IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Iroha-ed25519, old user-implementation and key pair removed. libSodium seems to be compatible with Hedera now after all

Browse Source
This commit is contained in:
Dario 2020-10-05 17:03:48 +02:00
parent 3614ed691c
commit fb3d0b40ab
66 changed files with 1083 additions and 3149 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CMakeLists.txt
View File

@ -9,7 +9,6 @@ set(CMAKE_CXX_STANDARD_REQUIRED ON)
include_directories(
"dependencies"
"dependencies/tinf/src/"
"dependencies/iroha-ed25519/include"
"dependencies/mariadb-connector-c/include"
"dependencies/mariadb-connector-c/build/include"
"dependencies/spirit-po/include"
@ -96,7 +95,6 @@ if(WIN32)
find_library(MYSQL_LIBRARIES mariadbclient.lib PATHS "dependencies/mariadb-connector-c/build/libmariadb/Release" REQUIRED)
#find_library(MYSQL_LIBRARIES_DEBUG mariadbclient.lib PATHS "import/mariadb/lib/debug")
find_library(COMPILED_MARIADB_CLIENT_DEBUG mariadbclient PATHS "dependencies/mariadb-connector-c/build/libmariadb/Debug" REQUIRED)
find_library(IROHA_ED25519 ed25519 PATHS "dependencies/iroha-ed25519/build/Debug" REQUIRED)
set(GRPC_PATH "dependencies/grpc/_build/Debug")
set(GRPC_ABSL_PATH "dependencies/grpc/_build/third_party/abseil-cpp/absl/types/Debug")
set(GRPC_CARES_PATH "dependencies/grpc/_build/third_party/cares/cares/lib/Debug")
@ -183,7 +181,7 @@ endif(WIN32)
add_subdirectory("dependencies/grpc/third_party/abseil-cpp")
target_link_libraries(Gradido_LoginServer absl::base absl::flat_hash_map absl::flags absl::memory absl::meta absl::numeric absl::strings ${CONAN_LIBS} ${IROHA_ED25519})
target_link_libraries(Gradido_LoginServer absl::base absl::flat_hash_map absl::flags absl::memory absl::meta absl::numeric absl::strings ${CONAN_LIBS})
if(WIN32)
TARGET_LINK_LIBRARIES(Gradido_LoginServer optimized ${MYSQL_LIBRARIES} Shlwapi)
TARGET_LINK_LIBRARIES(Gradido_LoginServer debug ${COMPILED_MARIADB_CLIENT_DEBUG} Shlwapi)

12
README
View File

@ -1,17 +1,6 @@
# get dependencies
git submodule update --init --recursive
# build dependencies ed25519
cd dependencies/iroha-ed25519
mkdir build
cd build
# for windows with visual studio 14 2015
# cmake .. -G"Visual Studio 14 2015 Win64" -DEDIMPL=ref10 -DHASH=sha2_sphlib -DRANDOM=bcryptgen -DBUILD=STATIC
# for linux
cmake .. -DEDIMPL=ref10 -DHASH=sha2_sphlib -DRANDOM=bcryptgen -DBUILD=STATIC
make
cd ../../../
cd dependencies/mariadb-connector-c
mkdir build
@ -33,6 +22,7 @@ cd ../../../
mkdir build && cd build
# // not used anymore
# conan remote add inexor https://api.bintray.com/conan/inexorgame/inexor-conan
# not needed, but bincrafter
# conan install .. -s build_type=Debug
conan install ..

1
dependencies/iroha-ed25519 vendored

@ -1 +0,0 @@
Subproject commit 1fdf5b6e10be2b1d7118aa3c32dc7acde02cb0cd

1
skeema/gradido_login/users.sql
View File

@ -12,6 +12,7 @@ CREATE TABLE `users` (
`passphrase_shown` tinyint NOT NULL DEFAULT '0',
`language` varchar(4) NOT NULL DEFAULT 'de',
`disabled` tinyint DEFAULT '0',
`group_id` int unsigned DEFAULT 0,
PRIMARY KEY (`id`),
UNIQUE KEY `email` (`email`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

339
src/cpp/Crypto/KeyPair.cpp
View File

@ -1,339 +0,0 @@
#include "KeyPair.h"
#include <memory.h>
#include <string.h>
#include "../SingletonManager/ErrorManager.h"
#include "../SingletonManager/ConnectionManager.h"
#include "Poco/Types.h"
#include "Passphrase.h"
#include "../ServerConfig.h"
using namespace Poco::Data::Keywords;
#define STR_BUFFER_SIZE 25
KeyPair::KeyPair()
: mPrivateKey(nullptr), mSodiumSecret(nullptr)
{
// TODO: set memory to zero for
// unsigned char mPublicKey[ed25519_pubkey_SIZE];
// unsigned char mSodiumPublic[crypto_sign_PUBLICKEYBYTES];
memset(mPublicKey, 0, ed25519_pubkey_SIZE);
memset(mSodiumPublic, 0, crypto_sign_PUBLICKEYBYTES);
}
KeyPair::~KeyPair()
{
auto mm = MemoryManager::getInstance();
//printf("[KeyPair::~KeyPair] privkey: %d, soduium privkey: %d \n", mPrivateKey, mSodiumSecret);
if (mPrivateKey) {
//delete mPrivateKey;
mm->releaseMemory(mPrivateKey);
mPrivateKey = nullptr;
}
if (mSodiumSecret) {
//delete mSodiumSecret;
mm->releaseMemory(mSodiumSecret);
mSodiumSecret = nullptr;
}
}
std::string KeyPair::passphraseTransform(const std::string& passphrase, const Mnemonic* currentWordSource, const Mnemonic* targetWordSource)
{
if (!currentWordSource || !targetWordSource) {
return "";
}
if (targetWordSource == currentWordSource) {
return passphrase;
}
auto word_indices = createWordIndices(passphrase, currentWordSource);
if (!word_indices) {
return "";
}
return createClearPassphraseFromWordIndices(word_indices, targetWordSource);
}
bool KeyPair::generateFromPassphrase(const char* passphrase, const Mnemonic* word_source)
{
auto er = ErrorManager::getInstance();
auto mm = MemoryManager::getInstance();
// libsodium doc: https://libsodium.gitbook.io/doc/advanced/hmac-sha2
// https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki
//crypto_auth_hmacsha512_keygen
auto word_indices = createWordIndices(passphrase, word_source);
if (!word_indices) {
return false;
}
std::string clearPassphrase =
createClearPassphraseFromWordIndices(word_indices, &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_BIP0039_SORTED_ORDER]);
// printf("clear passphrase: %s\n", clearPassphrase.data());
sha_context state;
unsigned char hash[SHA_512_SIZE];
//crypto_auth_hmacsha512_state state;
size_t word_index_size = sizeof(word_indices);
//crypto_auth_hmacsha512_init(&state, (unsigned char*)word_indices, sizeof(word_indices));
sha512_init(&state);
sha512_update(&state, *word_indices, word_indices->size());
sha512_update(&state, (unsigned char*)clearPassphrase.data(), clearPassphrase.size());
//crypto_auth_hmacsha512_update(&state, (unsigned char*)passphrase, pass_phrase_size);
sha512_final(&state, hash);
//crypto_auth_hmacsha512_final(&state, hash);
/*
// debug passphrase
printf("\passsphrase: <%s>\n", passphrase);
printf("size word indices: %u\n", word_indices->size());
std::string word_indicesHex = getHex(*word_indices, word_indices->size());
printf("word_indices: \n%s\n", word_indicesHex.data());
printf("word_indices: \n");
Poco::UInt64* word_indices_p = (Poco::UInt64*)(word_indices->data());
for (int i = 0; i < PHRASE_WORD_COUNT; i++) {
if (i > 0) printf(" ");
printf("%4hu", word_indices_p[i]);
}
printf("\n");
printf("\nclear passphrase: \n%s\n", clearPassphrase.data());
std::string hex_clearPassphrase = getHex((const unsigned char*)clearPassphrase.data(), clearPassphrase.size());
printf("passphrase bin: \n%s\n\n", hex_clearPassphrase.data());
//*/
mm->releaseMemory(word_indices);
//ed25519_create_keypair(public_key, private_key, hash);
private_key_t prv_key_t;
memcpy(prv_key_t.data, hash, 32);
public_key_t pbl_key_t;
ed25519_derive_public_key(&prv_key_t, &pbl_key_t);
//memcpy(private_key, prv_key_t.data, 32);
if (!mPrivateKey) {
//delete mPrivateKey;
mPrivateKey = mm->getFreeMemory(ed25519_privkey_SIZE);
if (!mPrivateKey) {
return false;
}
}
//mPrivateKey = new ObfusArray(ed25519_privkey_SIZE, prv_key_t.data);
memcpy(*mPrivateKey, prv_key_t.data, ed25519_privkey_SIZE);
memcpy(mPublicKey, pbl_key_t.data, ed25519_pubkey_SIZE);
if (!mSodiumSecret) {
//delete mSodiumSecret;
//mm->releaseMemory(mSodiumSecret);
mSodiumSecret = mm->getFreeMemory(crypto_sign_SECRETKEYBYTES);
}
//unsigned char sodium_secret[crypto_sign_SECRETKEYBYTES];
crypto_sign_seed_keypair(mSodiumPublic, *mSodiumSecret, *mPrivateKey);
// print hex for all keys for debugging
/* printf("// ********** Keys ************* //\n");
printf("Public: \t%s\n", getHex(mPublicKey, ed25519_pubkey_SIZE).data());
printf("Private: \t%s\n", getHex(*mPrivateKey, mPrivateKey->size()).data());
printf("Sodium Public: \t%s\n", getHex(mSodiumPublic, crypto_sign_PUBLICKEYBYTES).data());
printf("Sodium Private: \t%s\n", getHex(*mSodiumSecret, mSodiumSecret->size()).data());
printf("// ********* Keys End ************ //\n");
*/
//printf("[KeyPair::generateFromPassphrase] finished!\n");
// using
return true;
}
bool KeyPair::generateFromPassphrase(const std::string& passphrase)
{
//static bool validatePassphrase(const std::string& passphrase, Mnemonic** wordSource = nullptr);
Mnemonic* wordSource = nullptr;
if (validatePassphrase(passphrase, &wordSource)) {
return generateFromPassphrase(passphrase.data(), wordSource);
}
return false;
}
MemoryBin* KeyPair::createWordIndices(const std::string& passphrase, const Mnemonic* word_source)
{
auto er = ErrorManager::getInstance();
auto mm = MemoryManager::getInstance();
auto word_indices = mm->getFreeMemory(sizeof(Poco::UInt64) * PHRASE_WORD_COUNT);
Poco::UInt64* word_indices_p = (Poco::UInt64*)(word_indices->data());
//Poco::UInt64 word_indices_old[PHRASE_WORD_COUNT] = { 0 };
//memset(word_indices_old, 0, PHRASE_WORD_COUNT * sizeof(Poco::UInt64));// *sizeof(unsigned long));
memset(*word_indices, 0, word_indices->size());
//DHASH key = DRMakeStringHash(passphrase);
size_t pass_phrase_size = passphrase.size();
char acBuffer[STR_BUFFER_SIZE]; memset(acBuffer, 0, STR_BUFFER_SIZE);
size_t buffer_cursor = 0;
// get word indices for hmac key
unsigned char word_cursor = 0;
for (auto it = passphrase.begin(); it != passphrase.end(); it++)
{
if (*it == ' ') {
if (buffer_cursor < 3) {
continue;
}
if (PHRASE_WORD_COUNT > word_cursor && word_source->isWordExist(acBuffer)) {
word_indices_p[word_cursor] = word_source->getWordIndex(acBuffer);
//word_indices_old[word_cursor] = word_source->getWordIndex(acBuffer);
}
else {
er->addError(new ParamError("KeyPair::generateFromPassphrase", "word didn't exist", acBuffer));
er->sendErrorsAsEmail();
mm->releaseMemory(word_indices);
return nullptr;
}
word_cursor++;
memset(acBuffer, 0, STR_BUFFER_SIZE);
buffer_cursor = 0;
}
else {
acBuffer[buffer_cursor++] = *it;
}
}
if (PHRASE_WORD_COUNT > word_cursor && word_source->isWordExist(acBuffer)) {
word_indices_p[word_cursor] = word_source->getWordIndex(acBuffer);
//word_indices_old[word_cursor] = word_source->getWordIndex(acBuffer);
word_cursor++;
}
//printf("word cursor: %d\n", word_cursor);
/*if (memcmp(word_indices_p, word_indices_old, word_indices->size()) != 0) {
printf("not identical\n");
memcpy(word_indices_p, word_indices_old, word_indices->size());
}*/
return word_indices;
}
std::string KeyPair::createClearPassphraseFromWordIndices(MemoryBin* word_indices, const Mnemonic* word_source)
{
Poco::UInt64* word_indices_p = (Poco::UInt64*)word_indices->data();
std::string clearPassphrase;
for (int i = 0; i < PHRASE_WORD_COUNT; i++) {
if (i * sizeof(Poco::UInt64) >= word_indices->size()) break;
auto word = word_source->getWord(word_indices_p[i]);
if (word) {
clearPassphrase += word;
clearPassphrase += " ";
}
}
return clearPassphrase;
}
std::string KeyPair::filterPassphrase(const std::string& passphrase)
{
return Passphrase::filter(passphrase);
}
std::string KeyPair::getPubkeyHex()
{
const size_t hexSize = crypto_sign_PUBLICKEYBYTES * 2 + 1;
char hexString[hexSize];
memset(hexString, 0, hexSize);
sodium_bin2hex(hexString, hexSize, mSodiumPublic, crypto_sign_PUBLICKEYBYTES);
return std::string(hexString);
}
std::string KeyPair::getHex(const unsigned char* data, Poco::UInt32 size)
{
auto mm = MemoryManager::getInstance();
Poco::UInt32 hexSize = size * 2 + 1;
auto hexMem = mm->getFreeMemory(hexSize);
//char* hexString = (char*)malloc(hexSize);
memset(*hexMem, 0, hexSize);
sodium_bin2hex(*hexMem, hexSize, data, size);
std::string hex = (char*)*hexMem;
// free(hexString);
mm->releaseMemory(hexMem);
return hex;
}
std::string KeyPair::getHex(const MemoryBin* data)
{
return getHex(*data, data->size());
}
bool KeyPair::savePrivKey(int userId)
{
auto cm = ConnectionManager::getInstance();
auto em = ErrorManager::getInstance();
auto mysql_session = cm->getConnection(CONNECTION_MYSQL_LOGIN_SERVER);
Poco::Data::Statement update(mysql_session);
Poco::Data::BLOB privkey_blob((const unsigned char*)(*mPrivateKey), mPrivateKey->size());
update << "UPDATE users set privkey = ? where id = ?",
use(privkey_blob), use(userId);
try {
if (update.execute() != 1) {
em->addError(new ParamError("KeyPair::savePrivKey", "error writing privkey, user not found? ", std::to_string(userId)));
em->sendErrorsAsEmail();
return false;
}
} catch (Poco::Exception& ex) {
em->addError(new ParamError("KeyPair::savePrivKey", "exception by running mysql", ex.displayText()));
em->sendErrorsAsEmail();
return false;
}
return true;
}
bool KeyPair::isPubkeysTheSame(const unsigned char* pubkey) const
{
return sodium_memcmp(pubkey, mPublicKey, ed25519_pubkey_SIZE) == 0;
}
bool KeyPair::validatePassphrase(const std::string& passphrase, Mnemonic** wordSource/* = nullptr*/)
{
std::istringstream iss(passphrase);
std::vector<std::string> results(std::istream_iterator<std::string>{iss},
std::istream_iterator<std::string>());
for (int i = 0; i < ServerConfig::Mnemonic_Types::MNEMONIC_MAX; i++) {
Mnemonic& m = ServerConfig::g_Mnemonic_WordLists[i];
bool existAll = true;
for (auto it = results.begin(); it != results.end(); it++) {
if (*it == "\0" || *it == "" || it->size() < 3) continue;
if (!m.isWordExist(*it)) {
if (i == 1) {
int zahl = 0;
}
//printf("wordlist: %d, word not found: %s\n", i, it->data());
existAll = false;
continue;
}
}
if (existAll) {
if (wordSource) {
*wordSource = &m;
}
return true;
}
}
return false;
}

69
src/cpp/Crypto/KeyPair.h
View File

@ -1,69 +0,0 @@
#ifndef GRADIDO_LOGIN_SERVER_CRYPTO_KEY_PAIR
#define GRADIDO_LOGIN_SERVER_CRYPTO_KEY_PAIR
#include "Obfus_array.h"
#include "../SingletonManager/MemoryManager.h"
#include "mnemonic.h"
#include "ed25519/ed25519.h"
#include <sodium.h>
class UserWriteKeysIntoDB;
class UserGenerateKeys;
class DebugPassphrasePage;
class User;
class RepairDefectPassphrase;
// TODO: https://libsodium.gitbook.io/doc/advanced/ed25519-curve25519
class KeyPair
{
friend UserWriteKeysIntoDB;
friend UserGenerateKeys;
friend DebugPassphrasePage;
friend User;
friend RepairDefectPassphrase;
public:
KeyPair();
~KeyPair();
bool generateFromPassphrase(const char* passphrase, const Mnemonic* word_source);
bool generateFromPassphrase(const std::string& passphrase);
static std::string passphraseTransform(const std::string& passphrase, const Mnemonic* currentWordSource, const Mnemonic* targetWordSource);
static std::string filterPassphrase(const std::string& passphrase);
static bool validatePassphrase(const std::string& passphrase, Mnemonic** wordSource = nullptr);
std::string getPubkeyHex();
bool savePrivKey(int userId);
static std::string getHex(const unsigned char* data, Poco::UInt32 size);
static std::string getHex(const MemoryBin* data);
inline const unsigned char* getPublicKey() const { return mSodiumPublic; }
bool isPubkeysTheSame(const unsigned char* pubkey) const;
protected:
const MemoryBin* getPrivateKey() const { return mSodiumSecret; }
static MemoryBin* createWordIndices(const std::string& passphrase, const Mnemonic* word_source);
static std::string createClearPassphraseFromWordIndices(MemoryBin* word_indices, const Mnemonic* word_source);
private:
// 32 Byte
//! \brief ed25519 ref10 private key
MemoryBin* mPrivateKey;
// 64 Byte
//! \brief ed25519 libsodium private key
MemoryBin* mSodiumSecret;
// 32 Byte
//! \brief ed25519 ref10 public key
unsigned char mPublicKey[ed25519_pubkey_SIZE];
// 32 Byte
//! \brief ed25519 libsodium public key
unsigned char mSodiumPublic[crypto_sign_PUBLICKEYBYTES];
};
#endif //GRADIDO_LOGIN_SERVER_CRYPTO_KEY_PAIR

3
src/cpp/Crypto/KeyPairEd25519.h
View File

@ -16,6 +16,7 @@
#include "sodium.h"
#include "SecretKeyCryptography.h"
#include "Passphrase.h"
#include "../lib/DataTypeConverter.h"
class KeyPairEd25519 : public IKeyPair
{
@ -37,6 +38,8 @@ public:
MemoryBin* sign(const unsigned char* message, size_t messageSize) const;
inline const unsigned char* getPublicKey() const { return mSodiumPublic; }
inline std::string getPublicKeyHex() const { return DataTypeConverter::binToHex(mSodiumPublic, getPublicKeySize()); }
const static size_t getPublicKeySize() { return crypto_sign_PUBLICKEYBYTES; }
inline bool isTheSame(const KeyPairEd25519& b) const {
return 0 == sodium_memcmp(mSodiumPublic, b.mSodiumPublic, crypto_sign_PUBLICKEYBYTES);

5
src/cpp/Crypto/Passphrase.cpp
View File

@ -133,6 +133,11 @@ Poco::AutoPtr<Passphrase> Passphrase::transform(const Mnemonic* targetWordSource
return nullptr;
}
Poco::AutoPtr<Passphrase> Passphrase::create(const std::string& passphrase, const Mnemonic* wordSource)
{
return new Passphrase(passphrase, wordSource);
}
Poco::AutoPtr<Passphrase> Passphrase::create(const MemoryBin* wordIndices, const Mnemonic* wordSource)
{
if (PHRASE_WORD_COUNT * sizeof(Poco::UInt16) >= wordIndices->size()) {

1
src/cpp/Crypto/Passphrase.h
View File

@ -16,6 +16,7 @@ public:
static Poco::AutoPtr<Passphrase> create(const Poco::UInt16 wordIndices[PHRASE_WORD_COUNT], const Mnemonic* wordSource);
static Poco::AutoPtr<Passphrase> create(const MemoryBin* wordIndices, const Mnemonic* wordSource);
static Poco::AutoPtr<Passphrase> create(const std::string& passphrase, const Mnemonic* wordSource);
//! \brief generate new passphrase with random
static Poco::AutoPtr<Passphrase> generate(const Mnemonic* wordSource);
static const Mnemonic* detectMnemonic(const std::string& passphrase, const KeyPairEd25519* keyPair = nullptr);

2
src/cpp/Crypto/SecretKeyCryptography.cpp
View File

@ -76,7 +76,7 @@ SecretKeyCryptography::ResultType SecretKeyCryptography::createKey(const std::st
assert(ServerConfig::g_ServerCryptoKey);
crypto_shorthash((unsigned char*)&mEncryptionKeyHash, *mEncryptionKey, crypto_box_SEEDBYTES, *ServerConfig::g_ServerCryptoKey);
return AUTH_ENCRYPT_OK;
return AUTH_CREATE_ENCRYPTION_KEY_SUCCEED;
}
SecretKeyCryptography::ResultType SecretKeyCryptography::encrypt(const MemoryBin* message, MemoryBin** encryptedMessage) const

1
src/cpp/Crypto/SecretKeyCryptography.h
View File

@ -30,6 +30,7 @@ public:
enum ResultType {
AUTH_ENCRYPT_OK,
AUTH_DECRYPT_OK,
AUTH_CREATE_ENCRYPTION_KEY_SUCCEED,
AUTH_CREATE_ENCRYPTION_KEY_FAILED,
AUTH_NO_KEY,
AUTH_ENCRYPT_MESSAGE_FAILED,

10
src/cpp/Gradido_LoginServer.cpp
View File

@ -11,6 +11,8 @@
#include "controller/User.h"
#include "Crypto/SecretKeyCryptography.h"
#include "Poco/Util/HelpFormatter.h"
#include "Poco/Net/ServerSocket.h"
#include "Poco/Net/HTTPServer.h"
@ -155,11 +157,13 @@ int Gradido_LoginServer::main(const std::vector<std::string>& args)
}
// first check time for crypto
auto testUser = new User("email@google.de", "Max", "Mustermann");
SecretKeyCryptography test_crypto;
Profiler timeUsed;
testUser->validatePwd("haz27Newpassword", nullptr);
if (test_crypto.createKey("email@google.de", "haz27Newpassword") != SecretKeyCryptography::AUTH_CREATE_ENCRYPTION_KEY_SUCCEED) {
errorLog.error("[Gradido_LoginServer::main] error create secure pwd hash");
return Application::EXIT_SOFTWARE;
}
ServerConfig::g_FakeLoginSleepTime = (int)std::round(timeUsed.millis());
delete testUser;
Poco::Int64 i1 = randombytes_random();
Poco::Int64 i2 = randombytes_random();

42
src/cpp/HTTPInterface/AdminCheckUserBackup.cpp
View File

@ -7,7 +7,8 @@
#line 7 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
#include "../Crypto/KeyPair.h"
#include "../Crypto/KeyPairEd25519.h"
#include "../Crypto/Passphrase.h"
#include "../SingletonManager/ConnectionManager.h"
#include "../controller/UserBackup.h"
@ -42,11 +43,11 @@ void AdminCheckUserBackup::handleRequest(Poco::Net::HTTPServerRequest& request,
if (_compressResponse) response.set("Content-Encoding", "gzip");
Poco::Net::HTMLForm form(request, request.stream());
#line 25 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
#line 26 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
const char* pageName = "Admin Check User Backups";
auto cm = ConnectionManager::getInstance();
KeyPair keys;
std::list<SListEntry> notMatchingEntrys;
auto con = cm->getConnection(CONNECTION_MYSQL_LOGIN_SERVER);
@ -65,21 +66,24 @@ void AdminCheckUserBackup::handleRequest(Poco::Net::HTTPServerRequest& request,
if(pubkey.isNull()) {
continue;
}
auto passphrase = KeyPair::filterPassphrase(tuple.get<2>());
auto passphrase = Passphrase::filter(tuple.get<2>());
auto user_id = tuple.get<0>();
Mnemonic* wordSource = nullptr;
if(!User::validatePassphrase(passphrase, &wordSource)) {
KeyPairEd25519 key_pair(pubkey.value().content().data());
auto wordSource = Passphrase::detectMnemonic(passphrase);
if(!wordSource) {
addError(new Error("admin Check user backup", "invalid passphrase"), false);
addError(new ParamError("admin Check user backup", "passphrase", passphrase.data()), false);
addError(new ParamError("admin Check user backup", "user id", user_id), false);
continue;
} else {
keys.generateFromPassphrase(passphrase.data(), wordSource);
}
}
auto passphrase_object = Passphrase::create(passphrase, wordSource);
auto key_pair_from_passhrase = KeyPairEd25519::create(passphrase_object);
bool matching = false;
if(keys.isPubkeysTheSame(pubkey.value().content().data())) {
if(key_pair_from_passhrase->isTheSame(key_pair)) {
matching = true;
}
delete key_pair_from_passhrase;
if(user_id != last_user_id) {
last_user_id = user_id;
if(matching) continue;
@ -177,11 +181,11 @@ void AdminCheckUserBackup::handleRequest(Poco::Net::HTTPServerRequest& request,
responseStream << "<div class=\"grd_container\">\n";
responseStream << "\t<h1>Admin Check User Backup</h1>\n";
responseStream << "\t";
#line 91 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
#line 95 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
responseStream << ( getErrorsHtml() );
responseStream << "\n";
responseStream << "\t<p><b>Unmatching count: ";
#line 92 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
#line 96 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
responseStream << ( notMatchingEntrys.size() );
responseStream << "</b></p>\n";
responseStream << "\t<table>\n";
@ -190,34 +194,34 @@ void AdminCheckUserBackup::handleRequest(Poco::Net::HTTPServerRequest& request,
responseStream << "\t\t</thead>\n";
responseStream << "\t\t<tbody>\n";
responseStream << "\t\t\t";
#line 98 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
#line 102 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
for(auto it = notMatchingEntrys.begin(); it != notMatchingEntrys.end(); it++) {
auto userModel = (*it).user->getModel();
responseStream << "\n";
responseStream << "\t\t\t\t<tr>\n";
responseStream << "\t\t\t\t<td>";
#line 102 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
#line 106 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
responseStream << ( userModel->getID() );
responseStream << "</td>\n";
responseStream << "\t\t\t\t<td>";
#line 103 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
#line 107 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
responseStream << ( userModel->getFirstName() );
responseStream << "</td>\n";
responseStream << "\t\t\t\t<td>";
#line 104 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
#line 108 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
responseStream << ( userModel->getLastName() );
responseStream << "</td>\n";
responseStream << "\t\t\t\t<td>";
#line 105 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
#line 109 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
responseStream << ( userModel->getEmail() );
responseStream << "</td>\n";
responseStream << "\t\t\t\t<td>";
#line 106 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
#line 110 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
responseStream << ( (*it).backups.size() );
responseStream << "</td>\n";
responseStream << "\t\t\t\t</tr>\n";
responseStream << "\t\t\t";
#line 108 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
#line 112 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\adminCheckUserBackup.cpsp"
} responseStream << "\n";
responseStream << "\t\t</tbody>\n";
responseStream << "</div>\n";

2
src/cpp/HTTPInterface/AdminUserPasswordReset.cpp
View File

@ -73,7 +73,7 @@ void AdminUserPasswordReset::handleRequest(Poco::Net::HTTPServerRequest& request
auto userPubkey = user->getModel()->getPublicKey();
for(auto it = backups.begin(); it != backups.end(); it++) {
auto keys = (*it)->getKeyPair();
if(keys->isPubkeysTheSame(userPubkey)) {
if(keys->isTheSame(userPubkey)) {
userBackup = *it;
break;
}

56
src/cpp/HTTPInterface/CheckTransactionPage.cpp
View File

@ -389,52 +389,54 @@ void CheckTransactionPage::handleRequest(Poco::Net::HTTPServerRequest& request,
responseStream << "\t\t\t\t <div class=\"content-row content-row-bg\">\n";
responseStream << "\t\t\t\t\t";
#line 166 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
if(transactionUser) { responseStream << "\n";
if(!transactionUser.isNull()) {
auto user_model = transactionUser->getModel();
responseStream << "\n";
responseStream << "\t\t\t\t\t\t<span class=\"content-cell\">";
#line 167 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( transactionUser->getFirstName() );
#line 169 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( user_model->getFirstName() );
responseStream << " ";
#line 167 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( transactionUser->getLastName() );
#line 169 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( user_model->getLastName() );
responseStream << " &lt;";
#line 167 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( transactionUser->getEmail() );
#line 169 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( user_model->getEmail() );
responseStream << "&gt;</span>\n";
responseStream << "\t\t\t\t\t";
#line 168 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 170 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
} else { responseStream << "\n";
responseStream << "\t\t\t\t\t\t<span class=\"content-cell\">0x";
#line 169 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 171 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( creationTransaction->getPublicHex() );
responseStream << "</span>\n";
responseStream << "\t\t\t\t\t";
#line 170 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 172 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
} responseStream << "\n";
responseStream << "\t\t\t\t\t<span class=\"content-cell\">";
#line 171 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 173 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( creationTransaction->getTargetDateString() );
responseStream << "</span>\n";
responseStream << "\t\t\t\t\t<span class=\"content-cell success-color\">";
#line 172 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 174 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( creationTransaction->getAmountString() );
responseStream << " GDD</span>\n";
responseStream << "\t\t\t\t </div>\n";
responseStream << "\t\t\t\t</div>\n";
responseStream << "\t\t\t ";
#line 175 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 177 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
} else if(PAGE_USER_DATA_CORRUPTED == state) { responseStream << "\n";
responseStream << "\t\t\t\t<p class=\"alert-color\">";
#line 176 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 178 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( gettext("Es gibt ein Problem mit deinen gespeicherten Daten, bitte wende dich an den"));
responseStream << "<a href=\"mailto:";
#line 176 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 178 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( em->getAdminReceiver());
responseStream << "?subject=Corrupt User Data&amp;body=Hallo Dario,%0D%0A%0D%0Ameine Benutzer Daten sind korrupt.%0D%0Akannst du das prüfen?%0D%0A%0D%0AMit freundlichen Grüßen%0D%0A\">";
#line 176 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 178 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << (gettext("Support") );
responseStream << "</a></p>\n";
responseStream << "\t\t\t ";
#line 177 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 179 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
} responseStream << "\n";
responseStream << "\t\t\t<div class=\"content-table\">\n";
responseStream << "\t\t\t <div class=\"content-row content-row-header\">\n";
@ -442,7 +444,7 @@ void CheckTransactionPage::handleRequest(Poco::Net::HTTPServerRequest& request,
responseStream << "\t\t\t </div>\n";
responseStream << "\t\t\t <div class=\"content-row\">\n";
responseStream << "\t\t\t\t<span class=\"content-cell\">";
#line 183 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 185 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( user_model->getNameWithEmailHtml() );
responseStream << "</span>\n";
responseStream << "\t\t\t </div>\n";
@ -453,45 +455,45 @@ void CheckTransactionPage::handleRequest(Poco::Net::HTTPServerRequest& request,
responseStream << "\t\t\t </div>\n";
responseStream << "\t\t\t <div class=\"content-row content-row-bg\">\n";
responseStream << "\t\t\t\t<span class=\"content-cell\">";
#line 191 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 193 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( memo );
responseStream << "</span>\n";
responseStream << "\t\t\t </div>\n";
responseStream << "\t\t\t</div>\n";
responseStream << "\t\t\t<form>\n";
responseStream << "\t\t\t\t";
#line 195 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 197 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
if(!account_user->hasPassword()) { responseStream << "\n";
responseStream << "\t\t\t\t <div class=\"form-group\">\n";
responseStream << "\t\t\t\t\t <label for=\"sign-password\">";
#line 197 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 199 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( gettext("Ich brauche nochmal dein Passwort") );
responseStream << "</label>\n";
responseStream << "\t\t\t\t\t <input type=\"password\" class=\"form-control\" id=\"sign-password\" name=\"sign-password\" placeholder=\"";
#line 198 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 200 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( gettext("Passwort") );
responseStream << "\">\n";
responseStream << "\t\t\t\t </div>\n";
responseStream << "\t\t\t\t";
#line 200 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 202 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
} responseStream << "\n";
responseStream << "\t\t\t\t";
#line 201 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 203 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
if(PAGE_USER_DATA_CORRUPTED != state && user_model->isEmailChecked()) { responseStream << "\n";
responseStream << "\t\t\t\t\t<button type=\"submit\" class=\"form-button\" name=\"ok\" value=\"ok\">\n";
responseStream << "\t\t\t\t\t\t<i class=\"material-icons-outlined\">verified_user</i>\n";
responseStream << "\t\t\t\t\t\t";
#line 204 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 206 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( gettext("Transaktion unterzeichnen") );
responseStream << "\n";
responseStream << "\t\t\t\t\t</button>\n";
responseStream << "\t\t\t\t";
#line 206 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 208 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
} responseStream << "\n";
responseStream << "\t\t\t\t<button type=\"submit\" class=\"form-button button-cancel\" name=\"abort\" value=\"abort\">\n";
responseStream << "\t\t\t\t\t<i class=\"material-icons-outlined\">delete</i>\n";
responseStream << "\t\t\t\t\t";
#line 209 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
#line 211 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\checkTransaction.cpsp"
responseStream << ( gettext("Transaktion verwerfen") );
responseStream << "\n";
responseStream << "\t\t\t\t</button>\n";

28
src/cpp/HTTPInterface/DashboardPage.cpp
View File

@ -31,6 +31,8 @@ void DashboardPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::N
#line 11 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
const char* pageName = "Dashboard";
auto user = mSession->getNewUser();
auto user_model = user->getModel();
//Poco::Net::NameValueCollection cookies;
//request.getCookies(cookies);
if(!form.empty()) {
@ -109,34 +111,34 @@ void DashboardPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::N
responseStream << "\n";
responseStream << "<div class=\"grd_container\">\n";
responseStream << "\t<h1>Willkommen ";
#line 23 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
responseStream << ( mSession->getUser()->getFirstName() );
#line 25 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
responseStream << ( user_model->getFirstName() );
responseStream << "&nbsp;";
#line 23 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
responseStream << ( mSession->getUser()->getLastName() );
#line 25 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
responseStream << ( user_model->getLastName() );
responseStream << "</h1>\n";
responseStream << "\t";
#line 24 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
#line 26 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
responseStream << ( mSession->getErrorsHtml() );
responseStream << "\n";
responseStream << "\t<h3>Status</h3>\n";
responseStream << "\t<p>";
#line 26 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
#line 28 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
responseStream << ( mSession->getSessionStateString() );
responseStream << "</p>\n";
responseStream << "\t";
#line 27 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
#line 29 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
if(mSession->getSessionState() == SESSION_STATE_EMAIL_VERIFICATION_SEND) { responseStream << "\n";
responseStream << "\t<p>Verification Code E-Mail wurde erfolgreich an dich verschickt, bitte schaue auch in dein Spam-Verzeichnis nach wenn du sie nicht findest und klicke auf den Link den du dort findest oder kopiere den Code hier her:</p>\n";
responseStream << "\t<form method=\"GET\" action=\"";
#line 29 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
#line 31 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
responseStream << ( uri_start );
responseStream << "/checkEmail\">\n";
responseStream << "\t\t<input type=\"number\" name=\"email-verification-code\">\n";
responseStream << "\t\t<input class=\"grd-form-bn-succeed grd_clickable\" type=\"submit\" value=\"&Uuml;berpr&uuml;fe Code\">\n";
responseStream << "\t</form>\n";
responseStream << "\t";
#line 33 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
#line 35 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
} else if(mSession->getSessionState() == SESSION_STATE_EMAIL_VERIFICATION_WRITTEN) { responseStream << "\n";
responseStream << "\t<p>Hast du schon eine E-Mail mit einem Verification Code erhalten? Wenn ja kannst du ihn hier hinein kopieren:</p>\n";
responseStream << "\t<form method=\"GET\" action=\"checkEmail\">\n";
@ -144,14 +146,14 @@ void DashboardPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::N
responseStream << "\t\t<input class=\"grd-form-bn-succeed grd_clickable\" type=\"submit\" value=\"&Uuml;berpr&uuml;fe Code\">\n";
responseStream << "\t</form>\n";
responseStream << "\t";
#line 39 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
#line 41 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
} responseStream << "\n";
responseStream << "\t<a class=\"grd-form-bn\" href=\"";
#line 40 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
#line 42 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
responseStream << ( uri_start );
responseStream << "/logout\">Abmelden</a>\n";
responseStream << "\t<a class=\"grd-form-bn\" href=\"";
#line 41 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
#line 43 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
responseStream << ( uri_start );
responseStream << "/user_delete\">Account l&ouml;schen</a>\n";
responseStream << "</div>\n";
@ -159,7 +161,7 @@ void DashboardPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::N
responseStream << "\t<div class=\"grd-left-bar-section\">\n";
responseStream << "\t\t<ul class=\"grd-no-style\">\n";
responseStream << "\t\t <li><a href=\"";
#line 46 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
#line 48 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\dashboard.cpsp"
responseStream << ( ServerConfig::g_php_serverPath );
responseStream << "\" class=\"grd-nav-bn\">Startseite</a>\n";
responseStream << "\t\t <li><a href=\"./account/logout\" class=\"grd-nav-bn\">Logout</a></li>\n";

4
src/cpp/HTTPInterface/DebugMnemonicPage.cpp
View File

@ -8,7 +8,7 @@
#line 7 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugMnemonic.cpsp"
#include "../ServerConfig.h"
#include "../Crypto/KeyPair.h"
#include "../Crypto/Passphrase.h"
struct WordChecked {
WordChecked() : index(0), bSet(false) {};
@ -69,7 +69,7 @@ void DebugMnemonicPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poc
{
if("" != form.get("check_word", ""))
{
auto word = KeyPair::filterPassphrase(form.get("word", ""));
auto word = Passphrase::filter(form.get("word", ""));
if("" != word) {
checkedWord.bSet = true;
checkedWord.word = word;

101
src/cpp/HTTPInterface/DebugPassphrasePage.cpp
View File

@ -7,7 +7,8 @@
#line 7 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
#include "../Crypto/KeyPair.h"
#include "../Crypto/KeyPairEd25519.h"
#include "../controller/User.h"
#line 1 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
#include "../ServerConfig.h"
@ -27,44 +28,34 @@ void DebugPassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, P
if (_compressResponse) response.set("Content-Encoding", "gzip");
Poco::Net::HTMLForm form(request, request.stream());
#line 10 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
#line 11 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
const char* pageName = "Debug Passphrase";
auto mm = MemoryManager::getInstance();
KeyPair keys;
std::string privKeyHex = "";
KeyPairEd25519* keys = nullptr;
std::string privKeyCryptedHex = "";
User::passwordHashed pwdHashed = 0;
Poco::UInt64 pwdHashed = 0;
Poco::AutoPtr<controller::User> existingUser;
if(!form.empty()) {
auto passphrase = KeyPair::filterPassphrase(form.get("passphrase", ""));
Mnemonic* wordSource = nullptr;
if(!User::validatePassphrase(passphrase, &wordSource)) {
auto passphrase_string = form.get("passphrase", "");
auto wordSource = Passphrase::detectMnemonic(passphrase_string);
if(!wordSource) {
addError(new Error("debug Passphrase", "invalid passphrase"), false);
} else {
keys.generateFromPassphrase(passphrase.data(), wordSource);
keys = KeyPairEd25519::create(Passphrase::create(passphrase_string, wordSource));
}
auto email = form.get("email", "");
auto newUser = new User(email.data(), "first_name", "last_name");
if(email != "") {
existingUser = controller::User::create();
existingUser->load(email);
}
newUser->validatePwd(form.get("password", ""), this);
pwdHashed = newUser->getPwdHashed();
auto privKey = keys.getPrivateKey();
if(privKey) {
privKeyHex = KeyPair::getHex(privKey);
auto privKeyCrypted = newUser->encrypt(privKey);
if(privKeyCrypted) {
privKeyCryptedHex = KeyPair::getHex(privKeyCrypted);
mm->releaseMemory(privKeyCrypted);
if(1 == existingUser->load(email)) {
auto user_model = existingUser->getModel();
pwdHashed = user_model->getPasswordHashed();
if(user_model->hasPrivateKeyEncrypted()) {
privKeyCryptedHex = user_model->getPrivateKeyEncryptedHex();
}
}
}
getErrors(newUser);
delete newUser;
}
@ -139,7 +130,7 @@ void DebugPassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, P
responseStream << "<div class=\"grd_container\">\n";
responseStream << "\t<h1>Debug Passphrase</h1>\n";
responseStream << "\t";
#line 53 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
#line 44 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
responseStream << ( getErrorsHtml() );
responseStream << "\n";
responseStream << "\t<form method=\"POST\">\n";
@ -148,51 +139,51 @@ void DebugPassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, P
responseStream << "\t\t\t<p class=\"grd_small\">\n";
responseStream << "\t\t\t\t<label for=\"email\">E-Mail</label>\n";
responseStream << "\t\t\t\t<input id=\"email\" type=\"email\" name=\"email\" value=\"";
#line 59 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
#line 50 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
responseStream << ( !form.empty() ? form.get("email") : "" );
responseStream << "\"/>\n";
responseStream << "\t\t\t</p>\n";
responseStream << "\t\t\t<p class=\"grd_small\">\n";
responseStream << "\t\t\t\t<label for=\"password\">Passwort</label>\n";
responseStream << "\t\t\t\t<input id=\"password\" type=\"password\" name=\"password\"/>\n";
responseStream << "\t\t\t</p>\n";
responseStream << "\t\t\t<textarea style=\"width:100%;height:100px\" name=\"passphrase\">";
#line 65 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
#line 52 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
responseStream << ( !form.empty() ? form.get("passphrase", "") : "" );
responseStream << "</textarea>\n";
responseStream << "\t\t</fieldset>\n";
responseStream << "\t\t<input class=\"grd-form-bn grd-form-bn-succeed\" type=\"submit\" name=\"submit\" value=\"Debug\">\n";
responseStream << "\t</form>\n";
responseStream << "\t<p>Public key:<br>";
#line 69 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
responseStream << ( keys.getPubkeyHex() );
responseStream << "\t";
#line 56 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
if(keys) { responseStream << "\n";
responseStream << "\t\t<p>Public key:<br>";
#line 57 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
responseStream << ( keys->getPublicKeyHex() );
responseStream << "</p>\n";
responseStream << "\t<p>Private Key:<br>";
#line 70 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
responseStream << ( privKeyHex );
responseStream << "</p>\n";
responseStream << "\t<p>Passwort Hashed:<br>";
#line 71 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
responseStream << ( std::to_string(pwdHashed) );
responseStream << "</p>\n";
responseStream << "\t<p>Private key crypted:<br>";
#line 72 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
responseStream << "\t\t<p>Private key crypted:<br>";
#line 58 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
responseStream << ( privKeyCryptedHex );
responseStream << "</p>\n";
responseStream << "\t";
#line 73 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
if(!existingUser.isNull()) {
auto userModel = existingUser->getModel();
auto dbPubkey = userModel->getPublicKey();
responseStream << "\n";
responseStream << "\t\t<p>user Public: <br>";
#line 77 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
responseStream << ( KeyPair::getHex(dbPubkey, ed25519_pubkey_SIZE) );
responseStream << "\t\t<p>Passwort Hashed:<br>";
#line 59 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
responseStream << ( std::to_string(pwdHashed) );
responseStream << "</p>\n";
responseStream << "\t\t";
#line 60 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
if(!existingUser.isNull()) {
auto userModel = existingUser->getModel();
auto dbPubkey = userModel->getPublicKey();
responseStream << "\n";
responseStream << "\t\t\t<p>user Public: <br>";
#line 64 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
responseStream << ( keys->getPublicKeyHex() );
responseStream << "</p>\n";
responseStream << "\t\t";
#line 65 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
} responseStream << "\n";
responseStream << "\t";
#line 78 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
#line 66 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
} responseStream << "\n";
responseStream << "</div>\n";
#line 68 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
if(keys) delete keys; responseStream << "\n";
// begin include footer.cpsp
responseStream << " <div class=\"center-bottom\">\n";
responseStream << " <p>Copyright © Gradido 2020</p>\n";

2
src/cpp/HTTPInterface/ElopageWebhook.cpp
View File

@ -320,7 +320,7 @@ int HandleElopageRequestTask::run()
mEmail = mRequestData.get("payer[email]", "");
mFirstName = mRequestData.get("payer[first_name]", "");
mLastName = mRequestData.get("payer[last_name]", "");
auto newUser = controller::User::create(mEmail, mFirstName, mLastName);
auto newUser = controller::User::create(mEmail, mFirstName, mLastName, 0);
/* printf("LastName: %s\n", mLastName.data());
for (int i = 0; i < mLastName.size(); i++) {

8
src/cpp/HTTPInterface/Error500Page.cpp
View File

@ -36,9 +36,9 @@ void Error500Page::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Ne
const char* pageName = "Error";
response.setStatusAndReason(Poco::Net::HTTPResponse::HTTP_INTERNAL_SERVER_ERROR);
Poco::AutoPtr<User> user;
Poco::AutoPtr<controller::User> user;
if(mSession) {
auto user = mSession->getUser();
auto user = mSession->getNewUser();
}
// begin include header_old.cpsp
responseStream << "\n";
@ -111,7 +111,7 @@ void Error500Page::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Ne
if(mSession) { responseStream << "\n";
responseStream << "\t\t";
#line 21 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\Error500.cpsp"
responseStream << ( mSession->getErrorsHtml() );
responseStream << ( mSession->getErrorsHtmlNewFormat() );
responseStream << "\n";
responseStream << "\t";
#line 22 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\Error500.cpsp"
@ -121,7 +121,7 @@ void Error500Page::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Ne
if(!user.isNull()) { responseStream << "\n";
responseStream << "\t\t";
#line 24 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\Error500.cpsp"
responseStream << ( user->getErrorsHtml() );
responseStream << ( user->getModel()->getErrorsHtmlNewFormat() );
responseStream << " \n";
responseStream << "\t";
#line 25 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\Error500.cpsp"

31
src/cpp/HTTPInterface/LoginPage.cpp
View File

@ -47,8 +47,8 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
auto langCatalog = lm->getFreeCatalog(lang);
std::string presetEmail("");
if(mSession && mSession->getUser()) {
presetEmail = mSession->getUser()->getEmail();
if(mSession && mSession->getNewUser()) {
presetEmail = mSession->getNewUser()->getModel()->getEmail();
}
if(!form.empty()) {
@ -135,6 +135,9 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
}
sm->deleteLoginCookies(request, response);
break;
case USER_NO_GROUP:
response.redirect(ServerConfig::g_serverPath + "/userUpdateGroup");
return;
case USER_NO_PRIVATE_KEY:
case USER_COMPLETE:
case USER_EMAIL_NOT_ACTIVATED:
@ -234,11 +237,11 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
responseStream << " </div>";
// end include header.cpsp
responseStream << "\n";
#line 160 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 163 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( getErrorsHtml() );
responseStream << "\n";
responseStream << "<!--<input type=\"hidden\" name=\"lang\" value=\"";
#line 161 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 164 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( LanguageManager::keyForLanguage(lang) );
responseStream << "\">-->\n";
responseStream << "<div class=\"center-form-container\">\n";
@ -272,22 +275,22 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
responseStream << "\n";
responseStream << " <div class=\"center-form-form\">\n";
responseStream << "\t\t<form action=\"";
#line 165 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 168 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( ServerConfig::g_serverPath );
responseStream << "/\" method=\"POST\">\n";
responseStream << "\t\t\t<input class=\"form-control\" type=\"text\" name=\"login-email\" placeholder=\"";
#line 166 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 169 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( langCatalog->gettext("E-Mail") );
responseStream << "\" value=\"";
#line 166 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 169 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( presetEmail );
responseStream << "\"/>\n";
responseStream << "\t\t\t<input class=\"form-control\" type=\"password\" name=\"login-password\" placeholder=\"";
#line 167 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 170 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( langCatalog->gettext("Password") );
responseStream << "\" />\n";
responseStream << "\t\t <button type=\"submit\" name=\"submit\" class=\"center-form-submit form-button\">";
#line 168 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 171 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( langCatalog->gettext(" Login ") );
responseStream << "</button>\n";
responseStream << "\t\t</form>\n";
@ -295,25 +298,25 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
responseStream << " <div class=\"center-form-bottom\">\n";
responseStream << " <div class=\"signup-link\">\n";
responseStream << "\t <p>";
#line 173 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 176 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( langCatalog->gettext("You haven't any account yet? Please follow the link to create one.") );
responseStream << "</p>\n";
responseStream << "\t <a href=\"";
#line 174 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 177 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( ServerConfig::g_serverPath );
responseStream << "/registerDirect\">\n";
responseStream << "\t\t\t";
#line 175 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 178 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( langCatalog->gettext("Create New Account") );
responseStream << "\n";
responseStream << "\t\t </a>\n";
responseStream << "\t </div>\n";
responseStream << "\t\t<div class=\"reset-pwd-link\">\n";
responseStream << "\t\t\t<a href=\"";
#line 179 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 182 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( ServerConfig::g_serverPath );
responseStream << "/resetPassword\">";
#line 179 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
#line 182 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\login.cpsp"
responseStream << ( langCatalog->gettext("Passwort vergessen") );
responseStream << "</a>\n";
responseStream << "\t\t</div>\n";

15
src/cpp/HTTPInterface/PageRequestHandlerFactory.cpp
View File

@ -7,7 +7,7 @@
#include "ConfigPage.h"
#include "LoginPage.h"
#include "RegisterPage.h"
//#include "RegisterPage.h"
#include "HandleFileRequest.h"
#include "DashboardPage.h"
#include "CheckEmailPage.h"
@ -16,6 +16,7 @@
#include "ElopageWebhook.h"
#include "ElopageWebhookLight.h"
#include "UpdateUserPasswordPage.h"
#include "UserUpdateGroupPage.h"
#include "Error500Page.h"
#include "CheckTransactionPage.h"
#include "ResetPassword.h"
@ -154,13 +155,9 @@ Poco::Net::HTTPRequestHandler* PageRequestHandlerFactory::createRequestHandler(c
s->setLastReferer(externReferer);
}
model::table::User* userModel = nullptr;
auto user = s->getUser();
auto newUser = s->getNewUser();
if (newUser) userModel = newUser->getModel();
if (s->errorCount() || (!user.isNull() && user->errorCount()) || (userModel && userModel->errorCount())) {
if (!user.isNull() && user->errorCount()) {
s->getErrors(user);
}
if (s->errorCount() || (userModel && userModel->errorCount())) {
if (userModel && userModel->errorCount()) {
s->getErrors(userModel);
}
@ -174,6 +171,12 @@ Poco::Net::HTTPRequestHandler* PageRequestHandlerFactory::createRequestHandler(c
pageRequestHandler->setProfiler(timeUsed);
return pageRequestHandler;
}
if (url_first_part == "/userUpdateGroup") {
auto pageRequestHandler = new UserUpdateGroupPage(s);
pageRequestHandler->setProfiler(timeUsed);
return pageRequestHandler;
}
if (url_first_part == "/transform_passphrase") {
auto pageRequestHandler = new TranslatePassphrase(s);
pageRequestHandler->setProfiler(timeUsed);

145
src/cpp/HTTPInterface/PassphrasePage.cpp
View File

@ -9,7 +9,7 @@
#include "../SingletonManager/SessionManager.h"
#include "../SingletonManager/LanguageManager.h"
#include "../Crypto/KeyPair.h"
#include "../Crypto/KeyPairEd25519.h"
#include "../ServerConfig.h"
//#include "Poco/Net/HTTPServerParams.h"
@ -89,13 +89,15 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
auto registerKeyChoice = form.get("passphrase", "no");
std::string oldPassphrase = "";
if (registerKeyChoice == "no") {
auto oldPassphrase = KeyPair::filterPassphrase(form.get("passphrase-existing", ""));
auto oldPassphrase = Passphrase::filter(form.get("passphrase-existing", ""));
if(oldPassphrase != "") {
if (User::validatePassphrase(oldPassphrase, &wordSource)) {
auto word_source = Passphrase::detectMnemonic(oldPassphrase);
if (word_source) {
// passphrase is valid
if(PAGE_FORCE_ASK_PASSPHRASE == state) {
auto compareResult = mSession->comparePassphraseWithSavedKeys(oldPassphrase, wordSource);
auto compareResult = mSession->comparePassphraseWithSavedKeys(oldPassphrase, word_source);
if(-2 == compareResult) {
response.redirect(ServerConfig::g_serverPath + "/error500");
return;
@ -117,7 +119,8 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
}
}
else if (registerKeyChoice == "yes") {
mSession->generatePassphrase();
auto passphrase = Passphrase::generate(wordSource);
mSession->setPassphrase(passphrase);
}
}
}
@ -125,7 +128,7 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
// double check passphrase
auto passphrase = mSession->getOldPassphrase();
auto langWordSource = wordSource;
if("" != passphrase && !User::validatePassphrase(passphrase, &wordSource)) {
if("" != passphrase && !Passphrase::detectMnemonic(passphrase)) {
addError(new Error("PassphrasePage", "Invalid Passphrase after double check"));
addError(new ParamError("PassphrasePage", "passphrase", passphrase.data()));
if(!mSession->getNewUser().isNull()) {
@ -138,8 +141,8 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
}
//printf("wordSource: %d, langWordSource: %d\n", (int)wordSource, (int)langWordSource);
if(wordSource != langWordSource) {
mSession->generatePassphrase();
User::validatePassphrase(passphrase, &wordSource);
//mSession->generatePassphrase();
mSession->setPassphrase(Passphrase::generate(wordSource));
}
if(mSession->getSessionState() == SESSION_STATE_PASSPHRASE_GENERATED && state != PAGE_ASK_ENSURE_PASSPHRASE) {
@ -159,7 +162,7 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
#line 3 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header.cpsp"
bool withMaterialIcons = false;
#line 138 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 141 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
withMaterialIcons = true; std::ostream& _responseStream = response.send();
Poco::DeflatingOutputStream _gzipStream(_responseStream, Poco::DeflatingStreamBuf::STREAM_GZIP, 1);
std::ostream& responseStream = _compressResponse ? _gzipStream : _responseStream;
@ -251,9 +254,9 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << " <div class=\"grid-body\">";
// end include login_header.cpsp
responseStream << "\n";
#line 139 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 142 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
if(state == PAGE_ASK_ENSURE_PASSPHRASE) { responseStream << "<div style=\"display:none\"> ";
#line 139 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 142 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
} responseStream << "\n";
responseStream << "\t";
// begin include flags.cpsp
@ -283,93 +286,93 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << "</div>";
// end include flags.cpsp
responseStream << "\n";
#line 141 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 144 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
if(state == PAGE_ASK_ENSURE_PASSPHRASE) { responseStream << "</div> ";
#line 141 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 144 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
} responseStream << "\n";
responseStream << "<div class=\"row mb-3\" ";
#line 142 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 145 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
if(state != PAGE_ASK_ENSURE_PASSPHRASE) { responseStream << " style=\"margin-top:70px;\" ";
#line 142 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 145 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
} responseStream << ">\n";
responseStream << "\t<h2 class=\"mx-auto\">";
#line 143 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 146 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( pageTitle );
responseStream << ": ";
#line 143 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 146 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( pageSubtitle );
responseStream << "</h2>\n";
responseStream << "\t";
#line 144 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 147 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
if(state == PAGE_SHOW_PASSPHRASE) { responseStream << "\n";
responseStream << "\t\t<h4 class=\"mx-auto\">";
#line 145 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 148 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Passphrase abschreiben") );
responseStream << "</h4>\n";
responseStream << "\t";
#line 146 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 149 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
} responseStream << "\n";
responseStream << "</div>\n";
responseStream << "<div class=\"item-wrapper\">\n";
responseStream << "\t<div class=\"row mb-3\">\n";
responseStream << "\t";
#line 150 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 153 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
if(state == PAGE_SHOW_PASSPHRASE) { responseStream << "\n";
responseStream << "\t <div class=\"col-md-10 mx-auto\">\n";
responseStream << "\t\t<div class=\"form-group row showcase_row_area\">\n";
responseStream << "\t\t\t<form method=\"POST\" action=\"";
#line 153 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 156 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( uri_start );
responseStream << "/passphrase\">\n";
responseStream << "\t\t\t <div class=\"col-md-12 col-lg-12 \">\n";
responseStream << "\t\t\t\t<div class=\"alert\">\n";
responseStream << "\t\t\t\t <h5 class=\"alert-heading\">";
#line 156 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 159 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Was ist eine Passphrase?") );
responseStream << "</h5>\n";
responseStream << "\t\t\t\t <p>";
#line 157 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 160 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Deine Passphrase besteht aus den im grünen Feld angezeigten Wörtern.") );
responseStream << "</p>\n";
responseStream << "\t\t\t\t <p>";
#line 158 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 161 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Sie dient deiner Sicherheit.") );
responseStream << "</p>\n";
responseStream << "\t\t\t\t <p>";
#line 159 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 162 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Du brauchst deine Passphrase um dein Konto wiederherzustellen, wenn du mal dein Passwort vergessen haben solltest.") );
responseStream << "</p>\n";
responseStream << "\t\t\t\t</div>\n";
responseStream << "\t\t\t\t<h5 class=\"alert-heading\">";
#line 161 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 164 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Deine Passphrase (Groß/Kleinschreibung beachten)") );
responseStream << ":</h5>\n";
responseStream << "\t\t\t\t<div class=\"col-lg-12 col-md-12 mx-auto alert alert-primary\" style=\"text-align:center\">\n";
responseStream << "\t\t\t\t <p>";
#line 163 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( mSession->getPassphrase() );
#line 166 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( mSession->getPassphrase()->getString() );
responseStream << "</p>\n";
responseStream << "\t\t\t\t</div>\n";
responseStream << "\t\t\t\t<div class=\"alert\">\n";
responseStream << "\t\t\t\t <h5 class=\"alert-heading\">";
#line 166 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 169 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Was zu tun ist:") );
responseStream << "</h5>\n";
responseStream << "\t\t\t\t <p>";
#line 167 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 170 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Schreibe dir die obenstehende Passphrase <b>von Hand</b> auf ein Blatt Papier!") );
responseStream << "</p>\n";
responseStream << "\t\t\t\t <p>";
#line 168 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 171 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Speichere sie auf keinen Fall auf deinem Rechner oder Mobilgerät!!") );
responseStream << "</p>\n";
responseStream << "\t\t\t\t <p>";
#line 169 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 172 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Bewahre sie an einem sicheren Ort auf!") );
responseStream << "</p>\n";
responseStream << "\t\t\t\t</div>\n";
responseStream << "\t\t\t\t<input type=\"submit\" class=\"btn btn-sm btn-primary pull-right\" name=\"nextEnsure\" value=\"";
#line 171 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 174 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Weiter") );
responseStream << "\"/>\n";
responseStream << "\t\t\t </div>\n";
@ -377,7 +380,7 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << "\t\t</div>\n";
responseStream << "\t </div>\n";
responseStream << "\t ";
#line 176 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 179 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
} else if(state == PAGE_ASK_ENSURE_PASSPHRASE) { responseStream << "\n";
responseStream << "\t <style type=\"text/css\">\n";
responseStream << "\t\tbutton:disabled {\n";
@ -392,45 +395,45 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << "\t\t\t<div class=\"row mb-3\">\n";
responseStream << "\t\t\t <div class=\"col-md-10 mx-auto\">\n";
responseStream << "\t\t\t\t<form method=\"POST\" action=\"";
#line 189 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 192 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( uri_start );
responseStream << "/passphrase\">\n";
responseStream << "\t\t\t\t <div class=\"form-group row showcase_row_area\">\n";
responseStream << "\t\t\t\t\t<form method=\"POST\" action=\"";
#line 191 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 194 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( uri_start );
responseStream << "/passphrase\">\n";
responseStream << "\t\t\t\t\t\t<div class=\"col-md-12 col-lg-12 \">\n";
responseStream << "\t\t\t\t\t\t <div class=\"alert\">\n";
responseStream << "\t\t\t\t\t\t\t<h5 class=\"alert-heading\">";
#line 194 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 197 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Was zu tun ist:") );
responseStream << "</h5>\n";
responseStream << "\t\t\t\t\t\t\t<p>";
#line 195 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 198 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Hast du dir deine Passphrase gemerkt?") );
responseStream << "</p>\n";
responseStream << "\t\t\t\t\t\t\t<p>";
#line 196 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 199 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Dann zeig es mir. Zur Unterstützung gebe ich dir deine Wörter aber in anderer Reihenfolge.") );
responseStream << "<p>\n";
responseStream << "\t\t\t\t\t\t\t<p>";
#line 197 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 200 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Klicke sie an um sie einzusetzen.") );
responseStream << "</p>\n";
responseStream << "\t\t\t\t\t\t\t<p>";
#line 198 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 201 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Überprüfe dabei, ob du alle Wörter richtig geschrieben hast!") );
responseStream << "</p>\n";
responseStream << "\t\t\t\t\t\t </div>\n";
responseStream << "\t\t\t\t\t\t <div id=\"gradido-mithril-passphrase\"></div>\n";
responseStream << "\t\t\t\t\t\t <noscript>\n";
responseStream << "\t\t\t\t\t\t\t<p>";
#line 202 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 205 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Weil du kein Javascript verwendest geht es direkt weiter. Hast du dir deine Passphrase gemerkt oder aufgeschrieben?") );
responseStream << "</p>\n";
responseStream << "\t\t\t\t\t\t\t<input type=\"submit\" class=\"btn btn-sm btn-primary pull-right\" name=\"btnChecked\" value=\"";
#line 203 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 206 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Ja") );
responseStream << "\"/>\n";
responseStream << "\t\t\t\t\t\t </noscript>\n";
@ -444,23 +447,23 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << "\t\t</div>\n";
responseStream << "\t\t<script type=\"text/javascript\">\n";
responseStream << "\t\t\tvar mnemonicWords = ";
#line 214 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 217 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
wordSource->getSortedWordList().stringify(responseStream); responseStream << ";\n";
responseStream << "\t\t\tvar passphrase = \"";
#line 215 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( mSession->getPassphrase() );
#line 218 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( mSession->getPassphrase()->getString() );
responseStream << "\";\n";
responseStream << "\t\t\tlanguage = \"";
#line 216 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 219 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( lm->keyForLanguage(lang) );
responseStream << "\";\n";
responseStream << "\t\t</script>\n";
responseStream << "\t\t<script src=\"";
#line 218 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 221 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( ServerConfig::g_php_serverPath );
responseStream << "js/ensurePassphrase.min.js\" type=\"text/javascript\"></script>\n";
responseStream << "\t ";
#line 219 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 222 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
} else if(state == PAGE_ASK_PASSPHRASE) { responseStream << "\n";
responseStream << "\t <style type=\"text/css\">\n";
responseStream << "\t\t.hidden-on-load {\n";
@ -492,21 +495,21 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << "\t\t <div class=\"col-md-12 col-lg-12 \">\n";
responseStream << "\t\t\t<div class=\"col-lg-12 col-md-12 mx-auto alert alert-primary\" style=\"text-align:center\">\n";
responseStream << "\t\t\t <p>";
#line 249 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 252 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Deine E-Mail Adresse wurde erfolgreich bestätigt.") );
responseStream << "</p>\n";
responseStream << "\t\t\t</div>\n";
responseStream << "\t\t\t<form method=\"POST\" action=\"";
#line 251 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 254 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( uri_start );
responseStream << "/passphrase\">\n";
responseStream << "\t\t\t\t<div class=\"alert\">\n";
responseStream << "\t\t\t\t <h5 class=\"alert-heading\">";
#line 253 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 256 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Neue Gradido Adresse anlegen / wiederherstellen") );
responseStream << "</h5>\n";
responseStream << "\t\t\t\t <p>";
#line 254 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 257 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Möchtest du ein neues Gradido-Konto anlegen oder ein bestehendes wiederherstellen?") );
responseStream << "</p>\n";
responseStream << "\t\t\t\t \n";
@ -518,7 +521,7 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << "\t\t\t\t\t\t\t\t<label for=\"passphrase-new-yes\" class=\"radio-label mr-4\">\n";
responseStream << "\t\t\t\t\t\t\t\t\t<input id=\"passphrase-new-yes\" name=\"passphrase\" type=\"radio\" value=\"yes\" onchange=\"showHidePassphraseCointainer(this);\" checked/>\n";
responseStream << "\t\t\t\t\t\t\t\t\t";
#line 263 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 266 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Neues Konto anlegen") );
responseStream << "\n";
responseStream << "\t\t\t\t\t\t\t\t\t<i class=\"input-frame\"></i>\n";
@ -528,7 +531,7 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << "\t\t\t\t\t\t\t\t<label for=\"passphrase-new-no\" class=\"radio-label mr-4\">\n";
responseStream << "\t\t\t\t\t\t\t\t\t<input id=\"passphrase-new-no\" name=\"passphrase\" type=\"radio\" value=\"no\" onchange=\"showHidePassphraseCointainer(this);\"/>\n";
responseStream << "\t\t\t\t\t\t\t\t\t";
#line 270 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 273 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Bestehendes Konto wiederherstellen") );
responseStream << "\n";
responseStream << "\t\t\t\t\t\t\t\t\t<i class=\"input-frame\"></i>\n";
@ -538,18 +541,18 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << "\t\t\t\t\t\t<div id=\"passphrase-existing-container\" class=\"hidden-on-load\">\n";
responseStream << "\t\t\t\t\t\t\t<label for=\"passphrase-existing\">\n";
responseStream << "\t\t\t\t\t\t\t\t";
#line 277 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 280 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Falls du ein bestehendes Konto wiederherstellen willst, gib hier deine Passphrase ein:") );
responseStream << "\n";
responseStream << "\t\t\t\t\t\t\t\t<i class=\"input-frame\"></i>\n";
responseStream << "\t\t\t\t\t\t\t</label>\n";
responseStream << "\t\t\t\t\t\t\t<textarea id=\"passphrase-existing\" class=\"form-control\" name=\"passphrase-existing\" cols=\"12\" rows=\"5\">";
#line 280 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 283 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( !form.empty() ? form.get("passphrase-existing", "") : "" );
responseStream << "</textarea>\n";
responseStream << "\t\t\t\t\t\t</div>\n";
responseStream << "\t\t\t\t\t\t<button type=\"submit\" class=\"btn btn-sm btn-primary pull-right\" name=\"submit\">";
#line 282 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 285 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Weiter") );
responseStream << "</button>\n";
responseStream << "\t\t\t\t\t</div>\n";
@ -557,40 +560,40 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << "\t\t\t</form>\n";
responseStream << "\t\t </div>\n";
responseStream << "\t\t <!--<a href=\"";
#line 287 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 290 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( uri_start );
responseStream << "/passphrase\" class=\"btn btn-sm btn-primary pull-right\" name=\"next\">";
#line 287 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 290 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Weiter") );
responseStream << "</a>-->\n";
responseStream << "\t\t</div>\n";
responseStream << "\t </div>\n";
responseStream << "\t ";
#line 290 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 293 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
} else if(state == PAGE_FORCE_ASK_PASSPHRASE) { responseStream << "\n";
responseStream << "\t <div class=\"col-md-10 mx-auto\">\n";
responseStream << "\t\t<div class=\"form-group row showcase_row_area\">\n";
responseStream << "\t\t <div class=\"col-md-12 col-lg-12 \">\n";
responseStream << "\t\t\t<h5 class=\"alert-heading\">";
#line 294 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 297 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Konto wiederherstellen / Neues Passwort anlegen") );
responseStream << "</h5>\n";
responseStream << "\t\t\t<div class=\"col-lg-12 col-md-12 mx-auto alert alert-primary\" style=\"text-align:center\">\n";
responseStream << "\t\t\t <p>";
#line 296 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 299 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Um dein Konto wiederherzustellen und dir ein Neues Passwort auswählen zu können, tippe hier bitte die Wörter deiner Passphrase in der richtigen Reihenfolge ein, welche du dir aufgeschrieben hast.") );
responseStream << "</p>\n";
responseStream << "\t\t\t</div>\n";
responseStream << "\t\t\t<form method=\"POST\" action=\"";
#line 298 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 301 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( uri_start );
responseStream << "/passphrase\">\n";
responseStream << "\t\t\t\t<textarea class=\"form-control\" name=\"passphrase-existing\" cols=\"12\" rows=\"5\">";
#line 299 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 302 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( !form.empty() ? form.get("passphrase-existing", "") : "" );
responseStream << "</textarea>\n";
responseStream << "\t\t\t\t<button type=\"submit\" class=\"btn btn-sm btn-primary pull-right\" name=\"submit\">";
#line 300 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 303 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Weiter") );
responseStream << "</button>\n";
responseStream << "\t\t\t</form>\n";
@ -598,18 +601,18 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << "\t\t</div>\n";
responseStream << "\t </div>\n";
responseStream << "\t ";
#line 305 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 308 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
} else { responseStream << "\n";
responseStream << "\t\t<div class=\"col-md-10 mx-auto\">\n";
responseStream << "\t\t\t<div class=\"form-group row showcase_row_area\">\n";
responseStream << "\t\t\t <div class=\"col-md-12 col-lg-12 \">\n";
responseStream << "\t\t\t\t<div class=\"col-lg-8 col-md-10 mx-auto alert alert-danger\" style=\"text-align:center\">\n";
responseStream << "\t\t\t\t <h5 class=\"alert-heading\">";
#line 310 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 313 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Fehler") );
responseStream << "</h5>\n";
responseStream << "\t\t\t\t <p>";
#line 311 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 314 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
responseStream << ( gettext("Ungültige Seite, wenn du das siehst stimmt hier etwas nicht. Bitte wende dich an den Server-Admin.") );
responseStream << "</p>\n";
responseStream << "\t\t\t\t</div>\n";
@ -617,7 +620,7 @@ void PassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
responseStream << "\t\t\t</div>\n";
responseStream << "\t\t</div>\n";
responseStream << "\t ";
#line 316 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
#line 319 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\passphrase.cpsp"
} responseStream << "\n";
responseStream << "\t</div>\n";
responseStream << "</div>\n";

47
src/cpp/HTTPInterface/PassphrasedTransaction.cpp
View File

@ -9,7 +9,7 @@
#include "../SingletonManager/MemoryManager.h"
#include "../SingletonManager/SessionManager.h"
#include "../Crypto/KeyPair.h"
#include "../Crypto/KeyPairEd25519.h"
#include "../ServerConfig.h"
#include "Poco/JSON/Object.h"
@ -39,29 +39,28 @@ void PassphrasedTransaction::handleRequest(Poco::Net::HTTPServerRequest& request
std::string pageName = "Gradidos mit Passphrase überweisen";
PageState state = PAGE_STATE_INPUT;
Mnemonic* wordSource = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER];
Mnemonic* wordSource = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER_FIXED_CASES];
auto sm = SessionManager::getInstance();
auto mm = MemoryManager::getInstance();
std::string errorString ="";
if(!form.empty()) {
auto passphrase = form.get("passphrase", "");
bool passphraseValid = User::validatePassphrase(passphrase, &wordSource);
auto passphrase_obj = Passphrase::create(passphrase, wordSource);
bool keysGenerated = false;
KeyPair keys;
if(!passphraseValid)
{
KeyPairEd25519* keys = nullptr;
if(!passphrase_obj.isNull()) {
addError(new Error("Passphrase", "Fehler beim validieren der Passphrase"));
}
else
{
keysGenerated = keys.generateFromPassphrase(passphrase.data(), wordSource);
if(!keysGenerated)
else {
keys = KeyPairEd25519::create(passphrase_obj);
if(!keys)
{
addError(new Error("Passphrase", "Konnte keine Keys aus der Passphrase generieren"));
}
}
if(passphraseValid && keysGenerated)
if(keys)
{
// create session only for transaction
int session_id = 0;
@ -69,7 +68,7 @@ void PassphrasedTransaction::handleRequest(Poco::Net::HTTPServerRequest& request
// create payload
Poco::JSON::Object requestJson;
Poco::JSON::Object pubkeys;
pubkeys.set("sender", keys.getPubkeyHex());
pubkeys.set("sender", keys->getPublicKeyHex());
pubkeys.set("receiver", form.get("recevier", ""));
requestJson.set("method", "moveTransaction");
requestJson.set("pubkeys", pubkeys);
@ -145,6 +144,8 @@ void PassphrasedTransaction::handleRequest(Poco::Net::HTTPServerRequest& request
if(session) {
sm->releaseSession(session);
}
delete keys;
keys = nullptr;
}
}
@ -217,39 +218,39 @@ void PassphrasedTransaction::handleRequest(Poco::Net::HTTPServerRequest& request
responseStream << "</div>\n";
// end include header_old.cpsp
responseStream << "\n";
#line 137 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
#line 138 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
if("" == errorString) { responseStream << "\n";
responseStream << "\t";
#line 138 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
#line 139 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
responseStream << ( errorString );
responseStream << "\n";
#line 139 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
#line 140 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
} responseStream << "\n";
responseStream << "<div class=\"grd_container\">\n";
responseStream << "\t";
#line 141 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
#line 142 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
responseStream << ( getErrorsHtml() );
responseStream << "\n";
responseStream << "\t";
#line 142 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
#line 143 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
if(PAGE_STATE_INPUT == state) { responseStream << "\n";
responseStream << "\t\n";
responseStream << "\t\t<fieldset class=\"grd_container_small\">\n";
responseStream << "\t\t<form method=\"POST\">\n";
responseStream << "\t\t\t<p><label style=\"width:auto\" for=\"passphrase\">Sender Passphrase</label></p>\n";
responseStream << "\t\t\t<p><textarea style=\"width:100%;height:100px\" name=\"passphrase\">";
#line 147 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
#line 148 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
responseStream << ( !form.empty() ? form.get("passphrase", "") : "" );
responseStream << "</textarea></p>\n";
responseStream << "\t\t\t<p><label style=\"width:auto\" for=\"memo-text\">Verwendungszweck für Überweisung:</label></p>\n";
responseStream << "\t\t\t<p><textarea name=\"memo\" id=\"memo-text\" rows=\"4\">";
#line 149 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
#line 150 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
responseStream << ( !form.empty() ? form.get("memo-text", "") : "" );
responseStream << "</textarea></p>\n";
responseStream << "\t\t\t<p class=\"grd_small\">\n";
responseStream << "\t\t\t\t<label for=\"recevier\">Empfänger Public Key Hex</label>\n";
responseStream << "\t\t\t\t<input id=\"recevier\" type=\"recevier\" recevier=\"email\" value=\"";
#line 152 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
#line 153 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
responseStream << ( !form.empty() ? form.get("recevier") : "" );
responseStream << "\"/>\n";
responseStream << "\t\t\t</p>\n";
@ -257,15 +258,15 @@ void PassphrasedTransaction::handleRequest(Poco::Net::HTTPServerRequest& request
responseStream << "\t\t</form>\n";
responseStream << "\t\t</fieldset>\n";
responseStream << "\t";
#line 157 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
#line 158 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
} else if(PAGE_STATE_SUCCESS == state) { responseStream << "\n";
responseStream << "\t\t<p>Gradidos wurden erfolgreich überwiesen.</p>\n";
responseStream << "\t\t<a href=\"";
#line 159 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
#line 160 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
responseStream << ( ServerConfig::g_serverPath );
responseStream << "/passphrased_transaction\">Weitere Gradidos überweisen</a>\n";
responseStream << "\t";
#line 160 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
#line 161 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\PassphrasedTransaction.cpsp"
} responseStream << "\n";
responseStream << "</div>\n";
// begin include footer.cpsp

25
src/cpp/HTTPInterface/PassphrasedTransaction.cpsp
View File

@ -6,7 +6,7 @@
<%!
#include "../SingletonManager/MemoryManager.h"
#include "../SingletonManager/SessionManager.h"
#include "../Crypto/KeyPair.h"
#include "../Crypto/KeyPairEd25519.h"
#include "../ServerConfig.h"
#include "Poco/JSON/Object.h"
@ -23,29 +23,28 @@ enum PageState {
<%%
std::string pageName = "Gradidos mit Passphrase überweisen";
PageState state = PAGE_STATE_INPUT;
Mnemonic* wordSource = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER];
Mnemonic* wordSource = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER_FIXED_CASES];
auto sm = SessionManager::getInstance();
auto mm = MemoryManager::getInstance();
std::string errorString ="";
if(!form.empty()) {
auto passphrase = form.get("passphrase", "");
bool passphraseValid = User::validatePassphrase(passphrase, &wordSource);
auto passphrase_obj = Passphrase::create(passphrase, wordSource);
bool keysGenerated = false;
KeyPair keys;
if(!passphraseValid)
{
KeyPairEd25519* keys = nullptr;
if(!passphrase_obj.isNull()) {
addError(new Error("Passphrase", "Fehler beim validieren der Passphrase"));
}
else
{
keysGenerated = keys.generateFromPassphrase(passphrase.data(), wordSource);
if(!keysGenerated)
else {
keys = KeyPairEd25519::create(passphrase_obj);
if(!keys)
{
addError(new Error("Passphrase", "Konnte keine Keys aus der Passphrase generieren"));
}
}
if(passphraseValid && keysGenerated)
if(keys)
{
// create session only for transaction
int session_id = 0;
@ -53,7 +52,7 @@ enum PageState {
// create payload
Poco::JSON::Object requestJson;
Poco::JSON::Object pubkeys;
pubkeys.set("sender", keys.getPubkeyHex());
pubkeys.set("sender", keys->getPublicKeyHex());
pubkeys.set("receiver", form.get("recevier", ""));
requestJson.set("method", "moveTransaction");
requestJson.set("pubkeys", pubkeys);
@ -129,6 +128,8 @@ enum PageState {
if(session) {
sm->releaseSession(session);
}
delete keys;
keys = nullptr;
}
}

68
src/cpp/HTTPInterface/RegisterAdminPage.cpp
View File

@ -8,7 +8,11 @@
#line 7 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
#include "../SingletonManager/SessionManager.h"
#include "../controller/Group.h"
#include "../lib/DataTypeConverter.h"
#include "Poco/Net/HTTPCookie.h"
#line 1 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
#include "../ServerConfig.h"
@ -28,21 +32,36 @@ void RegisterAdminPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poc
if (_compressResponse) response.set("Content-Encoding", "gzip");
Poco::Net::HTMLForm form(request, request.stream());
#line 11 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
#line 15 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
const char* pageName = "Admin Registrieren";
//auto sm = SessionManager::getInstance();
auto sm = SessionManager::getInstance();
bool userReturned = false;
if(!form.empty()) {
userReturned = mSession->adminCreateUser(
form.get("register-first-name", ""),
form.get("register-last-name", ""),
form.get("register-email", "")
);
getErrors(mSession);
auto group_id_string = form.get("register-group", "0");
int group_id = 0;
if(!sm->isValid(group_id_string, VALIDATE_ONLY_INTEGER)) {
addError(new Error("Group id", "group_id not integer"));
} else {
if(DataTypeConverter::strToInt(group_id_string, group_id) != DataTypeConverter::NUMBER_PARSE_OKAY) {
addError(new Error("Int Convert Error", "Error converting group_id to int"));
}
}
if(!errorCount()) {
userReturned = mSession->adminCreateUser(
form.get("register-first-name", ""),
form.get("register-last-name", ""),
form.get("register-email", ""),
group_id
);
getErrors(mSession);
}
}
auto groups = controller::Group::listAll();
std::ostream& _responseStream = response.send();
@ -116,11 +135,11 @@ void RegisterAdminPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poc
responseStream << "<div class=\"grd_container\">\n";
responseStream << "\t<h1>Einen neuen Account anlegen</h1>\n";
responseStream << "\t";
#line 30 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
#line 49 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
responseStream << ( getErrorsHtml() );
responseStream << "\n";
responseStream << "\t";
#line 31 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
#line 50 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
if(!form.empty() && userReturned) { responseStream << "\n";
responseStream << "\t\t<div class=\"grd_text-max-width\">\n";
responseStream << "\t\t\t<div class=\"grd_text\">\n";
@ -128,7 +147,7 @@ void RegisterAdminPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poc
responseStream << "\t\t\t</div>\n";
responseStream << "\t\t</div>\n";
responseStream << "\t";
#line 37 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
#line 56 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
} else { responseStream << "\n";
responseStream << "\t<form method=\"POST\">\n";
responseStream << "\t\t\n";
@ -138,30 +157,49 @@ void RegisterAdminPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poc
responseStream << "\t\t\t<p class=\"grd_small\">\n";
responseStream << "\t\t\t\t<label for=\"register-first-name\">Vorname</label>\n";
responseStream << "\t\t\t\t<input id=\"register-first-name\" type=\"text\" name=\"register-first-name\" value=\"";
#line 45 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
#line 64 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
responseStream << ( !form.empty() ? form.get("register-first-name") : "" );
responseStream << "\"/>\n";
responseStream << "\t\t\t</p>\n";
responseStream << "\t\t\t<p class=\"grd_small\">\n";
responseStream << "\t\t\t\t<label for=\"register-last-name\">Nachname</label>\n";
responseStream << "\t\t\t\t<input id=\"register-last-name\" type=\"text\" name=\"register-last-name\" value=\"";
#line 49 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
#line 68 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
responseStream << ( !form.empty() ? form.get("register-last-name") : "" );
responseStream << "\"/>\n";
responseStream << "\t\t\t</p>\n";
responseStream << "\t\t\t<p class=\"grd_small\">\n";
responseStream << "\t\t\t\t<label for=\"register-email\">E-Mail</label>\n";
responseStream << "\t\t\t\t<input id=\"register-email\" type=\"email\" name=\"register-email\" value=\"";
#line 53 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
#line 72 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
responseStream << ( !form.empty() ? form.get("register-email") : "" );
responseStream << "\"/>\n";
responseStream << "\t\t\t</p>\n";
responseStream << "\t\t\t<select class=\"form-control\" name=\"register-group\">\n";
responseStream << "\t\t\t\t";
#line 75 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
for(auto it = groups.begin(); it != groups.end(); it++) {
auto group_model = (*it)->getModel(); responseStream << "\n";
responseStream << "\t\t\t\t\t<option title=\"";
#line 77 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
responseStream << ( group_model->getDescription() );
responseStream << "\" value=\"";
#line 77 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
responseStream << ( group_model->getID() );
responseStream << "\">";
#line 77 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
responseStream << ( group_model->getName() );
responseStream << "</option>\n";
responseStream << "\t\t\t\t";
#line 78 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
} responseStream << "\n";
responseStream << "\t\t\t</select>\n";
responseStream << "\t\t</fieldset>\n";
responseStream << "\t\t<input class=\"grd-form-bn grd-form-bn-succeed\" type=\"submit\" name=\"submit\" value=\"Anmelden\">\n";
responseStream << "\t\t\n";
responseStream << "\t</form>\n";
responseStream << "\t";
#line 59 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
#line 84 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerAdmin.cpsp"
} responseStream << "\n";
responseStream << "</div>\n";
// begin include footer.cpsp

48
src/cpp/HTTPInterface/RegisterDirectPage.cpp
View File

@ -8,7 +8,10 @@
#line 6 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
#include "../SingletonManager/SessionManager.h"
#include "../controller/Group.h"
#include "../lib/DataTypeConverter.h"
#include "Poco/Net/HTTPCookie.h"
#line 1 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header.cpsp"
#include "../ServerConfig.h"
@ -22,7 +25,7 @@ void RegisterDirectPage::handleRequest(Poco::Net::HTTPServerRequest& request, Po
if (_compressResponse) response.set("Content-Encoding", "gzip");
Poco::Net::HTMLForm form(request, request.stream());
#line 10 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
#line 13 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
const char* pageName = "Registrieren";
auto sm = SessionManager::getInstance();
@ -40,12 +43,22 @@ void RegisterDirectPage::handleRequest(Poco::Net::HTTPServerRequest& request, Po
session->setClientIp(user_host);
response.addCookie(session->getLoginCookie());
}
auto group_id_string = form.get("register-group", "0");
int group_id = 0;
if(!sm->isValid(group_id_string, VALIDATE_ONLY_INTEGER)) {
addError(new Error("Group id", "group_id not integer"));
} else {
if(DataTypeConverter::strToInt(group_id_string, group_id) != DataTypeConverter::NUMBER_PARSE_OKAY) {
addError(new Error("Int Convert Error", "Error converting group_id to int"));
}
}
userReturned = session->createUserDirect(
form.get("register-first-name", ""),
form.get("register-last-name", ""),
form.get("register-email", ""),
form.get("register-password", "")
form.get("register-password", ""),
group_id
);
getErrors(session);
@ -64,6 +77,9 @@ void RegisterDirectPage::handleRequest(Poco::Net::HTTPServerRequest& request, Po
// remove old cookies if exist
sm->deleteLoginCookies(request, response);
}
auto groups = controller::Group::listAll();
#line 3 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header.cpsp"
bool withMaterialIcons = false;
@ -121,7 +137,7 @@ void RegisterDirectPage::handleRequest(Poco::Net::HTTPServerRequest& request, Po
responseStream << " </div>";
// end include header.cpsp
responseStream << "\n";
#line 52 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
#line 68 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
responseStream << ( getErrorsHtml() );
responseStream << "\n";
responseStream << "<div class=\"center-form-container\">\n";
@ -133,23 +149,43 @@ void RegisterDirectPage::handleRequest(Poco::Net::HTTPServerRequest& request, Po
responseStream << "\t\t\t<p>Bitte gib deine Daten um einen Account anzulegen:</p>\n";
responseStream << "\t\t\t<label class=\"form-label\" for=\"register-first-name\">Vorname</label>\n";
responseStream << "\t\t\t<input class=\"form-control\" id=\"register-first-name\" type=\"text\" name=\"register-first-name\" value=\"";
#line 61 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
#line 77 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
responseStream << ( !form.empty() ? form.get("register-first-name") : "" );
responseStream << "\"/>\n";
responseStream << "\t\t\t<label class=\"form-label\" for=\"register-last-name\">Nachname</label>\n";
responseStream << "\t\t\t<input class=\"form-control\" id=\"register-last-name\" type=\"text\" name=\"register-last-name\" value=\"";
#line 63 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
#line 79 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
responseStream << ( !form.empty() ? form.get("register-last-name") : "" );
responseStream << "\"/>\n";
responseStream << "\t\t\t<label class=\"form-label\" for=\"register-email\">E-Mail</label>\n";
responseStream << "\t\t\t<input class=\"form-control\" id=\"register-email\" type=\"email\" name=\"register-email\" value=\"";
#line 65 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
#line 81 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
responseStream << ( !form.empty() ? form.get("register-email") : "" );
responseStream << "\"/>\n";
responseStream << "\t\t\t<label class=\"form-label\" for=\"register-password\">Passwort</label>\n";
responseStream << "\t\t\t<input class=\"form-control\" id=\"register-password\" type=\"password\" name=\"register-password\"/>\n";
responseStream << "\t\t\t<label class=\"form-label\" for=\"register-password\">Passwort Best&auml;tigung</label>\n";
responseStream << "\t\t\t<input class=\"form-control\" id=\"register-password2\" type=\"password\" name=\"register-password2\"/>\n";
responseStream << "\t\t\t<select class=\"form-control\" name=\"register-group\">\n";
responseStream << "\t\t\t\t<option value=\"0\">Keine Gruppe</option>\n";
responseStream << "\t\t\t\t";
#line 88 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
for(auto it = groups.begin(); it != groups.end(); it++) {
auto group_model = (*it)->getModel(); responseStream << "\n";
responseStream << "\t\t\t\t\t<option title=\"";
#line 90 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
responseStream << ( group_model->getDescription() );
responseStream << "\" value=\"";
#line 90 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
responseStream << ( group_model->getID() );
responseStream << "\">";
#line 90 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
responseStream << ( group_model->getName() );
responseStream << "</option>\n";
responseStream << "\t\t\t\t";
#line 91 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\registerDirect.cpsp"
} responseStream << "\n";
responseStream << "\t\t\t</select>\n";
responseStream << "\t\t\t<input class=\"center-form-submit form-button\" type=\"submit\" name=\"submit\" value=\"Anmelden\">\n";
responseStream << "\t</form>\n";
responseStream << "</div>\n";

211
src/cpp/HTTPInterface/RegisterPage.cpp
View File

@ -1,211 +0,0 @@
#include "RegisterPage.h"
#include "Poco/Net/HTTPServerRequest.h"
#include "Poco/Net/HTTPServerResponse.h"
#include "Poco/Net/HTMLForm.h"
#include "Poco/DeflatingStream.h"
#line 6 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\register.cpsp"
#include "../SingletonManager/SessionManager.h"
#include "Poco/Net/HTTPCookie.h"
#line 1 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
#include "../ServerConfig.h"
void RegisterPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response)
{
response.setChunkedTransferEncoding(true);
response.setContentType("text/html");
bool _compressResponse(request.hasToken("Accept-Encoding", "gzip"));
if (_compressResponse) response.set("Content-Encoding", "gzip");
Poco::Net::HTMLForm form(request, request.stream());
#line 10 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\register.cpsp"
const char* pageName = "Registrieren";
auto sm = SessionManager::getInstance();
bool userReturned = false;
if(!form.empty()) {
if(form.get("register-password2", "") != form.get("register-password", "")) {
addError(new Error("Passwort", "Passw&ouml;rter sind nicht identisch."), false);
} else {
auto session = sm->getSession(request);
if(!session) {
session = sm->getNewSession();
auto user_host = request.clientAddress().host();
session->setClientIp(user_host);
response.addCookie(session->getLoginCookie());
}
userReturned = session->createUser(
form.get("register-first-name", ""),
form.get("register-last-name", ""),
form.get("register-email", ""),
form.get("register-password", "")
);
getErrors(session);
}
} else {
// on enter login page with empty form
// remove old cookies if exist
sm->deleteLoginCookies(request, response);
}
std::ostream& _responseStream = response.send();
Poco::DeflatingOutputStream _gzipStream(_responseStream, Poco::DeflatingStreamBuf::STREAM_GZIP, 1);
std::ostream& responseStream = _compressResponse ? _gzipStream : _responseStream;
responseStream << "\n";
// begin include header_old.cpsp
responseStream << "\n";
responseStream << "<!DOCTYPE html>\n";
responseStream << "<html>\n";
responseStream << "<head>\n";
responseStream << "<meta charset=\"UTF-8\">\n";
responseStream << "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n";
responseStream << "<title>Gradido Login Server: ";
#line 9 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
responseStream << ( pageName );
responseStream << "</title>\n";
responseStream << "<!--<link rel=\"stylesheet\" type=\"text/css\" href=\"css/styles.min.css\">-->\n";
responseStream << "<link rel=\"stylesheet\" type=\"text/css\" href=\"";
#line 11 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
responseStream << ( ServerConfig::g_php_serverPath );
responseStream << "/css/styles.css\">\n";
responseStream << "<style type=\"text/css\" >\n";
responseStream << ".grd_container\n";
responseStream << "{\n";
responseStream << " max-width:820px;\n";
responseStream << " margin-left:auto;\n";
responseStream << " margin-right:auto;\n";
responseStream << "}\n";
responseStream << "\n";
responseStream << "input:not([type='radio']) {\n";
responseStream << "\twidth:200px;\n";
responseStream << "}\n";
responseStream << "label:not(.grd_radio_label) {\n";
responseStream << "\twidth:80px;\n";
responseStream << "\tdisplay:inline-block;\n";
responseStream << "}\n";
responseStream << ".grd_container_small\n";
responseStream << "{\n";
responseStream << " max-width:500px;\n";
responseStream << "}\n";
responseStream << ".grd_text {\n";
responseStream << " max-width:550px;\n";
responseStream << " margin-bottom: 5px;\n";
responseStream << "}\n";
responseStream << ".dev-info {\n";
responseStream << "\tposition: fixed;\n";
responseStream << "\tcolor:grey;\n";
responseStream << "\tfont-size: smaller;\n";
responseStream << "\tleft:8px;\n";
responseStream << "}\n";
responseStream << ".grd-time-used { \n";
responseStream << " bottom:0;\n";
responseStream << "} \n";
responseStream << "\n";
responseStream << ".versionstring {\n";
responseStream << "\ttop:0;\n";
responseStream << "}\n";
responseStream << "</style>\n";
responseStream << "</head>\n";
responseStream << "<body>\n";
responseStream << "<div class=\"versionstring dev-info\">\n";
responseStream << "\t<p class=\"grd_small\">Login Server in Entwicklung</p>\n";
responseStream << "\t<p class=\"grd_small\">Alpha ";
#line 53 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
responseStream << ( ServerConfig::g_versionString );
responseStream << "</p>\n";
responseStream << "</div>\n";
// end include header_old.cpsp
responseStream << "\n";
responseStream << "<div class=\"grd_container\">\n";
responseStream << "\t<h1>Einen neuen Account anlegen</h1>\n";
responseStream << "\t";
#line 45 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\register.cpsp"
responseStream << ( getErrorsHtml() );
responseStream << "\n";
responseStream << "\t";
#line 46 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\register.cpsp"
if(!form.empty() && userReturned) { responseStream << "\n";
responseStream << "\t\t<div class=\"grd_text-max-width\">\n";
responseStream << "\t\t\t<div class=\"grd_text\">\n";
responseStream << "\t\t\t\tDeine Anmeldung wird verarbeitet und es wird dir eine E-Mail zugeschickt. \n";
responseStream << "\t\t\t\tWenn sie da ist, befolge ihren Anweisungen. \n";
responseStream << "\t\t\t</div>\n";
responseStream << "\t\t</div>\n";
responseStream << "\t";
#line 53 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\register.cpsp"
} else { responseStream << "\n";
responseStream << "\t<form method=\"POST\">\n";
responseStream << "\t\t\n";
responseStream << "\t\t<fieldset class=\"grd_container_small\">\n";
responseStream << "\t\t\t<legend>Account anlegen</legend>\n";
responseStream << "\t\t\t<p>Bitte gebe deine Daten um einen Account anzulegen</p>\n";
responseStream << "\t\t\t<p class=\"grd_small\">\n";
responseStream << "\t\t\t\t<label for=\"register-first-name\">Vorname</label>\n";
responseStream << "\t\t\t\t<input id=\"register-first-name\" type=\"text\" name=\"register-first-name\" value=\"";
#line 61 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\register.cpsp"
responseStream << ( !form.empty() ? form.get("register-first-name") : "" );
responseStream << "\"/>\n";
responseStream << "\t\t\t</p>\n";
responseStream << "\t\t\t<p class=\"grd_small\">\n";
responseStream << "\t\t\t\t<label for=\"register-last-name\">Nachname</label>\n";
responseStream << "\t\t\t\t<input id=\"register-last-name\" type=\"text\" name=\"register-last-name\" value=\"";
#line 65 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\register.cpsp"
responseStream << ( !form.empty() ? form.get("register-last-name") : "" );
responseStream << "\"/>\n";
responseStream << "\t\t\t</p>\n";
responseStream << "\t\t\t<p class=\"grd_small\">\n";
responseStream << "\t\t\t\t<label for=\"register-email\">E-Mail</label>\n";
responseStream << "\t\t\t\t<input id=\"register-email\" type=\"email\" name=\"register-email\" value=\"";
#line 69 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\register.cpsp"
responseStream << ( !form.empty() ? form.get("register-email") : "" );
responseStream << "\"/>\n";
responseStream << "\t\t\t</p>\n";
responseStream << "\t\t\t<p class=\"grd_small\">\n";
responseStream << "\t\t\t\t<label for=\"register-password\">Passwort</label>\n";
responseStream << "\t\t\t\t<input id=\"register-password\" type=\"password\" name=\"register-password\"/>\n";
responseStream << "\t\t\t</p>\n";
responseStream << "\t\t\t<p class=\"grd_small\">\n";
responseStream << "\t\t\t\t<label for=\"register-password\">Passwort Best&auml;tigung</label>\n";
responseStream << "\t\t\t\t<input id=\"register-password2\" type=\"password\" name=\"register-password2\"/>\n";
responseStream << "\t\t\t</p>\n";
responseStream << "\t\t</fieldset>\n";
responseStream << "\t\t<input class=\"grd-form-bn grd-form-bn-succeed\" type=\"submit\" name=\"submit\" value=\"Anmelden\">\n";
responseStream << "\t\t\n";
responseStream << "\t</form>\n";
responseStream << "\t";
#line 83 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\register.cpsp"
} responseStream << "\n";
responseStream << "</div>\n";
// begin include footer.cpsp
responseStream << " <div class=\"center-bottom\">\n";
responseStream << " <p>Copyright © Gradido 2020</p>\n";
responseStream << " </div>\n";
responseStream << " </div>\n";
responseStream << " <div class=\"bottomleft\">\n";
responseStream << " ";
#line 6 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\footer.cpsp"
responseStream << ( mTimeProfiler.string() );
responseStream << "\n";
responseStream << " </div>\n";
responseStream << " <div class=\"bottomright\">\n";
responseStream << " <p>Login Server in Entwicklung</p>\n";
responseStream << " <p>Alpha ";
#line 10 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\footer.cpsp"
responseStream << ( ServerConfig::g_versionString );
responseStream << "</p>\n";
responseStream << " </div>\n";
responseStream << " </div>\n";
responseStream << "</body>\n";
responseStream << "\n";
responseStream << "</html>";
// end include footer.cpsp
responseStream << "\n";
if (_compressResponse) _gzipStream.close();
}

18
src/cpp/HTTPInterface/RegisterPage.h
View File

@ -1,18 +0,0 @@
#ifndef RegisterPage_INCLUDED
#define RegisterPage_INCLUDED
#include "Poco/Net/HTTPRequestHandler.h"
#include "PageRequestMessagedHandler.h"
class RegisterPage: public PageRequestMessagedHandler
{
public:
void handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response);
};
#endif // RegisterPage_INCLUDED

29
src/cpp/HTTPInterface/SaveKeysPage.cpp
View File

@ -40,7 +40,8 @@ void SaveKeysPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Ne
const char* pageName = "Daten auf Server speichern?";
bool hasErrors = mSession->errorCount() > 0;
// crypto key only in memory, if user has tipped in his passwort in this session
bool hasPassword = mSession->getUser()->hasCryptoKey();
auto user = mSession->getNewUser();
bool hasPassword = user->getModel()->hasPrivateKeyEncrypted();
PageState state = PAGE_ASK;
auto uri_start = ServerConfig::g_php_serverPath;//request.serverParams().getServerName();
@ -161,11 +162,11 @@ void SaveKeysPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Ne
responseStream << "<div class=\"grd_container\">\n";
responseStream << "\t<h1>Daten speichern</h1>\n";
responseStream << "\t";
#line 75 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
#line 76 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
responseStream << ( getErrorsHtml() );
responseStream << "\n";
responseStream << "\t";
#line 76 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
#line 77 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
if(state == PAGE_ASK) { responseStream << "\n";
responseStream << "\t<form method=\"POST\">\n";
responseStream << "\t\t<fieldset>\n";
@ -180,7 +181,7 @@ void SaveKeysPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Ne
responseStream << "\t\t\t\t<label class=\"grd_radio_label\" for=\"save-privkey-yes\">Ja, bitte speichern!</label>\n";
responseStream << "\t\t\t</p>\n";
responseStream << "\t\t\t";
#line 89 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
#line 90 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
if(!hasPassword) { responseStream << "\n";
responseStream << "\t\t\t\t<p>Ich brauche nochmal dein Passwort wenn du dich für ja entscheidest.</p>\n";
responseStream << "\t\t\t\t<p class=\"grd_small\">\n";
@ -188,7 +189,7 @@ void SaveKeysPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Ne
responseStream << "\t\t\t\t\t<input id=\"save-privkey-password\" type=\"password\" name=\"save-privkey-password\"/>\n";
responseStream << "\t\t\t\t</p>\n";
responseStream << "\t\t\t";
#line 95 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
#line 96 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
} responseStream << "\n";
responseStream << "\t\t\t<p class=\"grd_small\">\n";
responseStream << "\t\t\t\t<input id=\"save-privkey-no\" type=\"radio\" name=\"save-privkey\" value=\"no\"/>\n";
@ -213,15 +214,15 @@ void SaveKeysPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Ne
responseStream << "\t\t<input class=\"grd-form-bn grd-form-bn-succeed\" type=\"submit\" value=\"Speichern\">\n";
responseStream << "\t</form>\n";
responseStream << "\t";
#line 118 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
#line 119 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
} else if(state == PAGE_SHOW_PUBKEY) { responseStream << "\n";
responseStream << "\t\t<div class=\"grd_text\">\n";
responseStream << "\t\t\t<p>";
#line 120 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
#line 121 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
responseStream << ( gettext("Daten gespeichert!") );
responseStream << "</p>\n";
responseStream << "\t\t\t<p>";
#line 121 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
#line 122 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
responseStream << ( gettext("Deine Daten wurden verschlüsselt und gespeichert.") );
responseStream << "</p>\n";
responseStream << "\t\t\t<!--<p>Je nach Auswahl werden deine Daten nun verschl&uuml;sselt und gespeichert. </p>-->\n";
@ -229,27 +230,27 @@ void SaveKeysPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Ne
responseStream << "\t\t\t<!--<p>Deine Gradido Adresse (Hex): </p>\n";
responseStream << "\t\t\t<p class=\"grd_textarea\">\n";
responseStream << "\t\t\t\t";
#line 126 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
responseStream << ( mSession->getUser()->getPublicKeyHex() );
#line 127 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
responseStream << ( user->getModel()->getPublicKeyHex() );
responseStream << "\n";
responseStream << "\t\t\t</p>-->\n";
responseStream << "\t\t\t<a class=\"grd-form-bn\" href=\"";
#line 128 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
#line 129 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
responseStream << ( uri_start );
responseStream << "\">Zur&uuml;ck zur Startseite</a>\n";
responseStream << "\t\t</div>\n";
responseStream << "\t";
#line 130 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
#line 131 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
} else if(state == PAGE_ERROR) { responseStream << "\n";
responseStream << "\t\t<div class=\"grd_text\">\n";
responseStream << "\t\t\t<p>Ein Fehler trat auf, bitte versuche es erneut oder wende dich an den Server-Admin</p>\n";
responseStream << "\t\t\t";
#line 133 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
#line 134 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
responseStream << ( mSession->getSessionStateString() );
responseStream << "\n";
responseStream << "\t\t</div>\n";
responseStream << "\t";
#line 135 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
#line 136 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\saveKeys.cpsp"
} responseStream << "\n";
responseStream << "</div>\n";
// begin include footer.cpsp

40
src/cpp/HTTPInterface/TranslatePassphrase.cpp
View File

@ -7,7 +7,7 @@
#line 7 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#include "../Crypto/KeyPair.h"
#include "../Crypto/KeyPairEd25519.h"
#include "../ServerConfig.h"
#line 1 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header.cpsp"
@ -50,16 +50,17 @@ void TranslatePassphrase::handleRequest(Poco::Net::HTTPServerRequest& request, P
{
inputPassphrase = form.get("inputPassphrase", "");
auto localPassphrase = KeyPair::filterPassphrase(inputPassphrase);
auto localPassphrase = Passphrase::filter(inputPassphrase);
auto btnGenerate = form.get("btnGenerate", "");
if("" != btnGenerate) {
mSession->generatePassphrase();
localPassphrase = mSession->getOldPassphrase();
auto passphrase_gen = Passphrase::generate(wordSource);
localPassphrase = passphrase_gen->getString();
inputPassphrase = localPassphrase;
}
if(localPassphrase != "" && !User::validatePassphrase(localPassphrase, &wordSource)) {
auto passphrase_object = Passphrase::create(localPassphrase, wordSource);
if(localPassphrase != "" && passphrase_object.isNull() || !passphrase_object->checkIfValid()) {
addError(new Error(
gettext("Fehler"),
gettext("Diese Passphrase ist ung&uuml;ltig, bitte &uuml;berpr&uuml;fen oder neu generieren (lassen).")
@ -70,7 +71,8 @@ void TranslatePassphrase::handleRequest(Poco::Net::HTTPServerRequest& request, P
} else {
targetSource = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_BIP0039_SORTED_ORDER];
}
passphrase = KeyPair::passphraseTransform(localPassphrase, wordSource, targetSource);
auto transformed_passphrase_obj = passphrase_object->transform(targetSource);
passphrase = transformed_passphrase_obj->getString();
}
@ -197,7 +199,7 @@ void TranslatePassphrase::handleRequest(Poco::Net::HTTPServerRequest& request, P
responseStream << "\n";
responseStream << "<div class=\"row mb-3\" style=\"margin-top:70px;\">\n";
responseStream << "\t<h2 class=\"mx-auto\">";
#line 59 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 61 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( gettext("Passphrase umwandeln") );
responseStream << "</h2>\n";
responseStream << "</div>\n";
@ -208,57 +210,57 @@ void TranslatePassphrase::handleRequest(Poco::Net::HTTPServerRequest& request, P
responseStream << "\t <div class=\"col-md-12 col-lg-12 \">\n";
responseStream << "\t\t<div class=\"alert alert-orange\">\n";
responseStream << "\t\t <h5 class=\"alert-heading\">";
#line 67 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 69 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( gettext("Was zu tun ist:") );
responseStream << "</h5>\n";
responseStream << "\t\t <p>";
#line 68 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 70 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( gettext("Kopiere/schreibe deine Passphrase in die Textbox und du bekommst sie in die jeweils andere Sprache umgewandelt.") );
responseStream << "</p>\n";
responseStream << "\t\t <p>";
#line 69 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 71 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( gettext("Du kannst mit beiden Varianten dein Konto wiederherstellen oder dein Passwort ändern.") );
responseStream << "</p>\n";
responseStream << "\t\t</div>\n";
responseStream << "\t </div>\n";
responseStream << "\t <div class=\"col-lg-12 col-md-12 mb-5\">\n";
responseStream << "\t\t<form action=\"";
#line 73 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 75 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( uri_start );
responseStream << "/transform_passphrase\">\n";
responseStream << "\t\t <div class=\"form-group row-showcase_row_area\">\n";
responseStream << "\t\t\t<textarea name=\"inputPassphrase\" cols=\"10\" rows=\"5\" id=\"inputPassphrase\" class=\"form-control\" placeholder=\"";
#line 75 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 77 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( gettext("deine Passphrase") );
responseStream << "\">";
#line 75 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 77 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( inputPassphrase );
responseStream << "</textarea>\n";
responseStream << "\t\t </div>\n";
responseStream << "\t\t <input name=\"btnTransform\" type=\"submit\" value=\"Umwandeln\" class=\"btn btn btn-orange\">\n";
responseStream << "\t\t ";
#line 78 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 80 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
if(model::table::ROLE_ADMIN == role) { responseStream << "\n";
responseStream << "\t\t\t<input name=\"btnGenerate\" type=\"submit\" value=\"Neue generieren\" class=\"btn btn-secondary\">\n";
responseStream << "\t\t ";
#line 80 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 82 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
} responseStream << "\n";
responseStream << "\t\t</form>\n";
responseStream << "\t </div>\n";
responseStream << "\t ";
#line 83 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 85 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
if(passphrase != "") { responseStream << "\n";
responseStream << "\t\t<div class=\"col-lg-12 col-md-12\">\n";
responseStream << "\t\t\t<div class=\"alert alert-success\">\n";
responseStream << "\t\t\t\t<h5 class=\"alert-heading\">Umgewandelte Passphrase: </h5>\n";
responseStream << "\t\t\t\t<p>";
#line 87 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 89 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( passphrase );
responseStream << "</p>\n";
responseStream << "\t\t\t</div>\n";
responseStream << "\t\t</div>\n";
responseStream << "\t ";
#line 90 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 92 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
} responseStream << "\n";
responseStream << "\t </div>\n";
responseStream << "\t</div>\n";

209
src/cpp/HTTPInterface/UserUpdateGroupPage.cpp Normal file
View File

@ -0,0 +1,209 @@
#include "UserUpdateGroupPage.h"
#include "Poco/Net/HTTPServerRequest.h"
#include "Poco/Net/HTTPServerResponse.h"
#include "Poco/Net/HTMLForm.h"
#include "Poco/DeflatingStream.h"
#line 6 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
#include "../controller/Group.h"
#include "../SingletonManager/SessionManager.h"
enum PageState {
PAGE_STATE_OVERVIEW,
PAGE_STATE_REQUEST_IS_RUNNING
};
#line 1 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_large.cpsp"
#include "../ServerConfig.h"
UserUpdateGroupPage::UserUpdateGroupPage(Session* arg):
SessionHTTPRequestHandler(arg)
{
}
void UserUpdateGroupPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response)
{
response.setChunkedTransferEncoding(true);
response.setContentType("text/html");
bool _compressResponse(request.hasToken("Accept-Encoding", "gzip"));
if (_compressResponse) response.set("Content-Encoding", "gzip");
Poco::Net::HTMLForm form(request, request.stream());
#line 17 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
const char* pageName = gettext("Gruppe wählen");
auto user = mSession->getNewUser();
auto sm = SessionManager::getInstance();
PageState state = PAGE_STATE_OVERVIEW;
if(!form.empty()) {
}
auto groups = controller::Group::listAll();
#line 3 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_large.cpsp"
bool withMaterialIcons = false;
std::ostream& _responseStream = response.send();
Poco::DeflatingOutputStream _gzipStream(_responseStream, Poco::DeflatingStreamBuf::STREAM_GZIP, 1);
std::ostream& responseStream = _compressResponse ? _gzipStream : _responseStream;
responseStream << "\n";
// begin include header_large.cpsp
responseStream << "\n";
responseStream << "<!DOCTYPE html>\n";
responseStream << "<html>\n";
responseStream << "<head>\n";
responseStream << "<meta charset=\"UTF-8\">\n";
responseStream << "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1, shrink-to-fit=no\">\n";
responseStream << "<title>Gradido Login Server: ";
#line 11 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_large.cpsp"
responseStream << ( pageName );
responseStream << "</title>\n";
responseStream << "<link rel=\"stylesheet\" type=\"text/css\" href=\"";
#line 12 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_large.cpsp"
responseStream << ( ServerConfig::g_php_serverPath );
responseStream << "css/main.css\">\n";
#line 13 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_large.cpsp"
if(withMaterialIcons) { responseStream << "\n";
responseStream << "<link rel=\"stylesheet\" type=\"text/css\" href=\"";
#line 14 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_large.cpsp"
responseStream << ( ServerConfig::g_php_serverPath );
responseStream << "css/materialdesignicons.min.css\">\n";
#line 15 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_large.cpsp"
} responseStream << "\n";
responseStream << "</head>\n";
responseStream << "<body>\n";
responseStream << " <div class=\"layout\">\n";
responseStream << "\t\t<div class=\"sidebar1 nav-menu initial\">\n";
responseStream << "\t\t\t<div class=\"nav-vertical\">\n";
responseStream << "\t\t\t\t<ul>\n";
responseStream << "\t\t\t\t\t<li><a href=\"";
#line 22 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_large.cpsp"
responseStream << ( ServerConfig::g_serverPath );
responseStream << "/groups\"><span class=\"link-title\">Gruppen</span></a></li>\n";
responseStream << "\t\t\t\t\t<li><a href=\"";
#line 23 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_large.cpsp"
responseStream << ( ServerConfig::g_serverPath );
responseStream << "/nodes\"><span class=\"link-title\">Node Server</span></a></li>\n";
responseStream << "\t\t\t\t\t<li><a href=\"";
#line 24 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_large.cpsp"
responseStream << ( ServerConfig::g_serverPath );
responseStream << "/hedera_account\"><span class=\"link-title\">Hedera Accounts</span></a></li>\n";
responseStream << "\t\t\t\t\t<li><a href=\"";
#line 25 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_large.cpsp"
responseStream << ( ServerConfig::g_serverPath );
responseStream << "/topic\"><span class=\"link-title\">Hedera Topics</span></a></li>\n";
responseStream << "\t\t\t\t</ul>\n";
responseStream << "\t\t\t</div>\n";
responseStream << "\t\t</div>\n";
responseStream << "\t\t<div class=\"content\">";
// end include header_large.cpsp
responseStream << "\n";
#line 30 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
responseStream << ( getErrorsHtml() );
responseStream << "\n";
responseStream << "<div class=\"content-list\">\n";
responseStream << "\t";
#line 32 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
if(PAGE_STATE_OVERVIEW == state ) { responseStream << "\n";
responseStream << " <div class=\"content-list-title\">\n";
responseStream << " <h1>";
#line 34 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
responseStream << ( gettext("Gruppe wählen") );
responseStream << "</h1>\n";
responseStream << " </div>\n";
responseStream << "\t<p>";
#line 36 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
responseStream << ( gettext("Bitte wähle die Gruppe/Gemeinschaft aus, zu der du gehörst.") );
responseStream << "</p>\n";
responseStream << "\t<p>";
#line 37 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
responseStream << ( gettext("Du bekommst eine Bestätigungsmail, nachdem dein Beitritt bestätigt wurde.") );
responseStream << "</p>\n";
responseStream << "\t<form method=\"POST\">\n";
responseStream << "\t\t<div class=\"content-list-table\">\n";
responseStream << "\t\t\t<div class=\"row\">\n";
responseStream << "\t\t\t\t<div class=\"cell header-cell c1\">";
#line 41 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
responseStream << ( gettext("Auswahl") );
responseStream << "</div>\n";
responseStream << "\t\t\t\t<div class=\"cell header-cell c2\">Name</div>\n";
responseStream << "\t\t\t\t<div class=\"cell header-cell c2\">Alias</div>\n";
responseStream << "\t\t\t\t<div class=\"cell header-cell c3\">Url</div>\n";
responseStream << "\t\t\t\t<div class=\"cell header-cell c5\">";
#line 45 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
responseStream << ( gettext("Description") );
responseStream << "</div>\n";
responseStream << "\t\t\t</div>\n";
responseStream << "\t\t\t";
#line 47 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
for(auto it = groups.begin(); it != groups.end(); it++) {
auto group_model = (*it)->getModel(); responseStream << "\n";
responseStream << "\t\t\t\t<div class=\"row\">\n";
responseStream << "\t\t\t\t\t<div class=\"cell c1\"><input type=\"radio\" class=\"form-control\" name=\"group_id\" value=\"";
#line 50 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
responseStream << ( group_model->getID());
responseStream << "\" /></div>\n";
responseStream << "\t\t\t\t\t<div class=\"cell c2\">";
#line 51 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
responseStream << ( group_model->getName() );
responseStream << "</div>\n";
responseStream << "\t\t\t\t\t<div class=\"cell c2\">";
#line 52 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
responseStream << ( group_model->getAlias() );
responseStream << "</div>\n";
responseStream << "\t\t\t\t\t<div class=\"cell c3\">";
#line 53 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
responseStream << ( group_model->getUrl() );
responseStream << "</div>\n";
responseStream << "\t\t\t\t\t<div class=\"cell c5\">";
#line 54 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
responseStream << ( group_model->getDescription());
responseStream << "</div>\n";
responseStream << "\t\t\t\t</div>\n";
responseStream << "\t\t\t";
#line 56 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
} responseStream << "\n";
responseStream << "\t\t\t<input class=\"grd-form-bn grd-form-bn-succeed grd_clickable\" type=\"submit\" name=\"submit\" value=\"";
#line 57 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
responseStream << ( gettext("Beitrittsanfrage senden") );
responseStream << "\"/>\n";
responseStream << "\t\t</div>\n";
responseStream << "\t</form>\n";
responseStream << "\t";
#line 60 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\userUpdateGroup.cpsp"
} responseStream << "\n";
responseStream << "</div>\n";
// begin include footer.cpsp
responseStream << " <div class=\"center-bottom\">\n";
responseStream << " <p>Copyright © Gradido 2020</p>\n";
responseStream << " </div>\n";
responseStream << " </div>\n";
responseStream << " <div class=\"bottomleft\">\n";
responseStream << " ";
#line 6 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\footer.cpsp"
responseStream << ( mTimeProfiler.string() );
responseStream << "\n";
responseStream << " </div>\n";
responseStream << " <div class=\"bottomright\">\n";
responseStream << " <p>Login Server in Entwicklung</p>\n";
responseStream << " <p>Alpha ";
#line 10 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\footer.cpsp"
responseStream << ( ServerConfig::g_versionString );
responseStream << "</p>\n";
responseStream << " </div>\n";
responseStream << " </div>\n";
responseStream << "</body>\n";
responseStream << "\n";
responseStream << "</html>";
// end include footer.cpsp
responseStream << "\n";
if (_compressResponse) _gzipStream.close();
}

20
src/cpp/HTTPInterface/UserUpdateGroupPage.h Normal file
View File

@ -0,0 +1,20 @@
#ifndef UserUpdateGroupPage_INCLUDED
#define UserUpdateGroupPage_INCLUDED
#include "Poco/Net/HTTPRequestHandler.h"
#include "SessionHTTPRequestHandler.h"
class UserUpdateGroupPage: public SessionHTTPRequestHandler
{
public:
UserUpdateGroupPage(Session*);
void handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response);
};
#endif // UserUpdateGroupPage_INCLUDED

33
src/cpp/ImportantTests.cpp
View File

@ -2,7 +2,7 @@
#include <string>
#include "ServerConfig.h"
#include "Crypto/KeyPair.h"
//#include "Crypto/KeyPair.h"
#include "Crypto/KeyPairEd25519.h"
#include "lib/DataTypeConverter.h"
@ -38,27 +38,36 @@ namespace ImportantTests {
// test old key pair implementation
KeyPair keys;
//KeyPair keys;
bool errorsOccured = false;
std::string filtered_1_de = KeyPair::filterPassphrase(passphrase_1_de);
keys.generateFromPassphrase(filtered_1_de.data(), de_words);
if (keys.getPubkeyHex() != passphrase_1_pubkey_hex) {
std::string filtered_1_de = Passphrase::filter(passphrase_1_de);
KeyPairEd25519* keys = nullptr;
keys = KeyPairEd25519::create(Passphrase::create(filtered_1_de, de_words));
std::string public_key_hex = keys->getPublicKeyHex();
if (std::string(public_key_hex.data(), public_key_hex.size() - 1) != passphrase_1_pubkey_hex) {
printf("1 de incorrect\n");
errorsOccured = true;
}
keys.generateFromPassphrase(passphrase_1_en.data(), en_words);
if (keys.getPubkeyHex() != passphrase_1_pubkey_hex) {
delete keys;
keys = KeyPairEd25519::create(Passphrase::create(passphrase_1_en, en_words));
public_key_hex = keys->getPublicKeyHex();
if (std::string(public_key_hex.data(), public_key_hex.size() - 1) != passphrase_1_pubkey_hex) {
printf("1 en incorrect\n");
errorsOccured = true;
}
std::string filtered_2_de = KeyPair::filterPassphrase(passphrase_2_de);
keys.generateFromPassphrase(filtered_2_de.data(), de_words);
if (keys.getPubkeyHex() != passphrase_2_pubkey_hex) {
std::string filtered_2_de = Passphrase::filter(passphrase_2_de);
delete keys;
keys = KeyPairEd25519::create(Passphrase::create(filtered_2_de, de_words));
public_key_hex = keys->getPublicKeyHex();
if (std::string(public_key_hex.data(), public_key_hex.size() - 1) != passphrase_2_pubkey_hex) {
printf("2 de incorrect\n");
errorsOccured = true;
}
keys.generateFromPassphrase(passphrase_2_en.data(), en_words);
if (keys.getPubkeyHex() != passphrase_2_pubkey_hex) {
delete keys;
keys = KeyPairEd25519::create(Passphrase::create(passphrase_2_en, en_words));
public_key_hex = keys->getPublicKeyHex();
if (std::string(public_key_hex.data(), public_key_hex.size() - 1) != passphrase_2_pubkey_hex) {
printf("2 en incorrect\n");
errorsOccured = true;
}

4
src/cpp/JSONInterface/JsonCreateUser.cpp
View File

@ -12,6 +12,7 @@ Poco::JSON::Object* JsonCreateUser::handle(Poco::Dynamic::Var params)
std::string first_name;
std::string last_name;
int emailType;
int group_id;
auto em = EmailManager::getInstance();
// if is json object
@ -27,6 +28,7 @@ Poco::JSON::Object* JsonCreateUser::handle(Poco::Dynamic::Var params)
paramJsonObject->get("first_name").convert(first_name);
paramJsonObject->get("last_name").convert(last_name);
paramJsonObject->get("emailType").convert(emailType);
paramJsonObject->get("group_id").convert(group_id);
}
catch (Poco::Exception& ex) {
return stateError("json exception", ex.displayText());
@ -45,7 +47,7 @@ Poco::JSON::Object* JsonCreateUser::handle(Poco::Dynamic::Var params)
}
// create user
user = controller::User::create(email, first_name, last_name);
user = controller::User::create(email, first_name, last_name, group_id);
auto userModel = user->getModel();
if (!userModel->insertIntoDB(true)) {
userModel->sendErrorsAsEmail();

4
src/cpp/JSONInterface/JsonTransaction.cpp
View File

@ -33,10 +33,6 @@ Poco::JSON::Object* JsonTransaction::handle(Poco::Dynamic::Var params)
if (!paramJsonObject->isNull("balance")) {
paramJsonObject->get("balance").convert(balance);
if (balance) {
auto u = session->getUser();
if (u) {
u->setBalance(balance);
}
auto nu = session->getNewUser();
if (!nu.isNull()) {
nu->setBalance(balance);

40
src/cpp/controller/User.cpp
View File

@ -21,6 +21,7 @@ namespace controller {
: mPassword(nullptr), mGradidoKeyPair(nullptr), mCanDecryptPrivateKey(false), mGradidoCurrentBalance(0)
{
mDBModel = dbModel;
}
User::~User()
@ -39,9 +40,9 @@ namespace controller {
return Poco::AutoPtr<User>(user);
}
Poco::AutoPtr<User> User::create(const std::string& email, const std::string& first_name, const std::string& last_name, Poco::UInt64 passwordHashed/* = 0*/, std::string languageKey/* = "de"*/)
Poco::AutoPtr<User> User::create(const std::string& email, const std::string& first_name, const std::string& last_name, int group_id, Poco::UInt64 passwordHashed/* = 0*/, std::string languageKey/* = "de"*/)
{
auto db = new model::table::User(email, first_name, last_name, passwordHashed, languageKey);
auto db = new model::table::User(email, first_name, last_name, group_id, passwordHashed, languageKey);
auto user = new User(db);
return Poco::AutoPtr<User>(user);
}
@ -327,6 +328,41 @@ namespace controller {
return -1;
}
/*
USER_EMPTY,
USER_LOADED_FROM_DB,
USER_PASSWORD_INCORRECT,
USER_PASSWORD_ENCRYPTION_IN_PROCESS,
USER_EMAIL_NOT_ACTIVATED,
USER_NO_KEYS,
USER_NO_PRIVATE_KEY,
USER_NO_GROUP,
USER_KEYS_DONT_MATCH,
USER_COMPLETE,
USER_DISABLED
*/
UserState User::getUserState()
{
std::unique_lock<std::shared_mutex> _lock(mSharedMutex);
auto model = getModel();
if (!model->getID() && model->getEmail() == "") {
return USER_EMPTY;
}
if (!model->hasPrivateKeyEncrypted() && !model->hasPublicKey()) {
return USER_NO_KEYS;
}
if (!model->hasPrivateKeyEncrypted()) {
return USER_NO_PRIVATE_KEY;
}
if (!model->getGroupId()) {
return USER_NO_GROUP;
}
if (!model->isEmailChecked()) {
return USER_EMAIL_NOT_ACTIVATED;
}
return USER_COMPLETE;
}
int User::checkIfVerificationEmailsShouldBeResend(const Poco::Util::Timer& timer)
{

20
src/cpp/controller/User.h
View File

@ -9,6 +9,21 @@
#include "TableControllerBase.h"
enum UserState
{
USER_EMPTY,
USER_LOADED_FROM_DB,
USER_PASSWORD_INCORRECT,
USER_PASSWORD_ENCRYPTION_IN_PROCESS,
USER_EMAIL_NOT_ACTIVATED,
USER_NO_KEYS,
USER_NO_PRIVATE_KEY,
USER_NO_GROUP,
USER_KEYS_DONT_MATCH,
USER_COMPLETE,
USER_DISABLED
};
namespace controller {
@ -26,7 +41,7 @@ namespace controller {
~User();
static Poco::AutoPtr<User> create();
static Poco::AutoPtr<User> create(const std::string& email, const std::string& first_name, const std::string& last_name, Poco::UInt64 passwordHashed = 0, std::string languageKey = "de");
static Poco::AutoPtr<User> create(const std::string& email, const std::string& first_name, const std::string& last_name, int group_id, Poco::UInt64 passwordHashed = 0, std::string languageKey = "de");
static std::vector<User*> search(const std::string& searchString);
@ -96,6 +111,9 @@ namespace controller {
//! \return -1 = stored pubkey and private key didn't match
int setNewPassword(const std::string& password);
//! \brief calculate user state
UserState getUserState();
//! \brief return AuthenticatedEncryption Auto Pointer
inline const Poco::AutoPtr<SecretKeyCryptography> getPassword() {
std::shared_lock<std::shared_mutex> _lock(mSharedMutex);

31
src/cpp/controller/UserBackup.cpp
View File

@ -48,17 +48,12 @@ namespace controller {
}
Poco::SharedPtr<KeyPair> UserBackup::getKeyPair()
Poco::SharedPtr<KeyPairEd25519> UserBackup::getKeyPair()
{
if (!mKeyPair.isNull()) {
return mKeyPair;
}
mKeyPair = new KeyPair;
auto model = getModel();
auto passphrase = model->getPassphrase();
mKeyPair->generateFromPassphrase(passphrase);
return mKeyPair;
mKeyPair = createGradidoKeyPair();
}
KeyPairEd25519* UserBackup::createGradidoKeyPair()
@ -77,17 +72,17 @@ namespace controller {
return "<invalid type>";
}
auto passphrase = getModel()->getPassphrase();
Mnemonic* wordSource = nullptr;
if (KeyPair::validatePassphrase(passphrase, &wordSource)) {
for (int i = 0; i < ServerConfig::Mnemonic_Types::MNEMONIC_MAX; i++) {
Mnemonic* m = &ServerConfig::g_Mnemonic_WordLists[i];
if (m == wordSource) {
if (type == i) {
return passphrase;
}
else {
return KeyPair::passphraseTransform(passphrase, m, &ServerConfig::g_Mnemonic_WordLists[type]);
}
auto wordSource = Passphrase::detectMnemonic(passphrase);
for (int i = 0; i < ServerConfig::Mnemonic_Types::MNEMONIC_MAX; i++) {
Mnemonic* m = &ServerConfig::g_Mnemonic_WordLists[i];
if (m == wordSource) {
if (type == i) {
return passphrase;
}
else {
//return KeyPair::passphraseTransform(passphrase, m, &ServerConfig::g_Mnemonic_WordLists[type]);
auto passphrase_obj = Passphrase::create(passphrase, wordSource);
return passphrase_obj->transform(&ServerConfig::g_Mnemonic_WordLists[type])->getString();
}
}
}

5
src/cpp/controller/UserBackup.h
View File

@ -2,7 +2,6 @@
#define GRADIDO_LOGIN_SERVER_CONTROLLER_USER_BACKUPS_INCLUDE
#include "../model/table/UserBackup.h"
#include "../Crypto/KeyPair.h"
#include "../Crypto/KeyPairEd25519.h"
#include "Poco/SharedPtr.h"
@ -26,7 +25,7 @@ namespace controller {
//! depracted
//! \return create keyPair from passphrase if not exist, else return existing pointer
Poco::SharedPtr<KeyPair> getKeyPair();
Poco::SharedPtr<KeyPairEd25519> getKeyPair();
//! \return newly created key pair from passphrase or nullptr if not possible, caller becomes owner of pointer
KeyPairEd25519* createGradidoKeyPair();
@ -38,7 +37,7 @@ namespace controller {
protected:
UserBackup(model::table::UserBackup* dbModel);
Poco::SharedPtr<KeyPair> mKeyPair;
Poco::SharedPtr<KeyPairEd25519> mKeyPair;
};
}

337
src/cpp/model/Session.cpp
View File

@ -34,59 +34,12 @@
using namespace Poco::Data::Keywords;
int WriteEmailVerification::run()
{
auto em = ErrorManager::getInstance();
mEmailVerificationCode->getModel()->setUserId(mUser->getDBId());
auto emailVerificationModel = mEmailVerificationCode->getModel();
emailVerificationModel->setUserId(mUser->getDBId());
if (!emailVerificationModel->insertIntoDB(true) || emailVerificationModel->errorCount() > 0) {
emailVerificationModel->sendErrorsAsEmail();
return -1;
}
return 0;
}
// ---------------------------------------------------------------------------------------------------------------
int WritePassphraseIntoDB::run()
{
Profiler timeUsed;
// TODO: encrypt passphrase, need server admin crypto box pubkey
//int crypto_box_seal(unsigned char *c, const unsigned char *m,
//unsigned long long mlen, const unsigned char *pk);
size_t mlen = mPassphrase.size();
size_t crypto_size = crypto_box_SEALBYTES + mlen;
auto em = ErrorManager::getInstance();
auto dbSession = ConnectionManager::getInstance()->getConnection(CONNECTION_MYSQL_LOGIN_SERVER);
Poco::Data::Statement insert(dbSession);
insert << "INSERT INTO user_backups (user_id, passphrase) VALUES(?,?)",
use(mUserId), use(mPassphrase);
try {
if (insert.execute() != 1) {
em->addError(new ParamError("WritePassphraseIntoDB::run", "inserting passphrase for user failed", std::to_string(mUserId)));
em->sendErrorsAsEmail();
}
}
catch (Poco::Exception& ex) {
em->addError(new ParamError("WritePassphraseIntoDB::run", "insert passphrase mysql error", ex.displayText().data()));
em->sendErrorsAsEmail();
}
//printf("[WritePassphraseIntoDB] timeUsed: %s\n", timeUsed.string().data());
return 0;
}
// --------------------------------------------------------------------------------------------------------------
Session::Session(int handle)
: mHandleId(handle), mSessionUser(nullptr), mState(SESSION_STATE_EMPTY), mActive(false)
: mHandleId(handle), mState(SESSION_STATE_EMPTY), mActive(false)
{
}
@ -109,7 +62,6 @@ void Session::reset()
//printf("[Session::reset]\n");
lock("Session::reset");
std::unique_lock<std::shared_mutex> _lock(mSharedMutex);
mSessionUser.assign(nullptr);
mNewUser.assign(nullptr);
mEmailVerificationCodeObject.assign(nullptr);
@ -147,7 +99,7 @@ Poco::AutoPtr<controller::EmailVerificationCode> Session::getEmailVerificationCo
return ret;
}
bool Session::adminCreateUser(const std::string& first_name, const std::string& last_name, const std::string& email)
bool Session::adminCreateUser(const std::string& first_name, const std::string& last_name, const std::string& email, int group_id)
{
Profiler usedTime;
@ -177,7 +129,7 @@ bool Session::adminCreateUser(const std::string& first_name, const std::string&
return false;
}
auto newUser = controller::User::create(email, first_name, last_name);
auto newUser = controller::User::create(email, first_name, last_name, group_id);
updateTimeout();
@ -201,128 +153,9 @@ bool Session::adminCreateUser(const std::string& first_name, const std::string&
return true;
}
//
bool Session::createUser(const std::string& first_name, const std::string& last_name, const std::string& email, const std::string& password)
{
Profiler usedTime;
auto sm = SessionManager::getInstance();
if (!sm->isValid(first_name, VALIDATE_NAME)) {
addError(new Error(gettext("Vorname"), gettext("Bitte gebe einen Namen an. Mindestens 3 Zeichen, keines folgender Zeichen <>&;")), false);
return false;
}
if (!sm->isValid(last_name, VALIDATE_NAME)) {
addError(new Error(gettext("Nachname"), gettext("Bitte gebe einen Namen an. Mindestens 3 Zeichen, keines folgender Zeichen <>&;")), false);
return false;
}
if (!sm->isValid(email, VALIDATE_EMAIL)) {
addError(new Error(gettext("E-Mail"), gettext("Bitte gebe eine g&uuml;ltige E-Mail Adresse an.")), false);
return false;
}
if (!sm->checkPwdValidation(password, this)) {
return false;
}
/*if (passphrase.size() > 0 && !sm->isValid(passphrase, VALIDATE_PASSPHRASE)) {
addError(new Error("Merkspruch", "Der Merkspruch ist nicht g&uuml;ltig, er besteht aus 24 W&ouml;rtern, mit Komma getrennt."));
return false;
}
if (passphrase.size() == 0) {
//mPassphrase = User::generateNewPassphrase(&ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_BIP0039_SORTED_ORDER]);
mPassphrase = User::generateNewPassphrase(&ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER]);
}
else {
//mPassphrase = passphrase;
}*/
// check if user with that email already exist
auto dbConnection = ConnectionManager::getInstance()->getConnection(CONNECTION_MYSQL_LOGIN_SERVER);
Poco::Data::Statement select(dbConnection);
select << "SELECT email from users where email = ?;", useRef(email);
try {
if (select.execute() > 0) {
addError(new Error(gettext("E-Mail"), gettext("F&uuml;r diese E-Mail Adresse gibt es bereits einen Account")), false);
return false;
}
}
catch (Poco::Exception& exc) {
printf("mysql exception: %s\n", exc.displayText().data());
}
mSessionUser = new User(email.data(), first_name.data(), last_name.data());
mNewUser = controller::User::create(email, first_name, last_name);
updateTimeout();
// Prepare E-Mail
//UniLib::controller::TaskPtr prepareEmail(new PrepareEmailTask(ServerConfig::g_CPUScheduler));
//prepareEmail->scheduleTask(prepareEmail);
// create user crypto key
UniLib::controller::TaskPtr cryptoKeyTask(new UserCreateCryptoKey(mSessionUser, mNewUser, password, ServerConfig::g_CryptoCPUScheduler));
cryptoKeyTask->setFinishCommand(new SessionStateUpdateCommand(SESSION_STATE_CRYPTO_KEY_GENERATED, this));
cryptoKeyTask->scheduleTask(cryptoKeyTask);
// depends on crypto key, write user record into db
UniLib::controller::TaskPtr writeUserIntoDB(new UserWriteIntoDB(mSessionUser, ServerConfig::g_CPUScheduler, 1));
writeUserIntoDB->setParentTaskPtrInArray(cryptoKeyTask, 0);
writeUserIntoDB->setFinishCommand(new SessionStateUpdateCommand(SESSION_STATE_USER_WRITTEN, this));
writeUserIntoDB->scheduleTask(writeUserIntoDB);
std::unique_lock<std::shared_mutex> _lock(mSharedMutex);
mEmailVerificationCodeObject = controller::EmailVerificationCode::create(model::table::EMAIL_OPT_IN_REGISTER);
UniLib::controller::TaskPtr writeEmailVerification(new WriteEmailVerification(mSessionUser, mEmailVerificationCodeObject, ServerConfig::g_CPUScheduler, 1));
writeEmailVerification->setParentTaskPtrInArray(writeUserIntoDB, 0);
writeEmailVerification->setFinishCommand(new SessionStateUpdateCommand(SESSION_STATE_EMAIL_VERIFICATION_WRITTEN, this));
writeEmailVerification->scheduleTask(writeEmailVerification);
/*printf("LastName: %s\n", last_name.data());
for (int i = 0; i < last_name.size(); i++) {
char c = last_name.data()[i];
//printf("%d ", c);
}
//printf("\n\n");
*/
// depends on writeUser because need user_id, write email verification into db
/*auto message = new Poco::Net::MailMessage;
Poco::Net::MediaType mt("text", "plain");
mt.setParameter("charset", "utf-8");
message->setContentType(mt);
message->addRecipient(Poco::Net::MailRecipient(Poco::Net::MailRecipient::PRIMARY_RECIPIENT, email));
message->setSubject(gettext("Gradido: E-Mail Verification"));
std::stringstream ss;
ss << "Hallo " << first_name << " " << last_name << "," << std::endl << std::endl;
ss << "Du oder jemand anderes hat sich soeben mit dieser E-Mail Adresse bei Gradido registriert. " << std::endl;
ss << "Wenn du es warst, klicke bitte auf den Link: " << ServerConfig::g_serverPath << "/checkEmail/" << mEmailVerificationCode << std::endl;
//ss << "oder kopiere den Code: " << mEmailVerificationCode << " selbst dort hinein." << std::endl;
ss << "oder kopiere den obigen Link in Dein Browserfenster." << std::endl;
ss << std::endl;
ss << "Mit freundlichen " << u8"Grüßen" << std::endl;
ss << "Dario, Gradido Server Admin" << std::endl;
message->addContent(new Poco::Net::StringPartSource(ss.str()));
*/
//UniLib::controller::TaskPtr sendEmail(new SendEmailTask(message, ServerConfig::g_CPUScheduler, 1));
//Email(AutoPtr<controller::EmailVerificationCode> emailVerification, AutoPtr<controller::User> user, EmailType type);
UniLib::controller::TaskPtr sendEmail(new SendEmailTask(new model::Email(mEmailVerificationCodeObject, mNewUser, model::EMAIL_USER_VERIFICATION_CODE), ServerConfig::g_CPUScheduler, 1));
//sendEmail->setParentTaskPtrInArray(prepareEmail, 0);
sendEmail->setParentTaskPtrInArray(writeEmailVerification, 0);
sendEmail->setFinishCommand(new SessionStateUpdateCommand(SESSION_STATE_EMAIL_VERIFICATION_SEND, this));
sendEmail->scheduleTask(sendEmail);
// write user into db
// generate and write email verification into db
// send email
//printf("[Session::createUser] time: %s\n", usedTime.string().data());
return true;
}
bool Session::createUserDirect(const std::string& first_name, const std::string& last_name, const std::string& email, const std::string& password)
bool Session::createUserDirect(const std::string& first_name, const std::string& last_name, const std::string& email, const std::string& password, int groupId)
{
std::unique_lock<std::shared_mutex> _lock(mSharedMutex);
static const char* function_name = "Session::createUserDirect";
@ -354,7 +187,7 @@ bool Session::createUserDirect(const std::string& first_name, const std::string&
}
// user
mNewUser = controller::User::create(email, first_name, last_name);
mNewUser = controller::User::create(email, first_name, last_name, groupId);
auto user_model = mNewUser->getModel();
user_model->insertIntoDB(true);
auto user_id = user_model->getID();
@ -429,16 +262,8 @@ int Session::updateEmailVerification(Poco::UInt64 emailVerificationCode)
}
auto email_verification_code_model = mEmailVerificationCodeObject->getModel();
assert(email_verification_code_model);
if(email_verification_code_model->getCode() == emailVerificationCode) {
if (mSessionUser && mSessionUser->getDBId() == 0) {
//addError(new Error("E-Mail Verification", "Benutzer wurde nicht richtig gespeichert, bitte wende dich an den Server-Admin"));
em->addError(new Error(funcName, "user exist with 0 as id"));
em->sendErrorsAsEmail();
//return false;
return -2;
}
if(email_verification_code_model->getCode() == emailVerificationCode)
{
// load correct user from db
if (mNewUser.isNull() || !mNewUser->getModel() || mNewUser->getModel()->getID() != email_verification_code_model->getUserId()) {
mNewUser = controller::User::create();
@ -460,7 +285,6 @@ int Session::updateEmailVerification(Poco::UInt64 emailVerificationCode)
first_email_activation = true;
}
if (first_email_activation && user_model->isEmailChecked()) {
mSessionUser = new User(mNewUser);
addError(new Error(gettext("E-Mail Verification"), gettext("Du hast dein Konto bereits aktiviert!")), false);
return 1;
@ -499,28 +323,6 @@ int Session::updateEmailVerification(Poco::UInt64 emailVerificationCode)
return -2;
/*if (updated_rows == 1) {
Poco::Data::Statement delete_row(dbConnection);
delete_row << "DELETE FROM email_opt_in where verification_code = ?", use(emailVerificationCode);
if (delete_row.execute() != 1) {
em->addError(new Error(funcName, "delete from email_opt_in entry didn't work as expected, please check db"));
em->sendErrorsAsEmail();
}
if (mSessionUser) {
mSessionUser->setEmailChecked();
mSessionUser->setLanguage(getLanguage());
}
updateState(SESSION_STATE_EMAIL_VERIFICATION_CODE_CHECKED);
//printf("[%s] time: %s\n", funcName, usedTime.string().data());
unlock();
return true;
}
else {
em->addError(new ParamError(funcName, "update user work not like expected, updated row count", updated_rows));
em->sendErrorsAsEmail();
}*/
}
else {
addError(new Error(gettext("E-Mail Verification"), gettext("Falscher Code f&uuml;r aktiven Login")));
@ -537,7 +339,6 @@ int Session::updateEmailVerification(Poco::UInt64 emailVerificationCode)
int Session::sendResetPasswordEmail(Poco::AutoPtr<controller::User> user, bool passphraseMemorized)
{
mNewUser = user;
mSessionUser = new User(user);
auto em = EmailManager::getInstance();
std::unique_lock<std::shared_mutex> _lock(mSharedMutex);
@ -579,16 +380,17 @@ int Session::sendResetPasswordEmail(Poco::AutoPtr<controller::User> user, bool p
return 0;
}
int Session::comparePassphraseWithSavedKeys(const std::string& inputPassphrase, Mnemonic* wordSource)
int Session::comparePassphraseWithSavedKeys(const std::string& inputPassphrase, const Mnemonic* wordSource)
{
KeyPair keys;
static const char* functionName = "Session::comparePassphraseWithSavedKeys";
if (!wordSource) {
addError(new Error(functionName, "wordSource is empty"));
sendErrorsAsEmail();
return -2;
}
if (!keys.generateFromPassphrase(inputPassphrase.data(), wordSource)) {
auto passphrase = Passphrase::create(inputPassphrase, wordSource);
if (passphrase.isNull() || !passphrase->checkIfValid()) {
addError(new ParamError(functionName, "invalid passphrase", inputPassphrase));
if (!mNewUser.isNull() && mNewUser->getModel()) {
addError(new ParamError(functionName, "user email", mNewUser->getModel()->getEmail()));
@ -610,9 +412,15 @@ int Session::comparePassphraseWithSavedKeys(const std::string& inputPassphrase,
return -1;
}
}
if (0 == memcmp(userModel->getPublicKey(), keys.getPublicKey(), crypto_sign_PUBLICKEYBYTES)) {
mPassphrase = inputPassphrase;
return 1;
auto keys = KeyPairEd25519::create(passphrase);
if (keys) {
auto cmp_result = memcmp(userModel->getPublicKey(), keys->getPublicKey(), crypto_sign_PUBLICKEYBYTES);
delete keys;
keys = nullptr;
if (0 == cmp_result) {
mPassphrase = inputPassphrase;
return 1;
}
}
addError(new Error(gettext("Passphrase"), gettext("Das ist nicht die richtige Passphrase.")), false);
return 0;
@ -634,13 +442,8 @@ bool Session::startProcessingTransaction(const std::string& proto_message_base64
return false;
}
}
if (mSessionUser.isNull() || !mSessionUser->getEmail()) {
addError(new Error(funcName, "user is zero"));
unlock();
return false;
}
Poco::AutoPtr<ProcessingTransaction> processorTask(new ProcessingTransaction(proto_message_base64, DRMakeStringHash(mSessionUser->getEmail())));
Poco::AutoPtr<ProcessingTransaction> processorTask(new ProcessingTransaction(proto_message_base64, DRMakeStringHash(mNewUser->getModel()->getEmail().data())));
processorTask->scheduleTask(processorTask);
mProcessingTransactions.push_back(processorTask);
unlock();
@ -723,15 +526,7 @@ size_t Session::getProcessingTransactionCount()
return count;
}
bool Session::isPwdValid(const std::string& pwd)
{
if (mSessionUser) {
return mSessionUser->validatePwd(pwd, this);
}
return false;
}
UserStates Session::loadUser(const std::string& email, const std::string& password)
UserState Session::loadUser(const std::string& email, const std::string& password)
{
static const char* functionName = "Session::loadUser";
auto observer = SingletonTaskObserver::getInstance();
@ -742,24 +537,20 @@ UserStates Session::loadUser(const std::string& email, const std::string& passwo
}
//Profiler usedTime;
lock(functionName);
if (mSessionUser && mSessionUser->getEmail() != email) {
mSessionUser.assign(nullptr);
mNewUser.assign(nullptr);
}
//if (!mSessionUser) {
if (mNewUser.isNull()) {
mNewUser = controller::User::create();
// load user for email only once from db
mNewUser->load(email);
mSessionUser = new User(mNewUser);
//mSessionUser = new User(email.data());
}
auto user_model = mNewUser->getModel();
if (user_model && user_model->isDisabled()) {
return USER_DISABLED;
}
if (mSessionUser->getUserState() >= USER_LOADED_FROM_DB) {
if (mNewUser->getUserState() >= USER_LOADED_FROM_DB) {
int loginResult = mNewUser->login(password);
if (-1 == loginResult) {
@ -798,42 +589,30 @@ UserStates Session::loadUser(const std::string& email, const std::string& passwo
}
}
}
// can be removed if session user isn't used any more
// don't calculate password two times anymore
mSessionUser->login(mNewUser);
/*if (mNewUser->getModel()->getPasswordHashed() && !mSessionUser->validatePwd(password, this)) {
unlock();
return USER_PASSWORD_INCORRECT;
}*/
}
else {
User::fakeCreateCryptoKey();
Poco::Thread::sleep(ServerConfig::g_FakeLoginSleepTime);
}
/*if (!mSessionUser->validatePwd(password, this)) {
addError(new Error("Login", "E-Mail oder Passwort nicht korrekt, bitte versuche es erneut!"));
unlock();
return false;
}
if (!mSessionUser->isEmailChecked()) {
addError(new Error("Account", "E-Mail Adresse wurde noch nicht best&auml;tigt, hast du schon eine E-Mail erhalten?"));
unlock();
return false;
}*/
detectSessionState();
unlock();
if (0 == mNewUser->getModel()->getGroupId()) {
return USER_NO_GROUP;
}
return mSessionUser->getUserState();
return mNewUser->getUserState();
}
bool Session::deleteUser()
{
lock("Session::deleteUser");
bool bResult = false;
if(mSessionUser) {
if(!mNewUser.isNull()) {
JsonRequest phpServerRequest(ServerConfig::g_php_serverHost, 443);
Poco::Net::NameValueCollection payload;
payload.add("user", std::string(mSessionUser->getPublicKeyHex()));
auto user_model = mNewUser->getModel();
payload.add("user", user_model->getPublicKeyHex());
//auto ret = phpServerRequest.request("userDelete", payload);
JsonRequestReturn ret = JSON_REQUEST_RETURN_OK;
if (ret == JSON_REQUEST_RETURN_ERROR) {
@ -842,7 +621,7 @@ bool Session::deleteUser()
sendErrorsAsEmail();
}
else if (ret == JSON_REQUEST_RETURN_OK) {
bResult = mSessionUser->deleteFromDB();
bResult = user_model->deleteFromDB();
}
else {
addError(new Error(gettext("Benutzer"), gettext("Konnte Community Server nicht erreichen. E-Mail an den Admin ist raus.")));
@ -895,14 +674,14 @@ SESSION_STATE_COUNT
*/
void Session::detectSessionState()
{
if (!mSessionUser || !mSessionUser->hasCryptoKey()) {
if (mNewUser.isNull() || !mNewUser->getModel() || mNewUser->getPassword().isNull()) {
return;
}
UserStates userState = mSessionUser->getUserState();
UserState userState = mNewUser->getUserState();
int checkEmail = -1, resetPasswd = -1;
try {
auto emailVerificationCodeObjects = controller::EmailVerificationCode::load(mSessionUser->getDBId());
auto emailVerificationCodeObjects = controller::EmailVerificationCode::load(mNewUser->getModel()->getID());
for (int i = 0; i < emailVerificationCodeObjects.size(); i++) {
auto type = emailVerificationCodeObjects[i]->getModel()->getType();
@ -940,7 +719,7 @@ void Session::detectSessionState()
if (USER_NO_KEYS == userState) {
auto user_id = mSessionUser->getDBId();
auto user_id = mNewUser->getModel()->getID();
auto userBackups = controller::UserBackup::load(user_id);
// check passphrase, only possible while passphrase isn't crypted in db
@ -948,15 +727,20 @@ void Session::detectSessionState()
// always trigger SESSION_STATE_PASSPHRASE_WRITTEN, else lost of data possible
bool cryptedPassphrase = userBackups.size() > 0;
for (auto it = userBackups.begin(); it != userBackups.end(); it++) {
KeyPair keys;
auto passphrase = (*it)->getModel()->getPassphrase();
Mnemonic* wordSource = nullptr;
if (User::validatePassphrase(passphrase, &wordSource)) {
if (keys.generateFromPassphrase((*it)->getModel()->getPassphrase().data(), wordSource)) {
if (sodium_memcmp(mSessionUser->getPublicKey(), keys.getPublicKey(), ed25519_pubkey_SIZE) == 0) {
correctPassphraseFound = true;
break;
}
auto passphrase_obj = Passphrase::create(passphrase, wordSource);
if (!passphrase_obj.isNull() && passphrase_obj->checkIfValid()) {
auto key_pair = KeyPairEd25519::create(passphrase_obj);
if (key_pair && key_pair->isTheSame(mNewUser->getModel()->getPublicKey())) {
correctPassphraseFound = true;
//break;
}
if (key_pair) {
delete key_pair;
}
if (correctPassphraseFound) {
break;
}
}
else {
@ -1038,8 +822,7 @@ bool Session::loadFromEmailVerificationCode(Poco::UInt64 emailVerificationCode)
addError(new Error(gettext("E-Mail Verification"), gettext("Fehler beim laden des Benutzers.")));
return false;
}
mSessionUser = new User(mNewUser);
mSessionUser->setLanguage(getLanguage());
// TODO: Maybe update language key by user, is session has another, or update only with options-menu
auto verificationType = mEmailVerificationCodeObject->getModel()->getType();
if (verificationType == model::table::EMAIL_OPT_IN_RESET_PASSWORD) {
@ -1117,21 +900,7 @@ bool Session::useOrGeneratePassphrase(const std::string& passphase)
}
}
*/
bool Session::generatePassphrase()
{
if (mNewUser.isNull()) return false;
auto lang = getLanguage();
if (lang == LANG_EN) {
mPassphrase = User::generateNewPassphrase(&ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_BIP0039_SORTED_ORDER]);
}
else {
mPassphrase = User::generateNewPassphrase(&ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER]);
}
//mPassphrase = User::generateNewPassphrase(&ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER]);
updateState(SESSION_STATE_PASSPHRASE_GENERATED);
return true;
}
bool Session::generateKeys(bool savePrivkey, bool savePassphrase)
{

60
src/cpp/model/Session.h
View File

@ -11,7 +11,6 @@
#define DR_LUA_WEB_MODULE_SESSION_SESSION_H
#include "../lib/NotificationList.h"
#include "User.h"
#include "../controller/User.h"
#include "../lib/MultithreadContainer.h"
@ -73,29 +72,20 @@ public:
inline Poco::AutoPtr<controller::User> getNewUser() { return mNewUser; }
// ---------------- User functions ----------------------------
// TODO: register state: written into db, mails sended, update state only if new state is higher as old state
// create User send e-mail activation link
bool createUser(const std::string& first_name, const std::string& last_name, const std::string& email, const std::string& password);
//! \brief new register function, without showing user pubkeys, using controller/user
bool createUserDirect(const std::string& first_name, const std::string& last_name, const std::string& email, const std::string& password);
bool createUserDirect(const std::string& first_name, const std::string& last_name, const std::string& email, const std::string& password, int groupId);
// adminRegister without passwort
bool adminCreateUser(const std::string& first_name, const std::string& last_name, const std::string& email);
bool adminCreateUser(const std::string& first_name, const std::string& last_name, const std::string& email, int group_id);
// TODO: check if email exist and if not, fake waiting on password hashing with profiled times of real password hashing
UserStates loadUser(const std::string& email, const std::string& password);
UserState loadUser(const std::string& email, const std::string& password);
bool ifUserExist(const std::string& email);
inline void setUser(Poco::AutoPtr<User> user) { mSessionUser = user; }
bool deleteUser();
Poco::AutoPtr<User> getUser() {
return mSessionUser;
}
// ------------------------- Email Verification Code functions -------------------------------
@ -117,7 +107,7 @@ public:
//! \return 1 = same
//! \return -1 = error
//! \return -2 = critical error
int comparePassphraseWithSavedKeys(const std::string& inputPassphrase, Mnemonic* wordSource);
int comparePassphraseWithSavedKeys(const std::string& inputPassphrase, const Mnemonic* wordSource);
Poco::Net::HTTPCookie getLoginCookie();
@ -132,14 +122,13 @@ public:
inline void setPassphrase(const std::string& passphrase) { mPassphrase = passphrase; }
inline const std::string& getOldPassphrase() { return mPassphrase; }
bool generatePassphrase();
bool generateKeys(bool savePrivkey, bool savePassphrase);
inline void setClientIp(Poco::Net::IPAddress ip) { mClientLoginIP = ip; }
inline Poco::Net::IPAddress getClientIp() { return mClientLoginIP; }
inline bool isIPValid(Poco::Net::IPAddress ip) { return mClientLoginIP == ip; }
bool isPwdValid(const std::string& pwd);
void reset();
void updateState(SessionStates newState);
@ -198,7 +187,6 @@ protected:
private:
int mHandleId;
Poco::AutoPtr<User> mSessionUser;
Poco::AutoPtr<controller::User> mNewUser;
std::string mPassphrase;
Poco::AutoPtr<Passphrase> mNewPassphrase;
@ -219,44 +207,6 @@ private:
};
class WriteEmailVerification : public UniLib::controller::CPUTask
{
public:
WriteEmailVerification(Poco::AutoPtr<User> user, Poco::AutoPtr<controller::EmailVerificationCode> emailVerificationCode, UniLib::controller::CPUSheduler* cpuScheduler, size_t taskDependenceCount = 0)
: UniLib::controller::CPUTask(cpuScheduler, taskDependenceCount), mUser(user), mEmailVerificationCode(emailVerificationCode) {
#ifdef _UNI_LIB_DEBUG
setName(user->getEmail());
#endif
}
virtual const char* getResourceType() const { return "WriteEmailVerification"; };
virtual int run();
private:
Poco::AutoPtr<User> mUser;
Poco::AutoPtr<controller::EmailVerificationCode> mEmailVerificationCode;
};
class WritePassphraseIntoDB : public UniLib::controller::CPUTask
{
public:
WritePassphraseIntoDB(int userId, const std::string& passphrase)
: mUserId(userId), mPassphrase(passphrase) {
#ifdef _UNI_LIB_DEBUG
setName(std::to_string(userId).data());
#endif
}
virtual int run();
virtual const char* getResourceType() const { return "WritePassphraseIntoDB"; };
protected:
int mUserId;
std::string mPassphrase;
};
class SessionStateUpdateCommand : public UniLib::controller::Command
{
public:

15
src/cpp/model/TransactionCreation.cpp
View File

@ -3,17 +3,14 @@
#include <sodium.h>
TransactionCreation::TransactionCreation(const std::string& memo, const proto::gradido::GradidoCreation& protoCreation)
: TransactionBase(memo), mProtoCreation(protoCreation), mReceiverUser(nullptr)
: TransactionBase(memo), mProtoCreation(protoCreation)
{
memset(mReceiverPublicHex, 0, 65);
}
TransactionCreation::~TransactionCreation()
{
if (mReceiverUser) {
delete mReceiverUser;
mReceiverUser = nullptr;
}
}
int TransactionCreation::prepare()
@ -30,15 +27,17 @@ int TransactionCreation::prepare()
addError(new Error(functionName, "receiver public invalid (size not 32)"));
return -2;
}
mReceiverUser = new User((const unsigned char*)receiverPublic.data());
getErrors(mReceiverUser);
mReceiverUser = controller::User::create();
//mReceiverUser = new User((const unsigned char*)receiverPublic.data());
mReceiverUser->load((const unsigned char*)receiverPublic.data());
getErrors(mReceiverUser->getModel());
if (mReceiverUser->getUserState() == USER_EMPTY) {
sodium_bin2hex(mReceiverPublicHex, 65, (const unsigned char*)receiverPublic.data(), receiverPublic.size());
delete mReceiverUser;
mReceiverUser = nullptr;
}
else {
memcpy(mReceiverPublicHex, mReceiverUser->getPublicKeyHex().data(), 64);
memcpy(mReceiverPublicHex, mReceiverUser->getModel()->getPublicKeyHex().data(), 64);
// uncomment because not correctly working
/*if (!mReceiverUser->validateIdentHash(mProtoCreation.ident_hash())) {
addError(new Error(functionName, "ident hash isn't the same"));

6
src/cpp/model/TransactionCreation.h
View File

@ -13,7 +13,7 @@
#include "TransactionBase.h"
#include "../proto/gradido/GradidoCreation.pb.h"
#include "User.h"
#include "../controller/User.h"
class TransactionCreation : public TransactionBase
{
@ -23,7 +23,7 @@ public:
int prepare();
inline User* getUser() { return mReceiverUser; }
inline Poco::AutoPtr<controller::User> getUser() { return mReceiverUser; }
inline google::protobuf::int64 getAmount() { return mProtoCreation.receiver().amount(); }
inline char* getPublicHex() { return mReceiverPublicHex; }
@ -33,7 +33,7 @@ public:
protected:
const proto::gradido::GradidoCreation& mProtoCreation;
char mReceiverPublicHex[65];
User* mReceiverUser;
Poco::AutoPtr<controller::User> mReceiverUser;
};
#endif //GRADIDO_LOGIN_SERVER_MODEL_TRANSACTION_CREATION_INCLUDE

1323
src/cpp/model/User.cpp
View File

File diff suppressed because it is too large Load Diff

272
src/cpp/model/User.h
View File

@ -1,272 +0,0 @@
#ifndef GRADIDO_LOGIN_SERVER_MODEL_USER_INCLUDE
#define GRADIDO_LOGIN_SERVER_MODEL_USER_INCLUDE
#include "../Crypto/KeyPair.h"
#include <string>
//#include "ModelBase.h"
#include "../lib/NotificationList.h"
#include "Poco/Thread.h"
#include "Poco/Types.h"
#include "Poco/Data/Session.h"
#include "Poco/JSON/Object.h"
#include "../tasks/CPUTask.h"
#include "../SingletonManager/MemoryManager.h"
#include "../SingletonManager/LanguageManager.h"
#include "../controller/User.h"
class UserCreateCryptoKey;
class UserWriteIntoDB;
class Session;
class UserWriteCryptoKeyHashIntoDB;
class SigningTransaction;
class UserGenerateKeys;
class DebugPassphrasePage;
class RepairDefectPassphrase;
enum UserStates
{
USER_EMPTY,
USER_LOADED_FROM_DB,
USER_PASSWORD_INCORRECT,
USER_PASSWORD_ENCRYPTION_IN_PROCESS,
USER_EMAIL_NOT_ACTIVATED,
USER_NO_KEYS,
USER_NO_PRIVATE_KEY,
USER_KEYS_DONT_MATCH,
USER_COMPLETE,
USER_DISABLED
};
enum UserFields
{
USER_FIELDS_ID,
USER_FIELDS_FIRST_NAME,
USER_FIELDS_LAST_NAME,
USER_FIELDS_PASSWORD,
USER_FIELDS_EMAIL_CHECKED,
USER_FIELDS_LANGUAGE
};
class User : public NotificationList
{
friend UserCreateCryptoKey;
friend UserWriteIntoDB;
friend UserWriteCryptoKeyHashIntoDB;
friend SigningTransaction;
friend UserGenerateKeys;
friend DebugPassphrasePage;
friend RepairDefectPassphrase;
public:
// new user
User(const char* email, const char* first_name, const char* last_name);
// existing user
User(const char* email);
// existing user by public key
User(const unsigned char* pubkey_array);
User(int user_id);
// load from controller user
User(Poco::AutoPtr<controller::User> ctrl_user);
// login
//User(const std::string& email, const std::string& password);
~User();
void login(Poco::AutoPtr<controller::User> newUser);
static std::string generateNewPassphrase(Mnemonic* word_source);
static bool validatePassphrase(const std::string& passphrase, Mnemonic** wordSource = nullptr);
static const char* userStateToString(UserStates state);
//static User* login(const std::string& email, const std::string& password, ErrorList* errorContainer = nullptr);
bool generateKeys(bool savePrivkey, const std::string& passphrase, Session* session);
bool loadEntryDBId(Poco::Data::Session session);
bool deleteFromDB();
inline bool hasCryptoKey() { lock(); bool bRet = mCryptoKey != nullptr; unlock(); return bRet; }
inline const char* getEmail() const { return mEmail.data(); }
inline const char* getFirstName() const { return mFirstName.data(); }
inline const char* getLastName() const { return mLastName.data(); }
inline int getDBId() const { return mDBId; }
inline int getBalance() { lock(); int balance = mGradidoCurrentBalance; unlock(); return balance; }
inline std::string getPublicKeyHex() { lock(); std::string pubkeyHex = mPublicHex; unlock(); return pubkeyHex; }
inline const unsigned char* getPublicKey() { return mPublicKey; }
inline Languages getLanguage() { lock(); Languages lang = mLanguage; unlock(); return lang; }
inline void setPublicKeyHex(const std::string& publicKeyHex) { lock(); mPublicHex = publicKeyHex; unlock(); }
inline void setPublicKey(const unsigned char* key) { lock(); memcpy(mPublicKey, key, crypto_sign_PUBLICKEYBYTES); unlock();}
inline const char* gettext(const char* text) { if (mLanguageCatalog.isNull()) return text; return mLanguageCatalog->gettext(text); }
UserStates getUserState();
void setLanguage(Languages lang);
inline void setBalance(int balance) { lock(); mGradidoCurrentBalance = balance; unlock(); }
void setEmailChecked();
bool isEmptyPassword();
//bool setNewPassword(const std::string& newPassword);
bool updatePassword(const std::string& newPassword, const std::string& passphrase, Poco::AutoPtr<controller::User> newUser);
bool validatePwd(const std::string& pwd, NotificationList* validationErrorsToPrint);
bool validateIdentHash(HASH hash);
MemoryBin* encrypt(const MemoryBin* data);
MemoryBin* decrypt(const MemoryBin* encryptedData);
MemoryBin* sign(const unsigned char* message, size_t messageSize);
Poco::JSON::Object getJson();
// for poco auto ptr
void duplicate();
void release();
//! \brief wait time create crypto key is normally running
static void fakeCreateCryptoKey();
protected:
typedef Poco::UInt64 passwordHashed;
MemoryBin* createCryptoKey(const std::string& password);
static passwordHashed createPasswordHashed(MemoryBin* cryptoKey, NotificationList* errorReceiver = nullptr);
inline void setCryptoKey(MemoryBin* cryptoKey) { lock(); mCryptoKey = cryptoKey; unlock(); }
//void detectState();
Poco::Data::Statement insertIntoDB(Poco::Data::Session session);
bool updateIntoDB(UserFields fieldType);
inline passwordHashed getPwdHashed() { lock(); auto ret = mPasswordHashed; unlock(); return ret; }
inline void setPwdHashed(passwordHashed pwdHashed) { lock(); mPasswordHashed = pwdHashed; unlock(); }
void lock(const char* stateInfos = nullptr);
inline void unlock() { mWorkingMutex.unlock(); }
MemoryBin* getPrivKey();
inline bool hasPrivKey() { lock(); bool result = false; if (mPrivateKey && mCryptoKey) result = true; unlock(); return result; }
bool setPrivKey(const MemoryBin* privKey);
private:
Poco::AutoPtr<controller::User> mUserCtrl;
UserStates mState;
// ************************* DB FIELDS ******************************
int mDBId;
std::string mEmail;
std::string mFirstName;
std::string mLastName;
passwordHashed mPasswordHashed;
std::string mPublicHex;
unsigned char mPublicKey[crypto_sign_PUBLICKEYBYTES];
//! crypted private key
MemoryBin* mPrivateKey;
// TODO: insert created if necessary
bool mEmailChecked;
Languages mLanguage;
// ************************ DB FIELDS END ******************************
int mGradidoCurrentBalance;
Poco::AutoPtr<LanguageCatalog> mLanguageCatalog;
// crypto key as obfus array
// only in memory, if user has typed in password
MemoryBin* mCryptoKey;
Poco::Mutex mWorkingMutex;
Poco::Mutex mReferenceMutex;
// for poco auto ptr
int mReferenceCount;
UniLib::controller::TaskPtr mCreateCryptoKeyTask;
};
class UserCreateCryptoKey : public UniLib::controller::CPUTask
{
public:
UserCreateCryptoKey(Poco::AutoPtr<User> user, Poco::AutoPtr<controller::User> newUser, const std::string& password, UniLib::controller::CPUSheduler* cpuScheduler);
virtual int run();
virtual const char* getResourceType() const { return "UserCreateCryptoKey"; };
private:
Poco::AutoPtr<User> mUser;
Poco::AutoPtr<controller::User> mNewUser;
std::string mPassword;
};
class UserGenerateKeys : public UniLib::controller::CPUTask
{
public:
UserGenerateKeys(Poco::AutoPtr<User> user, Poco::AutoPtr<controller::User> newUser, const std::string& passphrase)
: mUser(user), mNewUser(newUser), mPassphrase(passphrase) {
#ifdef _UNI_LIB_DEBUG
setName(user->getEmail());
#endif
}
~UserGenerateKeys() {
}
virtual int run();
inline KeyPair* getKeyPairs() { return &mKeys; }
virtual const char* getResourceType() const { return "UserGenerateKeys"; };
protected:
Poco::AutoPtr<User> mUser;
Poco::AutoPtr<controller::User> mNewUser;
std::string mPassphrase;
KeyPair mKeys;
};
class UserWriteIntoDB : public UniLib::controller::CPUTask
{
public:
UserWriteIntoDB(Poco::AutoPtr<User> user, UniLib::controller::CPUSheduler* cpuScheduler, size_t taskDependenceCount = 0)
: UniLib::controller::CPUTask(cpuScheduler, taskDependenceCount), mUser(user) {
#ifdef _UNI_LIB_DEBUG
setName(user->getEmail());
#endif
}
virtual int run();
virtual const char* getResourceType() const { return "UserWriteIntoDB"; };
private:
Poco::AutoPtr<User> mUser;
};
class UserWriteKeysIntoDB : public UniLib::controller::CPUTask
{
public:
UserWriteKeysIntoDB(std::vector<UniLib::controller::TaskPtr> parents, Poco::AutoPtr<User> user, bool savePrivKey);
virtual int run();
virtual const char* getResourceType() const { return "UserWriteKeysIntoDB"; };
protected:
Poco::AutoPtr<User> mUser;
bool mSavePrivKey;
};
class UserWriteCryptoKeyHashIntoDB : public UniLib::controller::CPUTask
{
public:
UserWriteCryptoKeyHashIntoDB(Poco::AutoPtr<User> user, int dependencieCount = 0);
int run();
const char* getResourceType() const { return "UserWriteCryptoKeyHashIntoDB"; };
protected:
Poco::AutoPtr<User> mUser;
};
#endif //GRADIDO_LOGIN_SERVER_MODEL_USER_INCLUDE

43
src/cpp/model/table/User.cpp
View File

@ -17,8 +17,8 @@ namespace model {
{
}
User::User(const std::string& email, const std::string& first_name, const std::string& last_name, Poco::UInt64 passwordHashed/* = 0*/, std::string languageKey/* = "de"*/)
: mFirstName(first_name), mLastName(last_name), mPasswordHashed(passwordHashed), mEmailChecked(false), mLanguageKey(languageKey), mDisabled(false), mRole(ROLE_NOT_LOADED)
User::User(const std::string& email, const std::string& first_name, const std::string& last_name, int group_id, Poco::UInt64 passwordHashed/* = 0*/, std::string languageKey/* = "de"*/)
: mFirstName(first_name), mLastName(last_name), mPasswordHashed(passwordHashed), mEmailChecked(false), mLanguageKey(languageKey), mDisabled(false), mGroupId(group_id), mRole(ROLE_NOT_LOADED)
{
setEmail(email);
@ -27,7 +27,7 @@ namespace model {
User::User(UserTuple tuple)
: ModelBase(tuple.get<0>()),
mFirstName(tuple.get<1>()), mLastName(tuple.get<2>()), mEmail(tuple.get<3>()),
mPublicKey(tuple.get<4>()), mCreated(tuple.get<5>()), mEmailChecked(tuple.get<6>()), mDisabled(tuple.get<7>()),
mPublicKey(tuple.get<4>()), mCreated(tuple.get<5>()), mEmailChecked(tuple.get<6>()), mDisabled(tuple.get<7>()), mGroupId(tuple.get<8>()),
mPasswordHashed(0), mLanguageKey("de"), mRole(ROLE_NOT_LOADED)
{
@ -80,12 +80,12 @@ namespace model {
if (mPasswordHashed) {
insert << "INSERT INTO users (email, first_name, last_name, password, email_hash, language) VALUES(?,?,?,?,?,?);",
use(mEmail), use(mFirstName), use(mLastName), bind(mPasswordHashed), use(mEmailHash), use(mLanguageKey);
insert << "INSERT INTO users (email, first_name, last_name, password, email_hash, language, group_id) VALUES(?,?,?,?,?,?,?);",
use(mEmail), use(mFirstName), use(mLastName), bind(mPasswordHashed), use(mEmailHash), use(mLanguageKey), use(mGroupId);
}
else {
insert << "INSERT INTO users (email, first_name, last_name, email_hash, language) VALUES(?,?,?,?,?);",
use(mEmail), use(mFirstName), use(mLastName), use(mEmailHash), use(mLanguageKey);
insert << "INSERT INTO users (email, first_name, last_name, email_hash, language, group_id) VALUES(?,?,?,?,?,?);",
use(mEmail), use(mFirstName), use(mLastName), use(mEmailHash), use(mLanguageKey), use(mGroupId);
}
return insert;
@ -98,13 +98,13 @@ namespace model {
_fieldName = getTableName() + std::string(".id");
}
Poco::Data::Statement select(session);
select << "SELECT " << getTableName() << ".id, email, first_name, last_name, password, pubkey, privkey, email_hash, created, email_checked, language, disabled, user_roles.role_id "
select << "SELECT " << getTableName() << ".id, email, first_name, last_name, password, pubkey, privkey, email_hash, created, email_checked, language, disabled, group_id, user_roles.role_id "
<< " FROM " << getTableName()
<< " LEFT JOIN user_roles ON " << getTableName() << ".id = user_roles.user_id "
<< " WHERE " << _fieldName << " = ?" ,
into(mID), into(mEmail), into(mFirstName), into(mLastName), into(mPasswordHashed),
into(mPublicKey), into(mPrivateKey), into(mEmailHash), into(mCreated), into(mEmailChecked),
into(mLanguageKey), into(mDisabled), into(mRole);
into(mLanguageKey), into(mDisabled), into(mGroupId), into(mRole);
return select;
@ -114,7 +114,7 @@ namespace model {
{
Poco::Data::Statement select(session);
// typedef Poco::Tuple<std::string, std::string, std::string, Poco::Nullable<Poco::Data::BLOB>, int> UserTuple;
select << "SELECT id, first_name, last_name, email, pubkey, created, email_checked, disabled FROM " << getTableName()
select << "SELECT id, first_name, last_name, email, pubkey, created, email_checked, disabled, group_id FROM " << getTableName()
<< " where " << fieldName << " LIKE ?";
@ -130,7 +130,7 @@ namespace model {
}
// typedef Poco::Tuple<std::string, std::string, std::string, Poco::Nullable<Poco::Data::BLOB>, int> UserTuple;
select << "SELECT id, first_name, last_name, email, pubkey, created, email_checked, disabled FROM " << getTableName()
select << "SELECT id, first_name, last_name, email, pubkey, created, email_checked, disabled, group_id FROM " << getTableName()
<< " where " << fieldNames[0] << " LIKE ?";
if (conditionType == MYSQL_CONDITION_AND) {
for (int i = 1; i < fieldNames.size(); i++) {
@ -311,6 +311,7 @@ namespace model {
ss << "email checked: " << mEmailChecked << std::endl;
ss << "language key: " << mLanguageKey << std::endl;
ss << "disabled: " << mDisabled << std::endl;
ss << "group id: " << std::to_string(mGroupId) << std::endl;
mm->releaseMemory(pubkeyHex);
mm->releaseMemory(privkeyHex);
@ -346,6 +347,7 @@ namespace model {
ss << "language key: " << mLanguageKey << "<br>";
ss << "role: " << UserRole::typeToString(getRole()) << "<br>";
ss << "disabled: " << mDisabled << "<br>";
ss << "group_id: " << std::to_string(mGroupId) << std::endl;
mm->releaseMemory(pubkeyHex);
mm->releaseMemory(email_hash);
@ -369,6 +371,25 @@ namespace model {
return pubkeyHexString;
}
std::string User::getPrivateKeyEncryptedHex() const
{
std::shared_lock<std::shared_mutex> _lock(mSharedMutex);
auto mm = MemoryManager::getInstance();
std::string privkeyHexString;
if (!mPrivateKey.isNull()) {
auto priv_key_size = mPrivateKey.value().content().size();
auto privkeyHex = mm->getFreeMemory(priv_key_size+1);
memset(*privkeyHex, 0, priv_key_size+1);
sodium_bin2hex(*privkeyHex, 65, mPrivateKey.value().content().data(), priv_key_size);
privkeyHexString = std::string((const char*)privkeyHex->data(), privkeyHex->size() - 1);
mm->releaseMemory(privkeyHex);
}
return privkeyHexString;
}
Poco::JSON::Object User::getJson()
{

51
src/cpp/model/table/User.h
View File

@ -29,14 +29,16 @@ namespace model {
USER_FIELDS_LANGUAGE
};
typedef Poco::Tuple<int, std::string, std::string, std::string, Poco::Nullable<Poco::Data::BLOB>, Poco::DateTime, int, int> UserTuple;
typedef Poco::Tuple<int, std::string, std::string, std::string, Poco::Nullable<Poco::Data::BLOB>, Poco::DateTime, int, int, int> UserTuple;
class User : public ModelBase
{
public:
#define SHARED_LOCK std::shared_lock<std::shared_mutex> _lock(mSharedMutex)
#define UNIQUE_LOCK std::unique_lock<std::shared_mutex> _lock(mSharedMutex)
User();
User(UserTuple tuple);
User(const std::string& email, const std::string& first_name, const std::string& last_name, Poco::UInt64 passwordHashed = 0, std::string languageKey = "de");
User(const std::string& email, const std::string& first_name, const std::string& last_name, int group_id, Poco::UInt64 passwordHashed = 0, std::string languageKey = "de");
~User();
// generic db operations
@ -54,35 +56,38 @@ namespace model {
size_t updateFieldsFromCommunityServer();
// default getter unlocked
inline const std::string getEmail() const { std::shared_lock<std::shared_mutex> _lock(mSharedMutex); return mEmail; }
inline const std::string getFirstName() const { std::shared_lock<std::shared_mutex> _lock(mSharedMutex); return mFirstName; }
inline const std::string getLastName() const { std::shared_lock<std::shared_mutex> _lock(mSharedMutex); return mLastName; }
inline std::string getNameWithEmailHtml() const { std::shared_lock<std::shared_mutex> _lock(mSharedMutex); return mFirstName + "&nbsp;" + mLastName + "&nbsp;&lt;" + mEmail + "&gt;"; }
inline const Poco::UInt64 getPasswordHashed() const { std::shared_lock<std::shared_mutex> _lock(mSharedMutex); return mPasswordHashed; }
inline RoleType getRole() const { std::shared_lock<std::shared_mutex> _lock(mSharedMutex); if (mRole.isNull()) return ROLE_NONE; return static_cast<RoleType>(mRole.value()); }
inline const unsigned char* getPublicKey() const { std::shared_lock<std::shared_mutex> _lock(mSharedMutex); if (mPublicKey.isNull()) return nullptr; return mPublicKey.value().content().data(); }
inline size_t getPublicKeySize() const { std::shared_lock<std::shared_mutex> _lock(mSharedMutex); if (mPublicKey.isNull()) return 0; return mPublicKey.value().content().size(); }
inline const std::string getEmail() const { SHARED_LOCK; return mEmail; }
inline const std::string getFirstName() const { SHARED_LOCK; return mFirstName; }
inline const std::string getLastName() const { SHARED_LOCK; return mLastName; }
inline std::string getNameWithEmailHtml() const { SHARED_LOCK; return mFirstName + "&nbsp;" + mLastName + "&nbsp;&lt;" + mEmail + "&gt;"; }
inline const Poco::UInt64 getPasswordHashed() const { SHARED_LOCK; return mPasswordHashed; }
inline RoleType getRole() const { SHARED_LOCK; if (mRole.isNull()) return ROLE_NONE; return static_cast<RoleType>(mRole.value()); }
inline const unsigned char* getPublicKey() const { SHARED_LOCK; if (mPublicKey.isNull()) return nullptr; return mPublicKey.value().content().data(); }
inline size_t getPublicKeySize() const { SHARED_LOCK; if (mPublicKey.isNull()) return 0; return mPublicKey.value().content().size(); }
std::string getPublicKeyHex() const;
std::string getPrivateKeyEncryptedHex() const;
inline bool hasPrivateKeyEncrypted() const { std::shared_lock<std::shared_mutex> _lock(mSharedMutex); return !mPrivateKey.isNull(); }
inline bool hasEmailHash() const { std::shared_lock<std::shared_mutex> _lock(mSharedMutex); return !mEmailHash.isNull(); }
inline const std::vector<unsigned char>& getPrivateKeyEncrypted() const { return mPrivateKey.value().content(); }
inline bool isEmailChecked() const { std::shared_lock<std::shared_mutex> _lock(mSharedMutex); return mEmailChecked; }
inline const std::string getLanguageKey() const { std::shared_lock<std::shared_mutex> _lock(mSharedMutex); return mLanguageKey; }
inline bool isDisabled() const { std::shared_lock<std::shared_mutex> _lock(mSharedMutex); return mDisabled; }
inline bool hasPrivateKeyEncrypted() const { SHARED_LOCK; return !mPrivateKey.isNull(); }
inline bool hasPublicKey() const { SHARED_LOCK; return !mPublicKey.isNull(); }
inline bool hasEmailHash() const { SHARED_LOCK; return !mEmailHash.isNull(); }
inline const std::vector<unsigned char>& getPrivateKeyEncrypted() const { SHARED_LOCK; return mPrivateKey.value().content(); }
inline bool isEmailChecked() const { SHARED_LOCK; return mEmailChecked; }
inline const std::string getLanguageKey() const { SHARED_LOCK; return mLanguageKey; }
inline bool isDisabled() const { SHARED_LOCK; return mDisabled; }
inline int getGroupId() const { SHARED_LOCK; return mGroupId; }
// default setter unlocked
void setEmail(const std::string& email);
inline void setFirstName(const std::string& first_name) { std::unique_lock<std::shared_mutex> _lock(mSharedMutex); mFirstName = first_name; }
inline void setLastName(const std::string& last_name) { std::unique_lock<std::shared_mutex> _lock(mSharedMutex); mLastName = last_name; }
inline void setPasswordHashed(const Poco::UInt64& passwordHashed) { std::unique_lock<std::shared_mutex> _lock(mSharedMutex); mPasswordHashed = passwordHashed; }
inline void setFirstName(const std::string& first_name) { UNIQUE_LOCK; mFirstName = first_name; }
inline void setLastName(const std::string& last_name) { UNIQUE_LOCK; mLastName = last_name; }
inline void setPasswordHashed(const Poco::UInt64& passwordHashed) { UNIQUE_LOCK; mPasswordHashed = passwordHashed; }
void setPublicKey(const unsigned char* publicKey);
//! \brief set encrypted private key
//! \param privateKey copy data, didn't move memory bin
void setPrivateKey(const MemoryBin* privateKey);
inline void setEmailChecked(bool emailChecked) { std::unique_lock<std::shared_mutex> _lock(mSharedMutex); mEmailChecked = emailChecked; }
inline void setLanguageKey(const std::string& languageKey) { std::unique_lock<std::shared_mutex> _lock(mSharedMutex); mLanguageKey = languageKey; }
inline void setDisabled(bool disabled) { std::unique_lock<std::shared_mutex> _lock(mSharedMutex); mDisabled = disabled; }
inline void setEmailChecked(bool emailChecked) { UNIQUE_LOCK; mEmailChecked = emailChecked; }
inline void setLanguageKey(const std::string& languageKey) { UNIQUE_LOCK; mLanguageKey = languageKey; }
inline void setDisabled(bool disabled) { UNIQUE_LOCK; mDisabled = disabled; }
Poco::JSON::Object getJson();
@ -113,6 +118,8 @@ namespace model {
//! if set to true, prevent login
bool mDisabled;
int mGroupId;
// from neighbor tables
Poco::Nullable<int> mRole;

1
src/cpp/tasks/SigningTransaction.h
View File

@ -5,7 +5,6 @@
#include "../lib/NotificationList.h"
#include "../model/TransactionBase.h"
#include "../model/User.h"
#include "../controller/User.h"
#include "../proto/gradido/GradidoTransaction.pb.h"

8
src/cpsp/Error500.cpsp
View File

@ -10,18 +10,18 @@
<%
const char* pageName = "Error";
response.setStatusAndReason(Poco::Net::HTTPResponse::HTTP_INTERNAL_SERVER_ERROR);
Poco::AutoPtr<User> user;
Poco::AutoPtr<controller::User> user;
if(mSession) {
auto user = mSession->getUser();
auto user = mSession->getNewUser();
}
%><%@ include file="header_old.cpsp" %>
<div class="grd_container">
<h2>Ein Fehler auf dem Server trat ein, der Admin bekam eine E-Mail.</h2>
<% if(mSession) { %>
<%= mSession->getErrorsHtml() %>
<%= mSession->getErrorsHtmlNewFormat() %>
<% } %>
<% if(!user.isNull()) {%>
<%= user->getErrorsHtml() %>
<%= user->getModel()->getErrorsHtmlNewFormat() %>
<% } %>
</div>
<%@ include file="footer.cpsp" %>

25
src/cpsp/PassphrasedTransaction.cpsp
View File

@ -6,7 +6,7 @@
<%!
#include "../SingletonManager/MemoryManager.h"
#include "../SingletonManager/SessionManager.h"
#include "../Crypto/KeyPair.h"
#include "../Crypto/KeyPairEd25519.h"
#include "../ServerConfig.h"
#include "Poco/JSON/Object.h"
@ -23,29 +23,28 @@ enum PageState {
<%%
std::string pageName = "Gradidos mit Passphrase überweisen";
PageState state = PAGE_STATE_INPUT;
Mnemonic* wordSource = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER];
Mnemonic* wordSource = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER_FIXED_CASES];
auto sm = SessionManager::getInstance();
auto mm = MemoryManager::getInstance();
std::string errorString ="";
if(!form.empty()) {
auto passphrase = form.get("passphrase", "");
bool passphraseValid = User::validatePassphrase(passphrase, &wordSource);
auto passphrase_obj = Passphrase::create(passphrase, wordSource);
bool keysGenerated = false;
KeyPair keys;
if(!passphraseValid)
{
KeyPairEd25519* keys = nullptr;
if(!passphrase_obj.isNull()) {
addError(new Error("Passphrase", "Fehler beim validieren der Passphrase"));
}
else
{
keysGenerated = keys.generateFromPassphrase(passphrase.data(), wordSource);
if(!keysGenerated)
else {
keys = KeyPairEd25519::create(passphrase_obj);
if(!keys)
{
addError(new Error("Passphrase", "Konnte keine Keys aus der Passphrase generieren"));
}
}
if(passphraseValid && keysGenerated)
if(keys)
{
// create session only for transaction
int session_id = 0;
@ -53,7 +52,7 @@ enum PageState {
// create payload
Poco::JSON::Object requestJson;
Poco::JSON::Object pubkeys;
pubkeys.set("sender", keys.getPubkeyHex());
pubkeys.set("sender", keys->getPublicKeyHex());
pubkeys.set("receiver", form.get("recevier", ""));
requestJson.set("method", "moveTransaction");
requestJson.set("pubkeys", pubkeys);
@ -129,6 +128,8 @@ enum PageState {
if(session) {
sm->releaseSession(session);
}
delete keys;
keys = nullptr;
}
}

24
src/cpsp/adminCheckUserBackup.cpsp
View File

@ -5,10 +5,11 @@
<%@ page ctorArg="Session*" %>
<%@ header include="SessionHTTPRequestHandler.h" %>
<%!
#include "../Crypto/KeyPair.h"
#include "../Crypto/KeyPairEd25519.h"
#include "../Crypto/Passphrase.h"
#include "../SingletonManager/ConnectionManager.h"
#include "../controller/UserBackups.h"
#include "../controller/UserBackup.h"
#include "Poco/Data/Binding.h"
using namespace Poco::Data::Keywords;
@ -25,7 +26,7 @@ struct SListEntry
<%%
const char* pageName = "Admin Check User Backups";
auto cm = ConnectionManager::getInstance();
KeyPair keys;
std::list<SListEntry> notMatchingEntrys;
auto con = cm->getConnection(CONNECTION_MYSQL_LOGIN_SERVER);
@ -44,21 +45,24 @@ struct SListEntry
if(pubkey.isNull()) {
continue;
}
auto passphrase = KeyPair::filterPassphrase(tuple.get<2>());
auto passphrase = Passphrase::filter(tuple.get<2>());
auto user_id = tuple.get<0>();
Mnemonic* wordSource = nullptr;
if(!User::validatePassphrase(passphrase, &wordSource)) {
KeyPairEd25519 key_pair(pubkey.value().content().data());
auto wordSource = Passphrase::detectMnemonic(passphrase);
if(!wordSource) {
addError(new Error("admin Check user backup", "invalid passphrase"), false);
addError(new ParamError("admin Check user backup", "passphrase", passphrase.data()), false);
addError(new ParamError("admin Check user backup", "user id", user_id), false);
continue;
} else {
keys.generateFromPassphrase(passphrase.data(), wordSource);
}
}
auto passphrase_object = Passphrase::create(passphrase, wordSource);
auto key_pair_from_passhrase = KeyPairEd25519::create(passphrase_object);
bool matching = false;
if(keys.isPubkeysTheSame(pubkey.value().content().data())) {
if(key_pair_from_passhrase->isTheSame(key_pair)) {
matching = true;
}
delete key_pair_from_passhrase;
if(user_id != last_user_id) {
last_user_id = user_id;
if(matching) continue;

8
src/cpsp/adminUserPasswordReset.cpsp
View File

@ -8,7 +8,7 @@
// includes
#include "../controller/User.h"
#include "../controller/EmailVerificationCode.h"
#include "../controller/UserBackups.h"
#include "../controller/UserBackup.h"
enum PageState
@ -47,11 +47,11 @@ enum PageState
}
}
auto backups = controller::UserBackups::load(userId);
auto backups = controller::UserBackup::load(userId);
auto userPubkey = user->getModel()->getPublicKey();
for(auto it = backups.begin(); it != backups.end(); it++) {
auto keys = (*it)->getKeyPair();
if(keys->isPubkeysTheSame(userPubkey)) {
if(keys->isTheSame(userPubkey)) {
userBackup = *it;
break;
}
@ -102,7 +102,7 @@ enum PageState
hier findest du deine Passphrase mit dessen Hilfe du dir ein neues Passwort einstellen kannst.
Bitte schreibe sie dir auf und packe sie gut weg.
<%= controller::UserBackups::formatPassphrase(userBackup->getPassphrase(ServerConfig::Mnemonic_Types::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER)) %>
<%= controller::UserBackup::formatPassphrase(userBackup->getPassphrase(ServerConfig::Mnemonic_Types::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER)) %>

6
src/cpsp/checkTransaction.cpsp
View File

@ -163,8 +163,10 @@ enum PageState {
<span class="content-cell"><%= gettext("Gradido") %></span>
</div>
<div class="content-row content-row-bg">
<% if(transactionUser) { %>
<span class="content-cell"><%= transactionUser->getFirstName() %> <%= transactionUser->getLastName() %> &lt;<%= transactionUser->getEmail() %>&gt;</span>
<% if(!transactionUser.isNull()) {
auto user_model = transactionUser->getModel();
%>
<span class="content-cell"><%= user_model->getFirstName() %> <%= user_model->getLastName() %> &lt;<%= user_model->getEmail() %>&gt;</span>
<% } else { %>
<span class="content-cell">0x<%= creationTransaction->getPublicHex() %></span>
<% } %>

4
src/cpsp/dashboard.cpsp
View File

@ -10,6 +10,8 @@
%>
<%%
const char* pageName = "Dashboard";
auto user = mSession->getNewUser();
auto user_model = user->getModel();
//Poco::Net::NameValueCollection cookies;
//request.getCookies(cookies);
if(!form.empty()) {
@ -20,7 +22,7 @@
return;
%><%@ include file="header_old.cpsp" %>
<div class="grd_container">
<h1>Willkommen <%= mSession->getUser()->getFirstName() %>&nbsp;<%= mSession->getUser()->getLastName() %></h1>
<h1>Willkommen <%= user_model->getFirstName() %>&nbsp;<%= user_model->getLastName() %></h1>
<%= mSession->getErrorsHtml() %>
<h3>Status</h3>
<p><%= mSession->getSessionStateString() %></p>

4
src/cpsp/debugMnemonic.cpsp
View File

@ -6,7 +6,7 @@
<%@ header include="SessionHTTPRequestHandler.h" %>
<%!
#include "../ServerConfig.h"
#include "../Crypto/KeyPair.h"
#include "../Crypto/Passphrase.h"
struct WordChecked {
WordChecked() : index(0), bSet(false) {};
@ -48,7 +48,7 @@
{
if("" != form.get("check_word", ""))
{
auto word = KeyPair::filterPassphrase(form.get("word", ""));
auto word = Passphrase::filter(form.get("word", ""));
if("" != word) {
checkedWord.bSet = true;
checkedWord.word = word;

63
src/cpsp/debugPassphrase.cpsp
View File

@ -5,45 +5,36 @@
<%@ page ctorArg="Session*" %>
<%@ header include="SessionHTTPRequestHandler.h" %>
<%!
#include "../Crypto/KeyPair.h"
#include "../Crypto/KeyPairEd25519.h"
#include "../controller/User.h"
%>
<%%
const char* pageName = "Debug Passphrase";
auto mm = MemoryManager::getInstance();
KeyPair keys;
std::string privKeyHex = "";
KeyPairEd25519* keys = nullptr;
std::string privKeyCryptedHex = "";
User::passwordHashed pwdHashed = 0;
Poco::UInt64 pwdHashed = 0;
Poco::AutoPtr<controller::User> existingUser;
if(!form.empty()) {
auto passphrase = KeyPair::filterPassphrase(form.get("passphrase", ""));
Mnemonic* wordSource = nullptr;
if(!User::validatePassphrase(passphrase, &wordSource)) {
auto passphrase_string = form.get("passphrase", "");
auto wordSource = Passphrase::detectMnemonic(passphrase_string);
if(!wordSource) {
addError(new Error("debug Passphrase", "invalid passphrase"), false);
} else {
keys.generateFromPassphrase(passphrase.data(), wordSource);
keys = KeyPairEd25519::create(Passphrase::create(passphrase_string, wordSource));
}
auto email = form.get("email", "");
auto newUser = new User(email.data(), "first_name", "last_name");
if(email != "") {
existingUser = controller::User::create();
existingUser->load(email);
}
newUser->validatePwd(form.get("password", ""), this);
pwdHashed = newUser->getPwdHashed();
auto privKey = keys.getPrivateKey();
if(privKey) {
privKeyHex = KeyPair::getHex(privKey);
auto privKeyCrypted = newUser->encrypt(privKey);
if(privKeyCrypted) {
privKeyCryptedHex = KeyPair::getHex(privKeyCrypted);
mm->releaseMemory(privKeyCrypted);
if(1 == existingUser->load(email)) {
auto user_model = existingUser->getModel();
pwdHashed = user_model->getPasswordHashed();
if(user_model->hasPrivateKeyEncrypted()) {
privKeyCryptedHex = user_model->getPrivateKeyEncryptedHex();
}
}
}
getErrors(newUser);
delete newUser;
}
@ -58,23 +49,21 @@
<label for="email">E-Mail</label>
<input id="email" type="email" name="email" value="<%= !form.empty() ? form.get("email") : "" %>"/>
</p>
<p class="grd_small">
<label for="password">Passwort</label>
<input id="password" type="password" name="password"/>
</p>
<textarea style="width:100%;height:100px" name="passphrase"><%= !form.empty() ? form.get("passphrase", "") : "" %></textarea>
</fieldset>
<input class="grd-form-bn grd-form-bn-succeed" type="submit" name="submit" value="Debug">
</form>
<p>Public key:<br><%= keys.getPubkeyHex() %></p>
<p>Private Key:<br><%= privKeyHex %></p>
<p>Passwort Hashed:<br><%= std::to_string(pwdHashed) %></p>
<p>Private key crypted:<br><%= privKeyCryptedHex %></p>
<% if(!existingUser.isNull()) {
auto userModel = existingUser->getModel();
auto dbPubkey = userModel->getPublicKey();
%>
<p>user Public: <br><%= KeyPair::getHex(dbPubkey, ed25519_pubkey_SIZE) %></p>
<% if(keys) { %>
<p>Public key:<br><%= keys->getPublicKeyHex() %></p>
<p>Private key crypted:<br><%= privKeyCryptedHex %></p>
<p>Passwort Hashed:<br><%= std::to_string(pwdHashed) %></p>
<% if(!existingUser.isNull()) {
auto userModel = existingUser->getModel();
auto dbPubkey = userModel->getPublicKey();
%>
<p>user Public: <br><%= keys->getPublicKeyHex() %></p>
<% } %>
<% } %>
</div>
<% if(keys) delete keys; %>
<%@ include file="footer.cpsp" %>

7
src/cpsp/login.cpsp
View File

@ -26,8 +26,8 @@
auto langCatalog = lm->getFreeCatalog(lang);
std::string presetEmail("");
if(mSession && mSession->getUser()) {
presetEmail = mSession->getUser()->getEmail();
if(mSession && mSession->getNewUser()) {
presetEmail = mSession->getNewUser()->getModel()->getEmail();
}
if(!form.empty()) {
@ -114,6 +114,9 @@
}
sm->deleteLoginCookies(request, response);
break;
case USER_NO_GROUP:
response.redirect(ServerConfig::g_serverPath + "/userUpdateGroup");
return;
case USER_NO_PRIVATE_KEY:
case USER_COMPLETE:
case USER_EMAIL_NOT_ACTIVATED:

23
src/cpsp/passphrase.cpsp
View File

@ -7,7 +7,7 @@
<%!
#include "../SingletonManager/SessionManager.h"
#include "../SingletonManager/LanguageManager.h"
#include "../Crypto/KeyPair.h"
#include "../Crypto/KeyPairEd25519.h"
#include "../ServerConfig.h"
//#include "Poco/Net/HTTPServerParams.h"
@ -68,13 +68,15 @@ enum PageState
auto registerKeyChoice = form.get("passphrase", "no");
std::string oldPassphrase = "";
if (registerKeyChoice == "no") {
auto oldPassphrase = KeyPair::filterPassphrase(form.get("passphrase-existing", ""));
auto oldPassphrase = Passphrase::filter(form.get("passphrase-existing", ""));
if(oldPassphrase != "") {
if (User::validatePassphrase(oldPassphrase, &wordSource)) {
auto word_source = Passphrase::detectMnemonic(oldPassphrase);
if (word_source) {
// passphrase is valid
if(PAGE_FORCE_ASK_PASSPHRASE == state) {
auto compareResult = mSession->comparePassphraseWithSavedKeys(oldPassphrase, wordSource);
auto compareResult = mSession->comparePassphraseWithSavedKeys(oldPassphrase, word_source);
if(-2 == compareResult) {
response.redirect(ServerConfig::g_serverPath + "/error500");
return;
@ -96,7 +98,8 @@ enum PageState
}
}
else if (registerKeyChoice == "yes") {
mSession->generatePassphrase();
auto passphrase = Passphrase::generate(wordSource);
mSession->setPassphrase(passphrase);
}
}
}
@ -104,7 +107,7 @@ enum PageState
// double check passphrase
auto passphrase = mSession->getOldPassphrase();
auto langWordSource = wordSource;
if("" != passphrase && !User::validatePassphrase(passphrase, &wordSource)) {
if("" != passphrase && !Passphrase::detectMnemonic(passphrase)) {
addError(new Error("PassphrasePage", "Invalid Passphrase after double check"));
addError(new ParamError("PassphrasePage", "passphrase", passphrase.data()));
if(!mSession->getNewUser().isNull()) {
@ -117,8 +120,8 @@ enum PageState
}
//printf("wordSource: %d, langWordSource: %d\n", (int)wordSource, (int)langWordSource);
if(wordSource != langWordSource) {
mSession->generatePassphrase();
User::validatePassphrase(passphrase, &wordSource);
//mSession->generatePassphrase();
mSession->setPassphrase(Passphrase::generate(wordSource));
}
if(mSession->getSessionState() == SESSION_STATE_PASSPHRASE_GENERATED && state != PAGE_ASK_ENSURE_PASSPHRASE) {
@ -160,7 +163,7 @@ enum PageState
</div>
<h5 class="alert-heading"><%= gettext("Deine Passphrase (Groß/Kleinschreibung beachten)") %>:</h5>
<div class="col-lg-12 col-md-12 mx-auto alert alert-primary" style="text-align:center">
<p><%= mSession->getPassphrase() %></p>
<p><%= mSession->getPassphrase()->getString() %></p>
</div>
<div class="alert">
<h5 class="alert-heading"><%= gettext("Was zu tun ist:") %></h5>
@ -212,7 +215,7 @@ enum PageState
</div>
<script type="text/javascript">
var mnemonicWords = <% wordSource->getSortedWordList().stringify(responseStream); %>;
var passphrase = "<%= mSession->getPassphrase() %>";
var passphrase = "<%= mSession->getPassphrase()->getString() %>";
language = "<%= lm->keyForLanguage(lang) %>";
</script>
<script src="<%= ServerConfig::g_php_serverPath %>js/ensurePassphrase.min.js" type="text/javascript"></script>

39
src/cpsp/registerAdmin.cpsp
View File

@ -6,22 +6,41 @@
<%@ header include="SessionHTTPRequestHandler.h" %>
<%!
#include "../SingletonManager/SessionManager.h"
#include "../controller/Group.h"
#include "../lib/DataTypeConverter.h"
#include "Poco/Net/HTTPCookie.h"
%>
<%%
const char* pageName = "Admin Registrieren";
//auto sm = SessionManager::getInstance();
auto sm = SessionManager::getInstance();
bool userReturned = false;
if(!form.empty()) {
userReturned = mSession->adminCreateUser(
form.get("register-first-name", ""),
form.get("register-last-name", ""),
form.get("register-email", "")
);
getErrors(mSession);
auto group_id_string = form.get("register-group", "0");
int group_id = 0;
if(!sm->isValid(group_id_string, VALIDATE_ONLY_INTEGER)) {
addError(new Error("Group id", "group_id not integer"));
} else {
if(DataTypeConverter::strToInt(group_id_string, group_id) != DataTypeConverter::NUMBER_PARSE_OKAY) {
addError(new Error("Int Convert Error", "Error converting group_id to int"));
}
}
if(!errorCount()) {
userReturned = mSession->adminCreateUser(
form.get("register-first-name", ""),
form.get("register-last-name", ""),
form.get("register-email", ""),
group_id
);
getErrors(mSession);
}
}
auto groups = controller::Group::listAll();
%><%@ include file="header_old.cpsp" %>
@ -52,6 +71,12 @@
<label for="register-email">E-Mail</label>
<input id="register-email" type="email" name="register-email" value="<%= !form.empty() ? form.get("register-email") : "" %>"/>
</p>
<select class="form-control" name="register-group">
<% for(auto it = groups.begin(); it != groups.end(); it++) {
auto group_model = (*it)->getModel(); %>
<option title="<%= group_model->getDescription() %>" value="<%= group_model->getID() %>"><%= group_model->getName() %></option>
<% } %>
</select>
</fieldset>
<input class="grd-form-bn grd-form-bn-succeed" type="submit" name="submit" value="Anmelden">

25
src/cpsp/registerDirect.cpsp
View File

@ -5,7 +5,10 @@
<%@ header include="PageRequestMessagedHandler.h" %>
<%!
#include "../SingletonManager/SessionManager.h"
#include "../controller/Group.h"
#include "../lib/DataTypeConverter.h"
#include "Poco/Net/HTTPCookie.h"
%>
<%%
const char* pageName = "Registrieren";
@ -24,12 +27,22 @@
session->setClientIp(user_host);
response.addCookie(session->getLoginCookie());
}
auto group_id_string = form.get("register-group", "0");
int group_id = 0;
if(!sm->isValid(group_id_string, VALIDATE_ONLY_INTEGER)) {
addError(new Error("Group id", "group_id not integer"));
} else {
if(DataTypeConverter::strToInt(group_id_string, group_id) != DataTypeConverter::NUMBER_PARSE_OKAY) {
addError(new Error("Int Convert Error", "Error converting group_id to int"));
}
}
userReturned = session->createUserDirect(
form.get("register-first-name", ""),
form.get("register-last-name", ""),
form.get("register-email", ""),
form.get("register-password", "")
form.get("register-password", ""),
group_id
);
getErrors(session);
@ -48,6 +61,9 @@
// remove old cookies if exist
sm->deleteLoginCookies(request, response);
}
auto groups = controller::Group::listAll();
%><%@ include file="header.cpsp" %>
<%= getErrorsHtml() %>
<div class="center-form-container">
@ -67,6 +83,13 @@
<input class="form-control" id="register-password" type="password" name="register-password"/>
<label class="form-label" for="register-password">Passwort Best&auml;tigung</label>
<input class="form-control" id="register-password2" type="password" name="register-password2"/>
<select class="form-control" name="register-group">
<option value="0">Keine Gruppe</option>
<% for(auto it = groups.begin(); it != groups.end(); it++) {
auto group_model = (*it)->getModel(); %>
<option title="<%= group_model->getDescription() %>" value="<%= group_model->getID() %>"><%= group_model->getName() %></option>
<% } %>
</select>
<input class="center-form-submit form-button" type="submit" name="submit" value="Anmelden">
</form>
</div>

5
src/cpsp/saveKeys.cpsp
View File

@ -19,7 +19,8 @@ enum PageState
const char* pageName = "Daten auf Server speichern?";
bool hasErrors = mSession->errorCount() > 0;
// crypto key only in memory, if user has tipped in his passwort in this session
bool hasPassword = mSession->getUser()->hasCryptoKey();
auto user = mSession->getNewUser();
bool hasPassword = user->getModel()->hasPrivateKeyEncrypted();
PageState state = PAGE_ASK;
auto uri_start = ServerConfig::g_php_serverPath;//request.serverParams().getServerName();
@ -123,7 +124,7 @@ enum PageState
<!--<p>Deine Daten werden nun verschlüsselt und gespeichert.</p>-->
<!--<p>Deine Gradido Adresse (Hex): </p>
<p class="grd_textarea">
<%= mSession->getUser()->getPublicKeyHex() %>
<%= user->getModel()->getPublicKeyHex() %>
</p>-->
<a class="grd-form-bn" href="<%= uri_start %>">Zur&uuml;ck zur Startseite</a>
</div>

16
src/cpsp/translatePassphrase.cpsp
View File

@ -5,7 +5,7 @@
<%@ page form="true" %>
<%@ page compressed="true" %>
<%!
#include "../Crypto/KeyPair.h"
#include "../Crypto/KeyPairEd25519.h"
#include "../ServerConfig.h"
%>
<%%
@ -29,16 +29,17 @@
{
inputPassphrase = form.get("inputPassphrase", "");
auto localPassphrase = KeyPair::filterPassphrase(inputPassphrase);
auto localPassphrase = Passphrase::filter(inputPassphrase);
auto btnGenerate = form.get("btnGenerate", "");
if("" != btnGenerate) {
mSession->generatePassphrase();
localPassphrase = mSession->getOldPassphrase();
auto passphrase_gen = Passphrase::generate(wordSource);
localPassphrase = passphrase_gen->getString();
inputPassphrase = localPassphrase;
}
if(localPassphrase != "" && !User::validatePassphrase(localPassphrase, &wordSource)) {
auto passphrase_object = Passphrase::create(localPassphrase, wordSource);
if(localPassphrase != "" && passphrase_object.isNull() || !passphrase_object->checkIfValid()) {
addError(new Error(
gettext("Fehler"),
gettext("Diese Passphrase ist ung&uuml;ltig, bitte &uuml;berpr&uuml;fen oder neu generieren (lassen).")
@ -49,7 +50,8 @@
} else {
targetSource = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_BIP0039_SORTED_ORDER];
}
passphrase = KeyPair::passphraseTransform(localPassphrase, wordSource, targetSource);
auto transformed_passphrase_obj = passphrase_object->transform(targetSource);
passphrase = transformed_passphrase_obj->getString();
}

69
src/cpsp/updateUser.cpsp
View File

@ -1,69 +0,0 @@
<%@ page class="UpdateUserPage" %>
<%@ page form="true" %>
<%@ page baseClass="SessionHTTPRequestHandler" %>
<%@ page ctorArg="Session*" %>
<%@ header include="SessionHTTPRequestHandler.h" %>
<%@ page compressed="true" %>
<%!
#include "../SingletonManager/SessionManager.h"
#include "Poco/Net/HTTPCookie.h"
#include "../model/Profiler.h"
%>
<%%
const char* pageName = "Update";
Profiler timeUsed;
auto user = mSession->getUser();
if(!form.empty()) {
auto pwd = form.get("update-password", "");
if(pwd != "") {
if(pwd != form.get("update-password", "")) {
session->addError(new Error("Passwort", "Passw&ouml;rter sind nicht identisch."));
} else {
userReturned = session->getUser()->setNewPassword(
form.get("update-password")
);
}
}
}
%><%@ include file="header.cpsp" %>
<div class="grd_container">
<h1>Einen neuen Account anlegen</h1>
<% if(!form.empty()) {%>
<div class="grd_text-max-width">
<div class="grd_text">
..
</div>
</div>
<% } else { %>
<form method="POST">
<% if(!form.empty() && !userReturned) {%>
<%= session->getErrorsHtml() %>
<%} %>
<fieldset class="grd_container_small">
<legend>Account anlegen</legend>
<p>Bitte gebe deine Daten um einen Account anzulegen</p>
<p class="grd_small">
<label for="update-first-name">Vorname</label>
<input id="update-first-name" type="text" name="update-first-name" value="<%= !user ? user->getFirstName() : "" %>"/>
</p>
<p class="grd_small">
<label for="update-last-name">Nachname</label>
<input id="update-last-name" type="text" name="update-last-name" value="<%= !user ? user->getLastName() : "" %>"/>
</p>
<p class="grd_small">
<label for="update-password">Passwort</label>
<input id="update-password" type="password" name="update-password"/>
</p>
<p class="grd_small">
<label for="update-password">Passwort Best&auml;tigung</label>
<input id="update-password2" type="password" name="update-password2"/>
</p>
</fieldset>
<input class="grd-form-bn grd-form-bn-succeed" type="submit" name="submit" value="&Auml;nderung(en) speichern">
</form>
<% } %>
</div>
<%@ include file="footer.cpsp" %>

62
src/cpsp/userUpdateGroup.cpsp Normal file
View File

@ -0,0 +1,62 @@
<%@ page class="UserUpdateGroupPage" %>
<%@ page baseClass="SessionHTTPRequestHandler" %>
<%@ page ctorArg="Session*" %>
<%@ header include="SessionHTTPRequestHandler.h" %>
<%@ page compressed="true" %>
<%!
#include "../controller/Group.h"
#include "../SingletonManager/SessionManager.h"
enum PageState {
PAGE_STATE_OVERVIEW,
PAGE_STATE_REQUEST_IS_RUNNING
};
%>
<%%
const char* pageName = gettext("Gruppe wählen");
auto user = mSession->getNewUser();
auto sm = SessionManager::getInstance();
PageState state = PAGE_STATE_OVERVIEW;
if(!form.empty()) {
}
auto groups = controller::Group::listAll();
%><%@ include file="header_large.cpsp" %>
<%= getErrorsHtml() %>
<div class="content-list">
<% if(PAGE_STATE_OVERVIEW == state ) { %>
<div class="content-list-title">
<h1><%= gettext("Gruppe wählen") %></h1>
</div>
<p><%= gettext("Bitte wähle die Gruppe/Gemeinschaft aus, zu der du gehörst.") %></p>
<p><%= gettext("Du bekommst eine Bestätigungsmail, nachdem dein Beitritt bestätigt wurde.") %></p>
<form method="POST">
<div class="content-list-table">
<div class="row">
<div class="cell header-cell c1"><%= gettext("Auswahl") %></div>
<div class="cell header-cell c2">Name</div>
<div class="cell header-cell c2">Alias</div>
<div class="cell header-cell c3">Url</div>
<div class="cell header-cell c5"><%= gettext("Description") %></div>
</div>
<% for(auto it = groups.begin(); it != groups.end(); it++) {
auto group_model = (*it)->getModel(); %>
<div class="row">
<div class="cell c1"><input type="radio" class="form-control" name="group_id" value="<%= group_model->getID()%>" /></div>
<div class="cell c2"><%= group_model->getName() %></div>
<div class="cell c2"><%= group_model->getAlias() %></div>
<div class="cell c3"><%= group_model->getUrl() %></div>
<div class="cell c5"><%= group_model->getDescription()%></div>
</div>
<% } %>
<input class="grd-form-bn grd-form-bn-succeed grd_clickable" type="submit" name="submit" value="<%= gettext("Beitrittsanfrage senden") %>"/>
</div>
</form>
<% } %>
</div>
<%@ include file="footer.cpsp" %>

2
src/cpsp/updateUserPassword.cpsp → src/cpsp/userUpdatePassword.cpsp
View File

@ -1,4 +1,4 @@
<%@ page class="UpdateUserPasswordPage" %>
<%@ page class="UserUpdatePasswordPage" %>
<%@ page baseClass="SessionHTTPRequestHandler" %>
<%@ page ctorArg="Session*" %>
<%@ header include="SessionHTTPRequestHandler.h" %>