << " <button id=\"flag-germany\" name=\"lang-btn\" value=\"de\" title=\"Deutsch\" type=\"submit\" ";
#line 129 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 136 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
if(lang != LANG_DE) { responseStream << "class=\"btn btn-outline-secondary flag-btn\"";
#line 129 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 136 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
}
else { responseStream << "class=\"btn btn-secondary disabled flag-btn\" disabled";
#line 130 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 137 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
} responseStream << ">\n";
responseStream << " <span class=\"flag-germany\"></span>\n";
responseStream << " </button>\n";
@ -214,27 +229,30 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
responseStream << " <div class=\"col-lg-7 col-md-8 col-sm-9 col-12 mx-auto form-wrapper\">\n";
responseStream << " <div class=\"form-group input-rounded\">\n";
responseStream << " <input type=\"text\" class=\"form-control\" name=\"login-email\" placeholder=\"";
#line 139 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 146 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( langCatalog->gettext("E-Mail") );
responseStream << "\" />\n";
responseStream << "\" value=\"";
#line 146 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( presetEmail );
responseStream << "\"/>\n";
responseStream << " </div>\n";
responseStream << " <div class=\"form-group input-rounded\">\n";
responseStream << " <input type=\"password\" class=\"form-control\" name=\"login-password\" placeholder=\"";
#line 142 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 149 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( langCatalog->gettext("Password") );
responseStream << "\" />\n";
responseStream << " </div>\n";
responseStream << " <button type=\"submit\" name=\"submit\" class=\"btn btn-primary btn-block\">";
#line 144 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 151 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( langCatalog->gettext(" Login ") );
responseStream << "</button>\n";
responseStream << " <div class=\"signup-link\">\n";
responseStream << " <p>";
#line 146 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 153 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( langCatalog->gettext("You haven't any account yet? Please follow the link to create one.") );
responseStream << "</p>\n";
responseStream << " <a href=\"https://gradido.com\">";
#line 147 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 154 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( langCatalog->gettext("Create New Account") );
responseStream << "</a>\n";
responseStream << " </div>\n";

6
src/cpp/HTTPInterface/LoginPage.h
View File

@ -5,12 +5,14 @@
#include "Poco/Net/HTTPRequestHandler.h"
#include "PageRequestMessagedHandler.h"
#include "SessionHTTPRequestHandler.h"
class LoginPage: public PageRequestMessagedHandler
class LoginPage: public SessionHTTPRequestHandler
{
public:
LoginPage(Session*);
void handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response);
};

45
src/cpp/HTTPInterface/PageRequestHandlerFactory.cpp
View File

@ -100,25 +100,31 @@ Poco::Net::HTTPRequestHandler* PageRequestHandlerFactory::createRequestHandler(c
pageRequestHandler->setProfiler(timeUsed);
return pageRequestHandler;
}
if (url_first_part == "/error500") {
auto pageRequestHandler = new Error500Page(s);
pageRequestHandler->setProfiler(timeUsed);
return pageRequestHandler;
}
if(url_first_part == "/logout") {
sm->releaseSession(s);
// remove cookie
// remove cookie(s)
//printf("session released\n");
auto pageRequestHandler = new LoginPage;
auto pageRequestHandler = new LoginPage(nullptr);
pageRequestHandler->setProfiler(timeUsed);
return pageRequestHandler;
}
if(url_first_part == "/user_delete") {
if(s->deleteUser()) {
sm->releaseSession(s);
auto pageRequestHandler = new LoginPage;
auto pageRequestHandler = new LoginPage(nullptr);
pageRequestHandler->setProfiler(timeUsed);
return pageRequestHandler;
}
}
auto sessionState = s->getSessionState();
printf("session state: %s\n", s->getSessionStateString());
if(sessionState == SESSION_STATE_EMAIL_VERIFICATION_CODE_CHECKED ||
sessionState == SESSION_STATE_PASSPHRASE_GENERATED) {
//if (url_first_part == "/passphrase") {
@ -152,12 +158,12 @@ Poco::Net::HTTPRequestHandler* PageRequestHandlerFactory::createRequestHandler(c
return new ConfigPage;
}
else if (url_first_part == "/login") {
auto pageRequestHandler = new LoginPage;
auto pageRequestHandler = new LoginPage(nullptr);
pageRequestHandler->setProfiler(timeUsed);
return pageRequestHandler;
}
}
auto pageRequestHandler = new LoginPage;
auto pageRequestHandler = new LoginPage(nullptr);
pageRequestHandler->setProfiler(timeUsed);
return pageRequestHandler;
//return new HandleFileRequest;
@ -245,14 +251,39 @@ Poco::Net::HTTPRequestHandler* PageRequestHandlerFactory::handleCheckEmail(Sessi
pageRequestHandler->setProfiler(timeUsed);
return pageRequestHandler;
}
/*
//! \return 1 = konto already exist
//! -1 = invalid code
//! -2 = critical error
//! 0 = ok
*/
// update session, mark as verified
if (session->updateEmailVerification(verificationCode)) {
int retUpdateEmailVerification = session->updateEmailVerification(verificationCode);
if (0 == retUpdateEmailVerification) {
printf("[PageRequestHandlerFactory::handleCheckEmail] timeUsed: %s\n", timeUsed.string().data());
auto pageRequestHandler = new PassphrasePage(session);
pageRequestHandler->setProfiler(timeUsed);
return pageRequestHandler;
}
else if (1 == retUpdateEmailVerification) {
auto user = session->getUser();
LoginPage* loginPage = new LoginPage(session);
loginPage->setProfiler(timeUsed);
return loginPage;
}
else if (-1 == retUpdateEmailVerification) {
auto checkEmail = new CheckEmailPage(session);
checkEmail->setProfiler(timeUsed);
checkEmail->getErrors(session);
sm->releaseSession(session);
return checkEmail;
}
else if (-2 == retUpdateEmailVerification) {
auto errorPage = new Error500Page(session);
errorPage->setProfiler(timeUsed);
return errorPage;
}
}
if (session) {

31
src/cpp/HTTPInterface/UpdateUserPasswordPage.cpp
View File

@ -9,7 +9,7 @@
#include "../SingletonManager/SessionManager.h"
#include "Poco/Net/HTTPCookie.h"
#line 1 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header.cpsp"
#line 1 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
#include "../ServerConfig.h"
@ -48,9 +48,17 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request
if(user->setNewPassword(form.get("register-password"))) {
//std::string referUri = request.get("Referer", uri_start + "/");
//printf("[updateUserPasswordPage] redirect to referUri: %s\n", referUri.data());
// I think we can savly assume that this session was loaded from verification code
mSession->updateEmailVerification(mSession->getEmailVerificationCode());
//! \return 1 = konto already activated
//! -1 = invalid code
//! -2 = critical error
//! 0 = ok
auto ret = mSession->updateEmailVerification(mSession->getEmailVerificationCode());
mSession->getErrors(user);
if(-2 == ret || -1 == ret || 1 == ret) {
response.redirect(uri_start + "/error500");
}
response.redirect(uri_start + "/passphrase");
return;
}
@ -64,20 +72,20 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request
Poco::DeflatingOutputStream _gzipStream(_responseStream, Poco::DeflatingStreamBuf::STREAM_GZIP, 1);
std::ostream& responseStream = _compressResponse ? _gzipStream : _responseStream;
responseStream << "\n";
// begin include header.cpsp
// begin include header_old.cpsp
responseStream << "\n";
responseStream << "<!DOCTYPE html>\n";
responseStream << "<html>\n";
responseStream << "<head>\n";
responseStream << "<meta charset=\"UTF-8\">\n";
responseStream << "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1, shrink-to-fit=no\">\n";
responseStream << "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n";
responseStream << "<title>Gradido Login Server: ";
#line 9 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header.cpsp"
#line 9 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
responseStream << ( pageName );
responseStream << "</title>\n";
responseStream << "<!--<link rel=\"stylesheet\" type=\"text/css\" href=\"css/styles.min.css\">-->\n";
responseStream << "<link rel=\"stylesheet\" type=\"text/css\" href=\"";
#line 11 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header.cpsp"
#line 11 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
responseStream << ( ServerConfig::g_php_serverPath );
responseStream << "/css/styles.css\">\n";
responseStream << "<style type=\"text/css\" >\n";
@ -121,25 +129,28 @@ void UpdateUserPasswordPage::handleRequest(Poco::Net::HTTPServerRequest& request
responseStream << "<body>\n";
responseStream << "<div class=\"versionstring dev-info\">\n";
responseStream << "\t<p class=\"grd_small\">Login Server in Entwicklung</p>\n";
responseStream << "\t<p class=\"grd_small\">Alpha 0.6.0</p>\n";
responseStream << "\t<p class=\"grd_small\">Alpha ";
#line 53 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
responseStream << ( ServerConfig::g_versionString );
responseStream << "</p>\n";
responseStream << "</div>\n";
responseStream << "<!--<nav class=\"grd-left-bar expanded\" data-topbar role=\"navigation\">\n";
responseStream << "\t<div class=\"grd-left-bar-section\">\n";
responseStream << "\t\t<ul class=\"grd-no-style\">\n";
responseStream << "\t\t <li><a href=\"";
#line 58 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header.cpsp"
#line 58 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
responseStream << ( ServerConfig::g_php_serverPath );
responseStream << "\" class=\"grd-nav-bn\">Startseite</a>\n";
responseStream << "\t\t <li><a href=\"./account/logout\" class=\"grd-nav-bn\">Logout</a></li>\n";
responseStream << "\t\t</ul>\n";
responseStream << "\t</div>\n";
responseStream << "</nav>-->";
// end include header.cpsp
// end include header_old.cpsp
responseStream << "\n";
responseStream << "<div class=\"grd_container\">\n";
responseStream << "\t<h1>Passwort bestimmen</h1>\n";
responseStream << "\t";
#line 44 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\UpdateUserPassword.cpsp"
#line 52 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\UpdateUserPassword.cpsp"
responseStream << ( getErrorsHtml() );
responseStream << "\n";
responseStream << "\t<form method=\"POST\">\t\n";

2
src/cpp/ServerConfig.cpp
View File

@ -45,6 +45,7 @@ namespace ServerConfig {
Poco::Mutex g_TimeMutex;
int g_FakeLoginSleepTime = 820;
std::string g_versionString = "";
bool g_disableEmail = false;
bool loadMnemonicWordLists()
{
@ -106,6 +107,7 @@ namespace ServerConfig {
bool initEMailAccount(const Poco::Util::LayeredConfiguration& cfg)
{
g_disableEmail = cfg.getBool("email.disable", false);
g_EmailAccount.sender = cfg.getString("email.sender");
g_EmailAccount.username = cfg.getString("email.username");
g_EmailAccount.password = cfg.getString("email.password");

3
src/cpp/ServerConfig.h
View File

@ -11,6 +11,8 @@
#include "SingletonManager/LanguageManager.h"
#define DISABLE_EMAIL
namespace ServerConfig {
enum Mnemonic_Types {
@ -45,6 +47,7 @@ namespace ServerConfig {
extern Poco::Mutex g_TimeMutex;
extern int g_FakeLoginSleepTime;
extern std::string g_versionString;
extern bool g_disableEmail;
bool loadMnemonicWordLists();
bool initServerCrypto(const Poco::Util::LayeredConfiguration& cfg);

15
src/cpp/SingletonManager/SessionManager.cpp
View File

@ -229,10 +229,10 @@ bool SessionManager::releaseSession(int requestHandleSession)
}
else {
ErrorList errors;
errors.addError(new Error("SessionManager::releaseSession", "found dead locked session, keeping in memory without reference"));
errors.addError(new Error("SessionManager::releaseSession", "found dead locked session"));
errors.sendErrorsAsEmail();
mRequestSessionMap.erase(requestHandleSession);
delete session;
return true;
}
@ -432,6 +432,17 @@ void SessionManager::deleteLoginCookies(Poco::Net::HTTPServerRequest& request, P
keks.setMaxAge(0);
response.addCookie(keks);
}
// delete also cake php session cookie
for (auto it = cookies.find("CAKEPHP"); it != cookies.end(); it++) {
if (it->first != "CAKEPHP") break;
// delete cookie
auto keks = Poco::Net::HTTPCookie("CAKEPHP", it->second);
keks.setPath("/");
// max age of 0 delete cookie
keks.setMaxAge(0);
response.addCookie(keks);
}
//session_id = atoi(cookies.get("GRADIDO_LOGIN").data());
}

4
src/cpp/lib/ErrorList.cpp
View File

@ -14,9 +14,7 @@ SendErrorMessage::~SendErrorMessage()
int SendErrorMessage::run()
{
#ifdef DISABLE_EMAIL
return 0;
#endif
if (ServerConfig::g_disableEmail) return 0;
auto mailClientSession = new Poco::Net::SecureSMTPClientSession(ServerConfig::g_EmailAccount.url, ServerConfig::g_EmailAccount.port);
mailClientSession->login();

102
src/cpp/lib/JsonRequest.cpp Normal file
View File

@ -0,0 +1,102 @@
#include "JsonRequest.h"
#include "Profiler.h"
#include "Poco/JSON/Object.h"
#include "Poco/Net/HTTPSClientSession.h"
#include "Poco/Net/HTTPRequest.h"
#include "Poco/Net/HTTPResponse.h"
#include "Poco/JSON/Parser.h"
JsonRequest::JsonRequest(const std::string& serverHost, int serverPort)
: mServerHost(serverHost), mServerPort(serverPort)
{
}
JsonRequest::~JsonRequest()
{
}
JsonRequestReturn JsonRequest::request(const char* methodName, const Poco::Net::NameValueCollection& payload)
{
static const char* functionName = "JsonRequest::request";
Poco::JSON::Object requestJson;
requestJson.set("method", methodName);
for(auto it = payload.begin(); it != payload.end(); it++) {
requestJson.set(it->first, it->second);
}
//requestJson.set("user", std::string(mSessionUser->getPublicKeyHex()));
// send post request via https
// 443 = HTTPS Default
// TODO: adding port into ServerConfig
try {
Profiler phpRequestTime;
Poco::Net::HTTPSClientSession httpsClientSession(mServerHost, mServerPort);
Poco::Net::HTTPRequest request(Poco::Net::HTTPRequest::HTTP_POST, "/TransactionJsonRequestHandler");
request.setChunkedTransferEncoding(true);
std::ostream& requestStream = httpsClientSession.sendRequest(request);
requestJson.stringify(requestStream);
Poco::Net::HTTPResponse response;
std::istream& request_stream = httpsClientSession.receiveResponse(response);
// debugging answer
std::stringstream responseStringStream;
for (std::string line; std::getline(request_stream, line); ) {
responseStringStream << line << std::endl;
}
Poco::Logger& speedLog = Poco::Logger::get("SpeedLog");
speedLog.information("[%s] php server time: %s", methodName, phpRequestTime.string());
// extract parameter from request
Poco::JSON::Parser jsonParser;
Poco::Dynamic::Var parsedJson;
try {
parsedJson = jsonParser.parse(responseStringStream.str());
}
catch (Poco::Exception& ex) {
addError(new ParamError(functionName, "error parsing request answer", ex.displayText().data()));
std::string fileName = "response_";
fileName += methodName;
fileName += ".html";
FILE* f = fopen(fileName.data(), "wt");
std::string responseString = responseStringStream.str();
fwrite(responseString.data(), 1, responseString.size(), f);
fclose(f);
// */
sendErrorsAsEmail(responseStringStream.str());
return JSON_REQUEST_RETURN_PARSE_ERROR;
}
Poco::JSON::Object object = *parsedJson.extract<Poco::JSON::Object::Ptr>();
auto state = object.get("state");
std::string stateString = state.convert<std::string>();
if (stateString == "error") {
addError(new Error(functionName, "php server return error"));
if (!object.isNull("msg")) {
addError(new ParamError(functionName, "msg:", object.get("msg").convert<std::string>().data()));
}
if (!object.isNull("details")) {
addError(new ParamError(functionName, "details:", object.get("details").convert<std::string>().data()));
}
sendErrorsAsEmail();
return JSON_REQUEST_RETURN_ERROR;
}
}
catch (Poco::Exception& e) {
addError(new ParamError(functionName, "connect error to php server", e.displayText().data()));
sendErrorsAsEmail();
return JSON_REQUEST_CONNECT_ERROR;
}
return JSON_REQUEST_RETURN_OK;
}

39
src/cpp/lib/JsonRequest.h Normal file
View File

@ -0,0 +1,39 @@
/*!
*
* \author: Dario Rekowski
*
* \date: 13.12.2019
*
* \brief: Class for Json Requests to php server
*
*/
#include "ErrorList.h"
#include "Poco/Net/NameValueCollection.h"
#ifndef __GRADIDO_LOGIN_SERVER_LIB_JSON_REQUEST_
#define __GRADIDO_LOGIN_SERVER_LIB_JSON_REQUEST_
enum JsonRequestReturn
{
JSON_REQUEST_RETURN_OK,
JSON_REQUEST_RETURN_PARSE_ERROR,
JSON_REQUEST_RETURN_ERROR,
JSON_REQUEST_CONNECT_ERROR
};
class JsonRequest : public ErrorList
{
public:
JsonRequest(const std::string& serverHost, int serverPort);
~JsonRequest();
JsonRequestReturn request(const char* methodName, const Poco::Net::NameValueCollection& payload);
protected:
int mServerPort;
std::string mServerHost;
};
#endif //__GRADIDO_LOGIN_SERVER_LIB_JSON_REQUEST_

100
src/cpp/model/Session.cpp
View File

@ -14,6 +14,8 @@
#include "../tasks/SendEmailTask.h"
#include "../tasks/SigningTransaction.h"
#include "../lib/JsonRequest.h"
#include "sodium.h"
@ -90,7 +92,10 @@ Session::Session(int handle)
Session::~Session()
{
//printf("[Session::~Session] \n");
reset();
if (tryLock()) {
unlock();
reset();
}
//printf("[Session::~Session] finished \n");
}
@ -237,11 +242,12 @@ bool Session::createUser(const std::string& first_name, const std::string& last_
return true;
}
bool Session::updateEmailVerification(Poco::UInt64 emailVerificationCode)
int Session::updateEmailVerification(Poco::UInt64 emailVerificationCode)
{
lock("Session::updateEmailVerification");
Profiler usedTime;
const static char* funcName = "Session::updateEmailVerification";
lock(funcName);
Profiler usedTime;
auto em = ErrorManager::getInstance();
if(mEmailVerificationCode == emailVerificationCode) {
if (mSessionUser && mSessionUser->getDBId() == 0) {
@ -253,11 +259,55 @@ bool Session::updateEmailVerification(Poco::UInt64 emailVerificationCode)
// load correct user from db
auto dbConnection = ConnectionManager::getInstance()->getConnection(CONNECTION_MYSQL_LOGIN_SERVER);
Poco::Data::Statement update(dbConnection);
Poco::Data::Statement select(dbConnection);
bool emailChecked = false;
int userId = 0;
select << "SELECT email_checked, id from users where id = (SELECT user_id FROM email_opt_in where verification_code=?)",
into(emailChecked), into(userId), use(emailVerificationCode);
update << "UPDATE users SET email_checked=1 where id = (SELECT user_id FROM email_opt_in where verification_code=?)", use(emailVerificationCode);
auto updated_rows = update.execute();
if (updated_rows == 1) {
try {
select.execute();
}
catch (Poco::Exception& ex) {
em->addError(new ParamError(funcName, "select user from email verification code mysql error ", ex.displayText().data()));
em->sendErrorsAsEmail();
}
if (userId != 0 && emailChecked) {
mSessionUser = new User(userId);
addError(new Error(gettext("E-Mail Verification"), gettext("Du hast dein Konto bereits aktiviert!")));
unlock();
return 1;
}
if (userId == 0) {
addError(new Error(gettext("E-Mail Verification"), gettext("Der Code stimmt nicht, bitte &uuml;berpr&uuml;fe ihn nochmal oder registriere dich erneut oder wende dich an den Server-Admin")));
//printf("[%s] time: %s\n", funcName, usedTime.string().data());
unlock();
return -1;
}
Poco::Data::Statement update(dbConnection);
update << "UPDATE users SET email_checked=1 where id = ?", use(userId);
try {
auto updated_rows = update.execute();
if (!updated_rows) {
//addError(new Error(gettext("E-Mail Verification"), gettext("Der Code stimmt nicht, bitte &uuml;berpr&uuml;fe ihn nochmal oder registriere dich erneut oder wende dich an den Server-Admin")));
//printf("[%s] time: %s\n", funcName, usedTime.string().data());
em->addError(new Error(funcName, "impossible error, update users failed with shortly before acquired user id "));
em->sendErrorsAsEmail();
unlock();
return -2;
}
updateState(SESSION_STATE_EMAIL_VERIFICATION_CODE_CHECKED);
}
catch (Poco::Exception& ex) {
em->addError(new ParamError(funcName, "update user from email verification code mysql error ", ex.displayText().data()));
em->sendErrorsAsEmail();
unlock();
return -2;
}
/*if (updated_rows == 1) {
Poco::Data::Statement delete_row(dbConnection);
delete_row << "DELETE FROM email_opt_in where verification_code = ?", use(emailVerificationCode);
if (delete_row.execute() != 1) {
@ -276,24 +326,19 @@ bool Session::updateEmailVerification(Poco::UInt64 emailVerificationCode)
else {
em->addError(new ParamError(funcName, "update user work not like expected, updated row count", updated_rows));
em->sendErrorsAsEmail();
}
if (!updated_rows) {
addError(new Error(gettext("E-Mail Verification"), gettext("Der Code stimmt nicht, bitte &uuml;berpr&uuml;fe ihn nochmal oder registriere dich erneut oder wende dich an den Server-Admin")));
printf("[%s] time: %s\n", funcName, usedTime.string().data());
unlock();
return false;
}
}*/
}
else {
addError(new Error(gettext("E-Mail Verification"), gettext("Falscher Code f&uuml;r aktiven Login")));
printf("[%s] time: %s\n", funcName, usedTime.string().data());
//printf("[%s] time: %s\n", funcName, usedTime.string().data());
unlock();
return false;
return -1;
}
//printf("[%s] time: %s\n", funcName, usedTime.string().data());
unlock();
return false;
return 0;
}
bool Session::startProcessingTransaction(const std::string& proto_message_base64)
@ -444,7 +489,24 @@ bool Session::deleteUser()
lock("Session::deleteUser");
bool bResult = false;
if(mSessionUser) {
bResult = mSessionUser->deleteFromDB();
JsonRequest phpServerRequest(ServerConfig::g_php_serverHost, 443);
Poco::Net::NameValueCollection payload;
payload.add("user", std::string(mSessionUser->getPublicKeyHex()));
//auto ret = phpServerRequest.request("userDelete", payload);
JsonRequestReturn ret = JSON_REQUEST_RETURN_OK;
if (ret == JSON_REQUEST_RETURN_ERROR) {
addError(new Error("Session::deleteUser", "php server error"));
getErrors(&phpServerRequest);
sendErrorsAsEmail();
}
else if (ret == JSON_REQUEST_RETURN_OK) {
bResult = mSessionUser->deleteFromDB();
}
else {
addError(new Error(gettext("Benutzer"), gettext("Konnte Community Server nicht erreichen. E-Mail an den Admin ist raus.")));
unlock();
return false;
}
}
if(!bResult) {
addError(new Error(gettext("Benutzer"), gettext("Fehler beim L&ouml;schen des Accounts. Bitte logge dich erneut ein und versuche es nochmal.")));

6
src/cpp/model/Session.h
View File

@ -66,7 +66,11 @@ public:
bool loadFromEmailVerificationCode(Poco::UInt64 emailVerificationCode);
bool updateEmailVerification(Poco::UInt64 emailVerificationCode);
//! \return 1 = konto already exist
//! -1 = invalid code
//! -2 = critical error
//! 0 = ok
int updateEmailVerification(Poco::UInt64 emailVerificationCode);

11
src/cpp/model/User.cpp
View File

@ -102,6 +102,7 @@ int UserWriteKeysIntoDB::run()
auto session = cm->getConnection(CONNECTION_MYSQL_LOGIN_SERVER);
auto keyPairs = getParent(0).cast<UserGenerateKeys>()->getKeyPairs();
auto pubKey = keyPairs->getPublicKey();
static const char* functionName = "UserWritePrivKeyIntoDB::run";
//printf("[UserWriteKeysIntoDB] after init\n");
@ -115,7 +116,11 @@ int UserWriteKeysIntoDB::run()
//printf("[UserWriteKeysIntoDB] privKey hex: %s\n", KeyPair::getHex(*privKey, privKey->size()).data());
auto encryptedPrivKey = mUser->encrypt(privKey);
//pprivkey_blob = mUser->encrypt(privKey);
if (!encryptedPrivKey) {
em->addError(new Error(functionName, "no privkey found"));
em->sendErrorsAsEmail();
return -1;
}
pprivkey_blob = new Poco::Data::BLOB(*encryptedPrivKey, encryptedPrivKey->size());
//printf("[UserWriteKeysIntoDB] privkey encrypted\n");
//Poco::Data::BLOB privkey_blob(*privKey, privKey->size());
@ -130,7 +135,7 @@ int UserWriteKeysIntoDB::run()
try {
if (update.execute() != 1) {
em->addError(new ParamError("UserWritePrivKeyIntoDB::run", "error writing keys into db for user", std::to_string(mUser->getDBId())));
em->addError(new ParamError(functionName, "error writing keys into db for user", std::to_string(mUser->getDBId())));
em->sendErrorsAsEmail();
if (pprivkey_blob) {
delete pprivkey_blob;
@ -139,7 +144,7 @@ int UserWriteKeysIntoDB::run()
}
}
catch (Poco::Exception& ex) {
em->addError(new ParamError("UserWritePrivKeyIntoDB::run", "mysql error updating", ex.displayText().data()));
em->addError(new ParamError(functionName, "mysql error updating", ex.displayText().data()));
em->sendErrorsAsEmail();
if (pprivkey_blob) {
delete pprivkey_blob;

9
src/cpp/tasks/PrepareEmailTask.cpp
View File

@ -20,9 +20,7 @@ PrepareEmailTask::~PrepareEmailTask()
int PrepareEmailTask::run()
{
#ifdef DISABLE_EMAIL
return 0;
#endif
if (ServerConfig::g_disableEmail) return 0;
Profiler timeUsed;
mMailClientSession = new Poco::Net::SecureSMTPClientSession(ServerConfig::g_EmailAccount.url, ServerConfig::g_EmailAccount.port);
mMailClientSession->login();
@ -51,9 +49,8 @@ int PrepareEmailTask::run()
int PrepareEmailTask::send(Poco::Net::MailMessage* message)
{
#ifdef DISABLE_EMAIL
return 0;
#endif
if (ServerConfig::g_disableEmail) return 0;
auto er = ErrorManager::getInstance();
try {
mMailClientSession->sendMessage(*message);

2
src/cpp/tasks/PrepareEmailTask.h
View File

@ -4,6 +4,8 @@
#include "CPUTask.h"
#include "Poco/Net/SecureSMTPClientSession.h"
class PrepareEmailTask : public UniLib::controller::CPUTask
{
public:

5
src/cpp/tasks/SendEmailTask.cpp
View File

@ -21,9 +21,8 @@ SendEmailTask::~SendEmailTask()
int SendEmailTask::run()
{
#ifdef DISABLE_EMAIL
return 0;
#endif
if(ServerConfig::g_disableEmail) return 0;
Profiler timeUsed;
auto er = ErrorManager::getInstance();
auto parent = getParent(0);

3
src/cpsp/checkEmail.cpsp
View File

@ -11,7 +11,8 @@
enum PageState
{
MAIL_NOT_SEND,
ASK_VERIFICATION_CODE
ASK_VERIFICATION_CODE,
KONTO_ALREADY_EXIST
};
%>
<%%

2
src/cpsp/dashboard.cpsp
View File

@ -8,7 +8,7 @@
#include "../SingletonManager/SessionManager.h"
#include "Poco/Net/HTTPServerParams.h"
%>
<%
<%%
const char* pageName = "Dashboard";
//Poco::Net::NameValueCollection cookies;
//request.getCookies(cookies);

39
src/cpsp/login.cpsp
View File

@ -1,7 +1,8 @@
<%@ page class="LoginPage" %>
<%@ page form="true" %>
<%@ page baseClass="PageRequestMessagedHandler" %>
<%@ header include="PageRequestMessagedHandler.h" %>
<%@ page baseClass="SessionHTTPRequestHandler" %>
<%@ page ctorArg="Session*" %>
<%@ header include="SessionHTTPRequestHandler.h" %>
<%@ page compressed="true" %>
<%!
#include "../gettext.h"
@ -21,6 +22,11 @@
auto lang = chooseLanguage(request);
auto langCatalog = lm->getFreeCatalog(lang);
std::string presetEmail("");
if(mSession && mSession->getUser()) {
presetEmail = mSession->getUser()->getEmail();
}
if(!form.empty()) {
bool langUpdatedByBtn = false;
auto langBtn = form.get("lang-btn", "");
@ -42,10 +48,10 @@
auto password = form.get("login-password", "");
if(email != "" && password != "") {
auto session = sm->getSession(request);
if(!session) {
session = sm->getNewSession();
session->setLanguageCatalog(langCatalog);
//auto session = sm->getSession(request);
if(!mSession) {
mSession = sm->getNewSession();
mSession->setLanguageCatalog(langCatalog);
// get language
// first check url, second check language header
// for debugging client ip
@ -55,13 +61,13 @@
Poco::Logger::get("requestLog").information(clientIpString);
// debugging end
auto user_host = request.clientAddress().host();
session->setClientIp(user_host);
response.addCookie(session->getLoginCookie());
mSession->setClientIp(user_host);
response.addCookie(mSession->getLoginCookie());
} else {
langCatalog = session->getLanguageCatalog();
langCatalog = mSession->getLanguageCatalog();
}
auto userState = session->loadUser(email, password);
getErrors(session);
auto userState = mSession->loadUser(email, password);
getErrors(mSession);
auto uri_start = request.serverParams().getServerName();
@ -71,7 +77,7 @@
addError(new Error(langCatalog->gettext("Login"), langCatalog->gettext("E-Mail or password isn't right, please try again!")));
break;
case USER_EMAIL_NOT_ACTIVATED:
session->addError(new Error(langCatalog->gettext("Account"), langCatalog->gettext("E-Mail Address not checked, do you already get one?")));
mSession->addError(new Error(langCatalog->gettext("Account"), langCatalog->gettext("E-Mail Address not checked, do you already get one?")));
response.redirect(ServerConfig::g_serverPath + "/checkEmail");
return;
case USER_NO_KEYS:
@ -89,10 +95,11 @@
} else {
// on enter login page with empty form
auto session = sm->getSession(request);
//auto session = sm->getSession(request);
// remove old cookies and session if exist
if(session) {
sm->releaseSession(session);
if(mSession) {
getErrors(mSession);
sm->releaseSession(mSession);
}
sm->deleteLoginCookies(request, response);
}
@ -136,7 +143,7 @@
<div class="row display-block">
<div class="col-lg-7 col-md-8 col-sm-9 col-12 mx-auto form-wrapper">
<div class="form-group input-rounded">
<input type="text" class="form-control" name="login-email" placeholder="<%= langCatalog->gettext("E-Mail") %>" />
<input type="text" class="form-control" name="login-email" placeholder="<%= langCatalog->gettext("E-Mail") %>" value="<%= presetEmail %>"/>
</div>
<div class="form-group input-rounded">
<input type="password" class="form-control" name="login-password" placeholder="<%= langCatalog->gettext("Password") %>" />

12
src/cpsp/updateUserPassword.cpsp
View File

@ -26,9 +26,17 @@
if(user->setNewPassword(form.get("register-password"))) {
//std::string referUri = request.get("Referer", uri_start + "/");
//printf("[updateUserPasswordPage] redirect to referUri: %s\n", referUri.data());
// I think we can savly assume that this session was loaded from verification code
mSession->updateEmailVerification(mSession->getEmailVerificationCode());
//! \return 1 = konto already activated
//! -1 = invalid code
//! -2 = critical error
//! 0 = ok
auto ret = mSession->updateEmailVerification(mSession->getEmailVerificationCode());
mSession->getErrors(user);
if(-2 == ret || -1 == ret || 1 == ret) {
response.redirect(uri_start + "/error500");
}
response.redirect(uri_start + "/passphrase");
return;
}
@ -38,7 +46,7 @@
}
getErrors(mSession);
getErrors(user);
%><%@ include file="header.cpsp" %>
%><%@ include file="header_old.cpsp" %>
<div class="grd_container">
<h1>Passwort bestimmen</h1>
<%= getErrorsHtml() %>