Relintai/pandemonium_engine
1
0
Fork 0
mirror of https://github.com/Relintai/pandemonium_engine.git synced 2025-03-03 03:44:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

Cleaned up the user web nodes.

Browse Source
This commit is contained in:
Relintai 2022-07-22 14:41:51 +02:00
parent b6253d1a68
commit 3028c08e9e
16 changed files with 123 additions and 3941 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

490
modules/users/web/web_nodes/user_delete_web_page.cpp
View File

@ -1,4 +1,4 @@
#include "user_controller.h"
#include "user_delete_web_page.h"
#include "../../singleton/user_db.h"
#include "../../users/user.h"
@ -14,496 +14,14 @@
#include "modules/web/http/web_server_cookie.h"
#include "modules/web/http/web_server_request.h"
void UserController::_handle_request_main(Ref<WebServerRequest> request) {
if (_web_permission.is_valid()) {
if (_web_permission->activate(request)) {
return;
}
}
if (request->get_session().is_valid()) {
Ref<User> u = request->get_meta("user");
if (u.is_valid()) {
handle_request(u, request);
return;
}
}
String segment = request->get_current_path_segment();
if (segment == "") {
handle_login_request_default(request);
return;
} else if (segment == "login") {
handle_login_request_default(request);
return;
} else if (segment == "register") {
handle_register_request_default(request);
return;
}
handle_login_request_default(request);
}
void UserController::handle_login_request_default(Ref<WebServerRequest> request) {
LoginRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
// this is probbaly not needed
// it's ok for now as I need to test the validators more
PoolStringArray errors = _login_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
// not needed end
data.uname_val = request->get_parameter("username");
data.pass_val = request->get_parameter("password");
Ref<User> user = UserDB::get_singleton()->get_user_name(data.uname_val);
if (user.is_valid()) {
if (!user->check_password(data.pass_val)) {
data.error_str += "Invalid username or password!";
} else {
Ref<HTTPSession> session = request->get_or_create_session();
session->add("user_id", user->get_user_id());
Ref<WebServerCookie> c;
c.instance();
c->set_data("session_id", session->session_id);
//c.path = "/";
request->response_add_cookie(c);
render_login_success(request);
return;
}
} else {
data.error_str += "Invalid username or password!";
}
}
render_login_request_default(request, &data);
}
void UserController::render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data) {
HTMLBuilder b;
b.w("Login");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("login");
{
// todo href path helper
b.form()->method("POST")->href("/user/login");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->value(data->uname_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->name("password");
b.cinput();
b.br();
b.input()->type("submit")->value("Send");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_register_request_default(Ref<WebServerRequest> request) {
RegisterRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
PoolStringArray errors = _registration_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
data.uname_val = request->get_parameter("username");
data.email_val = request->get_parameter("email");
data.pass_val = request->get_parameter("password");
data.pass_check_val = request->get_parameter("password_check");
// todo username length etc check
// todo pw length etc check
if (UserDB::get_singleton()->is_username_taken(data.uname_val)) {
data.error_str += "Username already taken!<br>";
}
if (UserDB::get_singleton()->is_email_taken(data.email_val)) {
data.error_str += "Email already in use!<br>";
}
if (data.pass_val != data.pass_check_val) {
data.error_str += "The passwords did not match!<br>";
}
if (data.error_str.size() == 0) {
Ref<User> user;
user = UserDB::get_singleton()->create_user();
user->set_user_name(data.uname_val);
user->set_email(data.email_val);
user->create_password(data.pass_val);
user->save();
render_register_success(request);
return;
}
}
render_register_request_default(request, &data);
}
void UserController::render_register_success(Ref<WebServerRequest> request) {
HTMLBuilder b;
b.div()->cls("success");
{
b.w("Registration successful! You can now log in!");
b.br();
b.a()->href("/user/login");
b.w(">> Login <<");
b.ca();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data) {
HTMLBuilder b;
b.w("Registration");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("register");
{
// todo href path helper
b.form()->method("POST")->href("/user/register");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->value(data->uname_val);
b.cinput();
b.br();
b.w("Email");
b.br();
b.input()->type("email")->name("email")->value(data->email_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->name("password");
b.cinput();
b.br();
b.w("Password again");
b.br();
b.input()->type("password")->name("password_check");
b.cinput();
b.br();
b.input()->type("submit")->value("Register");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::render_already_logged_in_error(Ref<WebServerRequest> request) {
request->body += "You are already logged in.";
request->compile_and_send_body();
}
void UserController::render_login_success(Ref<WebServerRequest> request) {
request->body = "Login Success!<br>";
// request->compile_and_send_body();
request->send_redirect("/user/settings");
}
void UserController::handle_request(Ref<User> &user, Ref<WebServerRequest> request) {
const String &segment = request->get_current_path_segment();
if (segment == "") {
handle_main_page_request(user, request);
} else if (segment == "settings") {
handle_settings_request(user, request);
} else if (segment == "password_reset") {
handle_password_reset_request(user, request);
} else if (segment == "logout") {
handle_logout_request(user, request);
} else if (segment == "delete") {
handle_delete_request(user, request);
} else if (segment == "login") {
render_already_logged_in_error(request);
} else if (segment == "register") {
render_already_logged_in_error(request);
} else {
request->send_error(404);
}
}
void UserController::handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_main_page_request";
request->compile_and_send_body();
}
void UserController::handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request) {
SettingsRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
data.uname_val = request->get_parameter("username");
data.email_val = request->get_parameter("email");
data.pass_val = request->get_parameter("password");
data.pass_check_val = request->get_parameter("password_check");
bool changed = false;
PoolStringArray errors = _profile_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
if (errors.size() == 0) {
if (data.uname_val == user->get_user_name()) {
data.uname_val = "";
}
if (data.email_val == user->get_email()) {
data.email_val = "";
}
if (data.uname_val != "") {
if (UserDB::get_singleton()->is_username_taken(data.uname_val)) {
data.error_str += "Username already taken!<br>";
} else {
// todo sanitize for html special chars!
user->set_user_name(data.uname_val);
changed = true;
data.uname_val = "";
}
}
if (data.email_val != "") {
if (UserDB::get_singleton()->is_email_taken(data.email_val)) {
data.error_str += "Email already in use!<br>";
} else {
// todo sanitize for html special chars!
// also send email
user->set_email(data.email_val);
changed = true;
data.email_val = "";
}
}
if (data.pass_val != "") {
if (data.pass_val != data.pass_check_val) {
data.error_str += "The passwords did not match!<br>";
} else {
user->create_password(data.pass_val);
changed = true;
}
}
if (changed) {
user->save();
}
}
}
render_settings_request(user, request, &data);
}
void UserController::render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data) {
HTMLBuilder b;
b.w("Settings");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("settings");
{
// todo href path helper
b.form()->method("POST")->href("/user/settings");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->placeholder(user->get_user_name())->value(data->uname_val);
b.cinput();
b.br();
b.w("Email");
b.br();
b.input()->type("email")->name("email")->placeholder(user->get_email())->value(data->email_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->placeholder("*******")->name("password");
b.cinput();
b.br();
b.w("Password again");
b.br();
b.input()->type("password")->placeholder("*******")->name("password_check");
b.cinput();
b.br();
b.input()->type("submit")->value("Save");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_password_reset_request";
request->compile_and_send_body();
}
void UserController::handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->response_remove_cookie_simple("session_id");
user->save();
HTTPSessionManager *sess_man = request->get_server()->get_session_manager();
sess_man->delete_session(request->get_session()->get_session_id());
request->set_session(Ref<HTTPSession>());
HTMLBuilder b;
b.w("Logout successful!");
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request) {
void UserDeleteWebPage::handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_delete_request";
request->compile_and_send_body();
}
UserController::UserController() {
{
// Login
_login_validator.instance();
_login_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
Ref<FormField> pw = _login_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
}
{
// Registration
_registration_validator.instance();
_registration_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
Ref<FormField> pw = _registration_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_registration_validator->new_field("password_check", "Password check")->need_to_match("password");
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
}
{
_profile_validator.instance();
_profile_validator->new_field("username", "Username")->ignore_if_not_exists()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_profile_validator->new_field("email", "Email")->ignore_if_not_exists()->need_to_be_email();
Ref<FormField> pw = _profile_validator->new_field("password", "Password");
pw->ignore_if_not_exists();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_profile_validator->new_field("password_check", "Password check")->ignore_if_other_field_not_exists("password")->need_to_match("password");
}
UserDeleteWebPage::UserDeleteWebPage() {
}
UserController::~UserController() {
UserDeleteWebPage::~UserDeleteWebPage() {
}

60
modules/users/web/web_nodes/user_delete_web_page.h
View File

@ -1,72 +1,26 @@
#ifndef USER_CONTROLLER_H
#define USER_CONTROLLER_H
#ifndef USER_DELETE_WEB_PAGE_H
#define USER_DELETE_WEB_PAGE_H
#include "core/reference.h"
#include "core/ustring.h"
#include "core/vector.h"
#include "modules/web/http/web_node.h"
#include "user_web_page.h"
class WebServerRequest;
class FormValidator;
class User;
class UserController : public WebNode {
GDCLASS(UserController, WebNode);
class UserDeleteWebPage : public UserWebPage {
GDCLASS(UserDeleteWebPage, UserWebPage);
public:
void _handle_request_main(Ref<WebServerRequest> request);
struct LoginRequestData {
String error_str;
String uname_val;
String pass_val;
};
virtual void handle_login_request_default(Ref<WebServerRequest> request);
virtual void render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data);
struct RegisterRequestData {
String error_str;
String uname_val;
String email_val;
String pass_val;
String pass_check_val;
};
virtual void handle_register_request_default(Ref<WebServerRequest> request);
virtual void render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data);
virtual void render_register_success(Ref<WebServerRequest> request);
virtual void render_already_logged_in_error(Ref<WebServerRequest> request);
virtual void render_login_success(Ref<WebServerRequest> request);
virtual void handle_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request);
struct SettingsRequestData {
String error_str;
String uname_val;
String email_val;
String pass_val;
String pass_check_val;
};
virtual void handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data);
virtual void handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request);
UserController();
~UserController();
UserDeleteWebPage();
~UserDeleteWebPage();
protected:
Ref<FormValidator> _login_validator;
Ref<FormValidator> _registration_validator;
Ref<FormValidator> _profile_validator;
};
#endif

405
modules/users/web/web_nodes/user_login_web_page.cpp
View File

@ -1,4 +1,4 @@
#include "user_controller.h"
#include "user_login_web_page.h"
#include "../../singleton/user_db.h"
#include "../../users/user.h"
@ -14,43 +14,7 @@
#include "modules/web/http/web_server_cookie.h"
#include "modules/web/http/web_server_request.h"
void UserController::_handle_request_main(Ref<WebServerRequest> request) {
if (_web_permission.is_valid()) {
if (_web_permission->activate(request)) {
return;
}
}
if (request->get_session().is_valid()) {
Ref<User> u = request->get_meta("user");
if (u.is_valid()) {
handle_request(u, request);
return;
}
}
String segment = request->get_current_path_segment();
if (segment == "") {
handle_login_request_default(request);
return;
} else if (segment == "login") {
handle_login_request_default(request);
return;
} else if (segment == "register") {
handle_register_request_default(request);
return;
}
handle_login_request_default(request);
}
void UserController::handle_login_request_default(Ref<WebServerRequest> request) {
void UserLoginWebPage::handle_login_request_default(Ref<WebServerRequest> request) {
LoginRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
@ -93,7 +57,7 @@ void UserController::handle_login_request_default(Ref<WebServerRequest> request)
render_login_request_default(request, &data);
}
void UserController::render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data) {
void UserLoginWebPage::render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data) {
HTMLBuilder b;
b.w("Login");
@ -140,370 +104,29 @@ void UserController::render_login_request_default(Ref<WebServerRequest> request,
request->compile_and_send_body();
}
void UserController::handle_register_request_default(Ref<WebServerRequest> request) {
RegisterRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
PoolStringArray errors = _registration_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
data.uname_val = request->get_parameter("username");
data.email_val = request->get_parameter("email");
data.pass_val = request->get_parameter("password");
data.pass_check_val = request->get_parameter("password_check");
// todo username length etc check
// todo pw length etc check
if (UserDB::get_singleton()->is_username_taken(data.uname_val)) {
data.error_str += "Username already taken!<br>";
}
if (UserDB::get_singleton()->is_email_taken(data.email_val)) {
data.error_str += "Email already in use!<br>";
}
if (data.pass_val != data.pass_check_val) {
data.error_str += "The passwords did not match!<br>";
}
if (data.error_str.size() == 0) {
Ref<User> user;
user = UserDB::get_singleton()->create_user();
user->set_user_name(data.uname_val);
user->set_email(data.email_val);
user->create_password(data.pass_val);
user->save();
render_register_success(request);
return;
}
}
render_register_request_default(request, &data);
}
void UserController::render_register_success(Ref<WebServerRequest> request) {
HTMLBuilder b;
b.div()->cls("success");
{
b.w("Registration successful! You can now log in!");
b.br();
b.a()->href("/user/login");
b.w(">> Login <<");
b.ca();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data) {
HTMLBuilder b;
b.w("Registration");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("register");
{
// todo href path helper
b.form()->method("POST")->href("/user/register");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->value(data->uname_val);
b.cinput();
b.br();
b.w("Email");
b.br();
b.input()->type("email")->name("email")->value(data->email_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->name("password");
b.cinput();
b.br();
b.w("Password again");
b.br();
b.input()->type("password")->name("password_check");
b.cinput();
b.br();
b.input()->type("submit")->value("Register");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::render_already_logged_in_error(Ref<WebServerRequest> request) {
void UserLoginWebPage::render_already_logged_in_error(Ref<WebServerRequest> request) {
request->body += "You are already logged in.";
request->compile_and_send_body();
}
void UserController::render_login_success(Ref<WebServerRequest> request) {
void UserLoginWebPage::render_login_success(Ref<WebServerRequest> request) {
request->body = "Login Success!<br>";
// request->compile_and_send_body();
request->send_redirect("/user/settings");
}
void UserController::handle_request(Ref<User> &user, Ref<WebServerRequest> request) {
const String &segment = request->get_current_path_segment();
UserLoginWebPage::UserLoginWebPage() {
// Login
_login_validator.instance();
if (segment == "") {
handle_main_page_request(user, request);
} else if (segment == "settings") {
handle_settings_request(user, request);
} else if (segment == "password_reset") {
handle_password_reset_request(user, request);
} else if (segment == "logout") {
handle_logout_request(user, request);
} else if (segment == "delete") {
handle_delete_request(user, request);
} else if (segment == "login") {
render_already_logged_in_error(request);
} else if (segment == "register") {
render_already_logged_in_error(request);
} else {
request->send_error(404);
}
_login_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
Ref<FormField> pw = _login_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
}
void UserController::handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_main_page_request";
request->compile_and_send_body();
}
void UserController::handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request) {
SettingsRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
data.uname_val = request->get_parameter("username");
data.email_val = request->get_parameter("email");
data.pass_val = request->get_parameter("password");
data.pass_check_val = request->get_parameter("password_check");
bool changed = false;
PoolStringArray errors = _profile_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
if (errors.size() == 0) {
if (data.uname_val == user->get_user_name()) {
data.uname_val = "";
}
if (data.email_val == user->get_email()) {
data.email_val = "";
}
if (data.uname_val != "") {
if (UserDB::get_singleton()->is_username_taken(data.uname_val)) {
data.error_str += "Username already taken!<br>";
} else {
// todo sanitize for html special chars!
user->set_user_name(data.uname_val);
changed = true;
data.uname_val = "";
}
}
if (data.email_val != "") {
if (UserDB::get_singleton()->is_email_taken(data.email_val)) {
data.error_str += "Email already in use!<br>";
} else {
// todo sanitize for html special chars!
// also send email
user->set_email(data.email_val);
changed = true;
data.email_val = "";
}
}
if (data.pass_val != "") {
if (data.pass_val != data.pass_check_val) {
data.error_str += "The passwords did not match!<br>";
} else {
user->create_password(data.pass_val);
changed = true;
}
}
if (changed) {
user->save();
}
}
}
render_settings_request(user, request, &data);
}
void UserController::render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data) {
HTMLBuilder b;
b.w("Settings");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("settings");
{
// todo href path helper
b.form()->method("POST")->href("/user/settings");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->placeholder(user->get_user_name())->value(data->uname_val);
b.cinput();
b.br();
b.w("Email");
b.br();
b.input()->type("email")->name("email")->placeholder(user->get_email())->value(data->email_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->placeholder("*******")->name("password");
b.cinput();
b.br();
b.w("Password again");
b.br();
b.input()->type("password")->placeholder("*******")->name("password_check");
b.cinput();
b.br();
b.input()->type("submit")->value("Save");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_password_reset_request";
request->compile_and_send_body();
}
void UserController::handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->response_remove_cookie_simple("session_id");
user->save();
HTTPSessionManager *sess_man = request->get_server()->get_session_manager();
sess_man->delete_session(request->get_session()->get_session_id());
request->set_session(Ref<HTTPSession>());
HTMLBuilder b;
b.w("Logout successful!");
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_delete_request";
request->compile_and_send_body();
}
UserController::UserController() {
{
// Login
_login_validator.instance();
_login_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
Ref<FormField> pw = _login_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
}
{
// Registration
_registration_validator.instance();
_registration_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
Ref<FormField> pw = _registration_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_registration_validator->new_field("password_check", "Password check")->need_to_match("password");
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
}
{
_profile_validator.instance();
_profile_validator->new_field("username", "Username")->ignore_if_not_exists()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_profile_validator->new_field("email", "Email")->ignore_if_not_exists()->need_to_be_email();
Ref<FormField> pw = _profile_validator->new_field("password", "Password");
pw->ignore_if_not_exists();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_profile_validator->new_field("password_check", "Password check")->ignore_if_other_field_not_exists("password")->need_to_match("password");
}
}
UserController::~UserController() {
UserLoginWebPage::~UserLoginWebPage() {
}

49
modules/users/web/web_nodes/user_login_web_page.h
View File

@ -1,22 +1,20 @@
#ifndef USER_CONTROLLER_H
#define USER_CONTROLLER_H
#ifndef USER_LOGIN_REQUEST_WEB_PAGE_H
#define USER_LOGIN_REQUEST_WEB_PAGE_H
#include "core/reference.h"
#include "core/ustring.h"
#include "core/vector.h"
#include "modules/web/http/web_node.h"
#include "user_web_page.h"
class WebServerRequest;
class FormValidator;
class User;
class UserController : public WebNode {
GDCLASS(UserController, WebNode);
class UserLoginWebPage : public UserWebPage {
GDCLASS(UserLoginWebPage, UserWebPage);
public:
void _handle_request_main(Ref<WebServerRequest> request);
struct LoginRequestData {
String error_str;
String uname_val;
@ -26,47 +24,14 @@ public:
virtual void handle_login_request_default(Ref<WebServerRequest> request);
virtual void render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data);
struct RegisterRequestData {
String error_str;
String uname_val;
String email_val;
String pass_val;
String pass_check_val;
};
virtual void handle_register_request_default(Ref<WebServerRequest> request);
virtual void render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data);
virtual void render_register_success(Ref<WebServerRequest> request);
virtual void render_already_logged_in_error(Ref<WebServerRequest> request);
virtual void render_login_success(Ref<WebServerRequest> request);
virtual void handle_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request);
struct SettingsRequestData {
String error_str;
String uname_val;
String email_val;
String pass_val;
String pass_check_val;
};
virtual void handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data);
virtual void handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request);
UserController();
~UserController();
UserLoginWebPage();
~UserLoginWebPage();
protected:
Ref<FormValidator> _login_validator;
Ref<FormValidator> _registration_validator;
Ref<FormValidator> _profile_validator;
};
#endif

480
modules/users/web/web_nodes/user_logout_web_page.cpp
View File

@ -1,4 +1,4 @@
#include "user_controller.h"
#include "user_logout_web_page.h"
#include "../../singleton/user_db.h"
#include "../../users/user.h"
@ -14,432 +14,7 @@
#include "modules/web/http/web_server_cookie.h"
#include "modules/web/http/web_server_request.h"
void UserController::_handle_request_main(Ref<WebServerRequest> request) {
if (_web_permission.is_valid()) {
if (_web_permission->activate(request)) {
return;
}
}
if (request->get_session().is_valid()) {
Ref<User> u = request->get_meta("user");
if (u.is_valid()) {
handle_request(u, request);
return;
}
}
String segment = request->get_current_path_segment();
if (segment == "") {
handle_login_request_default(request);
return;
} else if (segment == "login") {
handle_login_request_default(request);
return;
} else if (segment == "register") {
handle_register_request_default(request);
return;
}
handle_login_request_default(request);
}
void UserController::handle_login_request_default(Ref<WebServerRequest> request) {
LoginRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
// this is probbaly not needed
// it's ok for now as I need to test the validators more
PoolStringArray errors = _login_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
// not needed end
data.uname_val = request->get_parameter("username");
data.pass_val = request->get_parameter("password");
Ref<User> user = UserDB::get_singleton()->get_user_name(data.uname_val);
if (user.is_valid()) {
if (!user->check_password(data.pass_val)) {
data.error_str += "Invalid username or password!";
} else {
Ref<HTTPSession> session = request->get_or_create_session();
session->add("user_id", user->get_user_id());
Ref<WebServerCookie> c;
c.instance();
c->set_data("session_id", session->session_id);
//c.path = "/";
request->response_add_cookie(c);
render_login_success(request);
return;
}
} else {
data.error_str += "Invalid username or password!";
}
}
render_login_request_default(request, &data);
}
void UserController::render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data) {
HTMLBuilder b;
b.w("Login");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("login");
{
// todo href path helper
b.form()->method("POST")->href("/user/login");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->value(data->uname_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->name("password");
b.cinput();
b.br();
b.input()->type("submit")->value("Send");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_register_request_default(Ref<WebServerRequest> request) {
RegisterRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
PoolStringArray errors = _registration_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
data.uname_val = request->get_parameter("username");
data.email_val = request->get_parameter("email");
data.pass_val = request->get_parameter("password");
data.pass_check_val = request->get_parameter("password_check");
// todo username length etc check
// todo pw length etc check
if (UserDB::get_singleton()->is_username_taken(data.uname_val)) {
data.error_str += "Username already taken!<br>";
}
if (UserDB::get_singleton()->is_email_taken(data.email_val)) {
data.error_str += "Email already in use!<br>";
}
if (data.pass_val != data.pass_check_val) {
data.error_str += "The passwords did not match!<br>";
}
if (data.error_str.size() == 0) {
Ref<User> user;
user = UserDB::get_singleton()->create_user();
user->set_user_name(data.uname_val);
user->set_email(data.email_val);
user->create_password(data.pass_val);
user->save();
render_register_success(request);
return;
}
}
render_register_request_default(request, &data);
}
void UserController::render_register_success(Ref<WebServerRequest> request) {
HTMLBuilder b;
b.div()->cls("success");
{
b.w("Registration successful! You can now log in!");
b.br();
b.a()->href("/user/login");
b.w(">> Login <<");
b.ca();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data) {
HTMLBuilder b;
b.w("Registration");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("register");
{
// todo href path helper
b.form()->method("POST")->href("/user/register");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->value(data->uname_val);
b.cinput();
b.br();
b.w("Email");
b.br();
b.input()->type("email")->name("email")->value(data->email_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->name("password");
b.cinput();
b.br();
b.w("Password again");
b.br();
b.input()->type("password")->name("password_check");
b.cinput();
b.br();
b.input()->type("submit")->value("Register");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::render_already_logged_in_error(Ref<WebServerRequest> request) {
request->body += "You are already logged in.";
request->compile_and_send_body();
}
void UserController::render_login_success(Ref<WebServerRequest> request) {
request->body = "Login Success!<br>";
// request->compile_and_send_body();
request->send_redirect("/user/settings");
}
void UserController::handle_request(Ref<User> &user, Ref<WebServerRequest> request) {
const String &segment = request->get_current_path_segment();
if (segment == "") {
handle_main_page_request(user, request);
} else if (segment == "settings") {
handle_settings_request(user, request);
} else if (segment == "password_reset") {
handle_password_reset_request(user, request);
} else if (segment == "logout") {
handle_logout_request(user, request);
} else if (segment == "delete") {
handle_delete_request(user, request);
} else if (segment == "login") {
render_already_logged_in_error(request);
} else if (segment == "register") {
render_already_logged_in_error(request);
} else {
request->send_error(404);
}
}
void UserController::handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_main_page_request";
request->compile_and_send_body();
}
void UserController::handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request) {
SettingsRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
data.uname_val = request->get_parameter("username");
data.email_val = request->get_parameter("email");
data.pass_val = request->get_parameter("password");
data.pass_check_val = request->get_parameter("password_check");
bool changed = false;
PoolStringArray errors = _profile_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
if (errors.size() == 0) {
if (data.uname_val == user->get_user_name()) {
data.uname_val = "";
}
if (data.email_val == user->get_email()) {
data.email_val = "";
}
if (data.uname_val != "") {
if (UserDB::get_singleton()->is_username_taken(data.uname_val)) {
data.error_str += "Username already taken!<br>";
} else {
// todo sanitize for html special chars!
user->set_user_name(data.uname_val);
changed = true;
data.uname_val = "";
}
}
if (data.email_val != "") {
if (UserDB::get_singleton()->is_email_taken(data.email_val)) {
data.error_str += "Email already in use!<br>";
} else {
// todo sanitize for html special chars!
// also send email
user->set_email(data.email_val);
changed = true;
data.email_val = "";
}
}
if (data.pass_val != "") {
if (data.pass_val != data.pass_check_val) {
data.error_str += "The passwords did not match!<br>";
} else {
user->create_password(data.pass_val);
changed = true;
}
}
if (changed) {
user->save();
}
}
}
render_settings_request(user, request, &data);
}
void UserController::render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data) {
HTMLBuilder b;
b.w("Settings");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("settings");
{
// todo href path helper
b.form()->method("POST")->href("/user/settings");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->placeholder(user->get_user_name())->value(data->uname_val);
b.cinput();
b.br();
b.w("Email");
b.br();
b.input()->type("email")->name("email")->placeholder(user->get_email())->value(data->email_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->placeholder("*******")->name("password");
b.cinput();
b.br();
b.w("Password again");
b.br();
b.input()->type("password")->placeholder("*******")->name("password_check");
b.cinput();
b.br();
b.input()->type("submit")->value("Save");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_password_reset_request";
request->compile_and_send_body();
}
void UserController::handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request) {
void UserLogoutWebPage::handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->response_remove_cookie_simple("session_id");
user->save();
@ -455,55 +30,8 @@ void UserController::handle_logout_request(Ref<User> &user, Ref<WebServerRequest
request->compile_and_send_body();
}
void UserController::handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_delete_request";
request->compile_and_send_body();
UserLogoutWebPage::UserLogoutWebPage() {
}
UserController::UserController() {
{
// Login
_login_validator.instance();
_login_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
Ref<FormField> pw = _login_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
}
{
// Registration
_registration_validator.instance();
_registration_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
Ref<FormField> pw = _registration_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_registration_validator->new_field("password_check", "Password check")->need_to_match("password");
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
}
{
_profile_validator.instance();
_profile_validator->new_field("username", "Username")->ignore_if_not_exists()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_profile_validator->new_field("email", "Email")->ignore_if_not_exists()->need_to_be_email();
Ref<FormField> pw = _profile_validator->new_field("password", "Password");
pw->ignore_if_not_exists();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_profile_validator->new_field("password_check", "Password check")->ignore_if_other_field_not_exists("password")->need_to_match("password");
}
}
UserController::~UserController() {
UserLogoutWebPage::~UserLogoutWebPage() {
}

60
modules/users/web/web_nodes/user_logout_web_page.h
View File

@ -1,72 +1,26 @@
#ifndef USER_CONTROLLER_H
#define USER_CONTROLLER_H
#ifndef USER_LOGOUT_WEB_PAGE_H
#define USER_LOGOUT_WEB_PAGE_H
#include "core/reference.h"
#include "core/ustring.h"
#include "core/vector.h"
#include "modules/web/http/web_node.h"
#include "user_web_page.h"
class WebServerRequest;
class FormValidator;
class User;
class UserController : public WebNode {
GDCLASS(UserController, WebNode);
class UserLogoutWebPage : public UserWebPage {
GDCLASS(UserLogoutWebPage, UserWebPage);
public:
void _handle_request_main(Ref<WebServerRequest> request);
struct LoginRequestData {
String error_str;
String uname_val;
String pass_val;
};
virtual void handle_login_request_default(Ref<WebServerRequest> request);
virtual void render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data);
struct RegisterRequestData {
String error_str;
String uname_val;
String email_val;
String pass_val;
String pass_check_val;
};
virtual void handle_register_request_default(Ref<WebServerRequest> request);
virtual void render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data);
virtual void render_register_success(Ref<WebServerRequest> request);
virtual void render_already_logged_in_error(Ref<WebServerRequest> request);
virtual void render_login_success(Ref<WebServerRequest> request);
virtual void handle_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request);
struct SettingsRequestData {
String error_str;
String uname_val;
String email_val;
String pass_val;
String pass_check_val;
};
virtual void handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data);
virtual void handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request);
UserController();
~UserController();
UserLogoutWebPage();
~UserLogoutWebPage();
protected:
Ref<FormValidator> _login_validator;
Ref<FormValidator> _registration_validator;
Ref<FormValidator> _profile_validator;
};
#endif

490
modules/users/web/web_nodes/user_password_reset_web_page.cpp
View File

@ -1,4 +1,4 @@
#include "user_controller.h"
#include "user_password_reset_web_page.h"
#include "../../singleton/user_db.h"
#include "../../users/user.h"
@ -14,496 +14,14 @@
#include "modules/web/http/web_server_cookie.h"
#include "modules/web/http/web_server_request.h"
void UserController::_handle_request_main(Ref<WebServerRequest> request) {
if (_web_permission.is_valid()) {
if (_web_permission->activate(request)) {
return;
}
}
if (request->get_session().is_valid()) {
Ref<User> u = request->get_meta("user");
if (u.is_valid()) {
handle_request(u, request);
return;
}
}
String segment = request->get_current_path_segment();
if (segment == "") {
handle_login_request_default(request);
return;
} else if (segment == "login") {
handle_login_request_default(request);
return;
} else if (segment == "register") {
handle_register_request_default(request);
return;
}
handle_login_request_default(request);
}
void UserController::handle_login_request_default(Ref<WebServerRequest> request) {
LoginRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
// this is probbaly not needed
// it's ok for now as I need to test the validators more
PoolStringArray errors = _login_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
// not needed end
data.uname_val = request->get_parameter("username");
data.pass_val = request->get_parameter("password");
Ref<User> user = UserDB::get_singleton()->get_user_name(data.uname_val);
if (user.is_valid()) {
if (!user->check_password(data.pass_val)) {
data.error_str += "Invalid username or password!";
} else {
Ref<HTTPSession> session = request->get_or_create_session();
session->add("user_id", user->get_user_id());
Ref<WebServerCookie> c;
c.instance();
c->set_data("session_id", session->session_id);
//c.path = "/";
request->response_add_cookie(c);
render_login_success(request);
return;
}
} else {
data.error_str += "Invalid username or password!";
}
}
render_login_request_default(request, &data);
}
void UserController::render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data) {
HTMLBuilder b;
b.w("Login");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("login");
{
// todo href path helper
b.form()->method("POST")->href("/user/login");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->value(data->uname_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->name("password");
b.cinput();
b.br();
b.input()->type("submit")->value("Send");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_register_request_default(Ref<WebServerRequest> request) {
RegisterRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
PoolStringArray errors = _registration_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
data.uname_val = request->get_parameter("username");
data.email_val = request->get_parameter("email");
data.pass_val = request->get_parameter("password");
data.pass_check_val = request->get_parameter("password_check");
// todo username length etc check
// todo pw length etc check
if (UserDB::get_singleton()->is_username_taken(data.uname_val)) {
data.error_str += "Username already taken!<br>";
}
if (UserDB::get_singleton()->is_email_taken(data.email_val)) {
data.error_str += "Email already in use!<br>";
}
if (data.pass_val != data.pass_check_val) {
data.error_str += "The passwords did not match!<br>";
}
if (data.error_str.size() == 0) {
Ref<User> user;
user = UserDB::get_singleton()->create_user();
user->set_user_name(data.uname_val);
user->set_email(data.email_val);
user->create_password(data.pass_val);
user->save();
render_register_success(request);
return;
}
}
render_register_request_default(request, &data);
}
void UserController::render_register_success(Ref<WebServerRequest> request) {
HTMLBuilder b;
b.div()->cls("success");
{
b.w("Registration successful! You can now log in!");
b.br();
b.a()->href("/user/login");
b.w(">> Login <<");
b.ca();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data) {
HTMLBuilder b;
b.w("Registration");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("register");
{
// todo href path helper
b.form()->method("POST")->href("/user/register");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->value(data->uname_val);
b.cinput();
b.br();
b.w("Email");
b.br();
b.input()->type("email")->name("email")->value(data->email_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->name("password");
b.cinput();
b.br();
b.w("Password again");
b.br();
b.input()->type("password")->name("password_check");
b.cinput();
b.br();
b.input()->type("submit")->value("Register");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::render_already_logged_in_error(Ref<WebServerRequest> request) {
request->body += "You are already logged in.";
request->compile_and_send_body();
}
void UserController::render_login_success(Ref<WebServerRequest> request) {
request->body = "Login Success!<br>";
// request->compile_and_send_body();
request->send_redirect("/user/settings");
}
void UserController::handle_request(Ref<User> &user, Ref<WebServerRequest> request) {
const String &segment = request->get_current_path_segment();
if (segment == "") {
handle_main_page_request(user, request);
} else if (segment == "settings") {
handle_settings_request(user, request);
} else if (segment == "password_reset") {
handle_password_reset_request(user, request);
} else if (segment == "logout") {
handle_logout_request(user, request);
} else if (segment == "delete") {
handle_delete_request(user, request);
} else if (segment == "login") {
render_already_logged_in_error(request);
} else if (segment == "register") {
render_already_logged_in_error(request);
} else {
request->send_error(404);
}
}
void UserController::handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_main_page_request";
request->compile_and_send_body();
}
void UserController::handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request) {
SettingsRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
data.uname_val = request->get_parameter("username");
data.email_val = request->get_parameter("email");
data.pass_val = request->get_parameter("password");
data.pass_check_val = request->get_parameter("password_check");
bool changed = false;
PoolStringArray errors = _profile_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
if (errors.size() == 0) {
if (data.uname_val == user->get_user_name()) {
data.uname_val = "";
}
if (data.email_val == user->get_email()) {
data.email_val = "";
}
if (data.uname_val != "") {
if (UserDB::get_singleton()->is_username_taken(data.uname_val)) {
data.error_str += "Username already taken!<br>";
} else {
// todo sanitize for html special chars!
user->set_user_name(data.uname_val);
changed = true;
data.uname_val = "";
}
}
if (data.email_val != "") {
if (UserDB::get_singleton()->is_email_taken(data.email_val)) {
data.error_str += "Email already in use!<br>";
} else {
// todo sanitize for html special chars!
// also send email
user->set_email(data.email_val);
changed = true;
data.email_val = "";
}
}
if (data.pass_val != "") {
if (data.pass_val != data.pass_check_val) {
data.error_str += "The passwords did not match!<br>";
} else {
user->create_password(data.pass_val);
changed = true;
}
}
if (changed) {
user->save();
}
}
}
render_settings_request(user, request, &data);
}
void UserController::render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data) {
HTMLBuilder b;
b.w("Settings");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("settings");
{
// todo href path helper
b.form()->method("POST")->href("/user/settings");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->placeholder(user->get_user_name())->value(data->uname_val);
b.cinput();
b.br();
b.w("Email");
b.br();
b.input()->type("email")->name("email")->placeholder(user->get_email())->value(data->email_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->placeholder("*******")->name("password");
b.cinput();
b.br();
b.w("Password again");
b.br();
b.input()->type("password")->placeholder("*******")->name("password_check");
b.cinput();
b.br();
b.input()->type("submit")->value("Save");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request) {
void UserPasswordResetWebPage::handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_password_reset_request";
request->compile_and_send_body();
}
void UserController::handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->response_remove_cookie_simple("session_id");
user->save();
HTTPSessionManager *sess_man = request->get_server()->get_session_manager();
sess_man->delete_session(request->get_session()->get_session_id());
request->set_session(Ref<HTTPSession>());
HTMLBuilder b;
b.w("Logout successful!");
request->body += b.result;
request->compile_and_send_body();
UserPasswordResetWebPage::UserPasswordResetWebPage() {
}
void UserController::handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_delete_request";
request->compile_and_send_body();
}
UserController::UserController() {
{
// Login
_login_validator.instance();
_login_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
Ref<FormField> pw = _login_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
}
{
// Registration
_registration_validator.instance();
_registration_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
Ref<FormField> pw = _registration_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_registration_validator->new_field("password_check", "Password check")->need_to_match("password");
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
}
{
_profile_validator.instance();
_profile_validator->new_field("username", "Username")->ignore_if_not_exists()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_profile_validator->new_field("email", "Email")->ignore_if_not_exists()->need_to_be_email();
Ref<FormField> pw = _profile_validator->new_field("password", "Password");
pw->ignore_if_not_exists();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_profile_validator->new_field("password_check", "Password check")->ignore_if_other_field_not_exists("password")->need_to_match("password");
}
}
UserController::~UserController() {
UserPasswordResetWebPage::~UserPasswordResetWebPage() {
}

60
modules/users/web/web_nodes/user_password_reset_web_page.h
View File

@ -1,72 +1,26 @@
#ifndef USER_CONTROLLER_H
#define USER_CONTROLLER_H
#ifndef USER_PASSWORD_RESET_WEB_PAGE_H
#define USER_PASSWORD_RESET_WEB_PAGE_H
#include "core/reference.h"
#include "core/ustring.h"
#include "core/vector.h"
#include "modules/web/http/web_node.h"
#include "user_web_page.h"
class WebServerRequest;
class FormValidator;
class User;
class UserController : public WebNode {
GDCLASS(UserController, WebNode);
class UserPasswordResetWebPage : public UserWebPage {
GDCLASS(UserPasswordResetWebPage, UserWebPage);
public:
void _handle_request_main(Ref<WebServerRequest> request);
struct LoginRequestData {
String error_str;
String uname_val;
String pass_val;
};
virtual void handle_login_request_default(Ref<WebServerRequest> request);
virtual void render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data);
struct RegisterRequestData {
String error_str;
String uname_val;
String email_val;
String pass_val;
String pass_check_val;
};
virtual void handle_register_request_default(Ref<WebServerRequest> request);
virtual void render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data);
virtual void render_register_success(Ref<WebServerRequest> request);
virtual void render_already_logged_in_error(Ref<WebServerRequest> request);
virtual void render_login_success(Ref<WebServerRequest> request);
virtual void handle_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request);
struct SettingsRequestData {
String error_str;
String uname_val;
String email_val;
String pass_val;
String pass_check_val;
};
virtual void handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data);
virtual void handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request);
UserController();
~UserController();
UserPasswordResetWebPage();
~UserPasswordResetWebPage();
protected:
Ref<FormValidator> _login_validator;
Ref<FormValidator> _registration_validator;
Ref<FormValidator> _profile_validator;
};
#endif

383
modules/users/web/web_nodes/user_register_web_page.cpp
View File

@ -1,4 +1,4 @@
#include "user_controller.h"
#include "user_register_web_page.h"
#include "../../singleton/user_db.h"
#include "../../users/user.h"
@ -14,133 +14,7 @@
#include "modules/web/http/web_server_cookie.h"
#include "modules/web/http/web_server_request.h"
void UserController::_handle_request_main(Ref<WebServerRequest> request) {
if (_web_permission.is_valid()) {
if (_web_permission->activate(request)) {
return;
}
}
if (request->get_session().is_valid()) {
Ref<User> u = request->get_meta("user");
if (u.is_valid()) {
handle_request(u, request);
return;
}
}
String segment = request->get_current_path_segment();
if (segment == "") {
handle_login_request_default(request);
return;
} else if (segment == "login") {
handle_login_request_default(request);
return;
} else if (segment == "register") {
handle_register_request_default(request);
return;
}
handle_login_request_default(request);
}
void UserController::handle_login_request_default(Ref<WebServerRequest> request) {
LoginRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
// this is probbaly not needed
// it's ok for now as I need to test the validators more
PoolStringArray errors = _login_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
// not needed end
data.uname_val = request->get_parameter("username");
data.pass_val = request->get_parameter("password");
Ref<User> user = UserDB::get_singleton()->get_user_name(data.uname_val);
if (user.is_valid()) {
if (!user->check_password(data.pass_val)) {
data.error_str += "Invalid username or password!";
} else {
Ref<HTTPSession> session = request->get_or_create_session();
session->add("user_id", user->get_user_id());
Ref<WebServerCookie> c;
c.instance();
c->set_data("session_id", session->session_id);
//c.path = "/";
request->response_add_cookie(c);
render_login_success(request);
return;
}
} else {
data.error_str += "Invalid username or password!";
}
}
render_login_request_default(request, &data);
}
void UserController::render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data) {
HTMLBuilder b;
b.w("Login");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("login");
{
// todo href path helper
b.form()->method("POST")->href("/user/login");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->value(data->uname_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->name("password");
b.cinput();
b.br();
b.input()->type("submit")->value("Send");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_register_request_default(Ref<WebServerRequest> request) {
void UserRegisterWebPage::handle_register_request_default(Ref<WebServerRequest> request) {
RegisterRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
@ -188,7 +62,7 @@ void UserController::handle_register_request_default(Ref<WebServerRequest> reque
render_register_request_default(request, &data);
}
void UserController::render_register_success(Ref<WebServerRequest> request) {
void UserRegisterWebPage::render_register_success(Ref<WebServerRequest> request) {
HTMLBuilder b;
b.div()->cls("success");
@ -206,7 +80,7 @@ void UserController::render_register_success(Ref<WebServerRequest> request) {
request->compile_and_send_body();
}
void UserController::render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data) {
void UserRegisterWebPage::render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data) {
HTMLBuilder b;
b.w("Registration");
@ -265,245 +139,28 @@ void UserController::render_register_request_default(Ref<WebServerRequest> reque
request->compile_and_send_body();
}
void UserController::render_already_logged_in_error(Ref<WebServerRequest> request) {
void UserRegisterWebPage::render_already_logged_in_error(Ref<WebServerRequest> request) {
request->body += "You are already logged in.";
request->compile_and_send_body();
}
void UserController::render_login_success(Ref<WebServerRequest> request) {
request->body = "Login Success!<br>";
UserRegisterWebPage::UserRegisterWebPage() {
// Registration
_registration_validator.instance();
// request->compile_and_send_body();
request->send_redirect("/user/settings");
_registration_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
Ref<FormField> pw = _registration_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_registration_validator->new_field("password_check", "Password check")->need_to_match("password");
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
}
void UserController::handle_request(Ref<User> &user, Ref<WebServerRequest> request) {
const String &segment = request->get_current_path_segment();
if (segment == "") {
handle_main_page_request(user, request);
} else if (segment == "settings") {
handle_settings_request(user, request);
} else if (segment == "password_reset") {
handle_password_reset_request(user, request);
} else if (segment == "logout") {
handle_logout_request(user, request);
} else if (segment == "delete") {
handle_delete_request(user, request);
} else if (segment == "login") {
render_already_logged_in_error(request);
} else if (segment == "register") {
render_already_logged_in_error(request);
} else {
request->send_error(404);
}
}
void UserController::handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_main_page_request";
request->compile_and_send_body();
}
void UserController::handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request) {
SettingsRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
data.uname_val = request->get_parameter("username");
data.email_val = request->get_parameter("email");
data.pass_val = request->get_parameter("password");
data.pass_check_val = request->get_parameter("password_check");
bool changed = false;
PoolStringArray errors = _profile_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
if (errors.size() == 0) {
if (data.uname_val == user->get_user_name()) {
data.uname_val = "";
}
if (data.email_val == user->get_email()) {
data.email_val = "";
}
if (data.uname_val != "") {
if (UserDB::get_singleton()->is_username_taken(data.uname_val)) {
data.error_str += "Username already taken!<br>";
} else {
// todo sanitize for html special chars!
user->set_user_name(data.uname_val);
changed = true;
data.uname_val = "";
}
}
if (data.email_val != "") {
if (UserDB::get_singleton()->is_email_taken(data.email_val)) {
data.error_str += "Email already in use!<br>";
} else {
// todo sanitize for html special chars!
// also send email
user->set_email(data.email_val);
changed = true;
data.email_val = "";
}
}
if (data.pass_val != "") {
if (data.pass_val != data.pass_check_val) {
data.error_str += "The passwords did not match!<br>";
} else {
user->create_password(data.pass_val);
changed = true;
}
}
if (changed) {
user->save();
}
}
}
render_settings_request(user, request, &data);
}
void UserController::render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data) {
HTMLBuilder b;
b.w("Settings");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("settings");
{
// todo href path helper
b.form()->method("POST")->href("/user/settings");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->placeholder(user->get_user_name())->value(data->uname_val);
b.cinput();
b.br();
b.w("Email");
b.br();
b.input()->type("email")->name("email")->placeholder(user->get_email())->value(data->email_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->placeholder("*******")->name("password");
b.cinput();
b.br();
b.w("Password again");
b.br();
b.input()->type("password")->placeholder("*******")->name("password_check");
b.cinput();
b.br();
b.input()->type("submit")->value("Save");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_password_reset_request";
request->compile_and_send_body();
}
void UserController::handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->response_remove_cookie_simple("session_id");
user->save();
HTTPSessionManager *sess_man = request->get_server()->get_session_manager();
sess_man->delete_session(request->get_session()->get_session_id());
request->set_session(Ref<HTTPSession>());
HTMLBuilder b;
b.w("Logout successful!");
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_delete_request";
request->compile_and_send_body();
}
UserController::UserController() {
{
// Login
_login_validator.instance();
_login_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
Ref<FormField> pw = _login_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
}
{
// Registration
_registration_validator.instance();
_registration_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
Ref<FormField> pw = _registration_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_registration_validator->new_field("password_check", "Password check")->need_to_match("password");
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
}
{
_profile_validator.instance();
_profile_validator->new_field("username", "Username")->ignore_if_not_exists()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_profile_validator->new_field("email", "Email")->ignore_if_not_exists()->need_to_be_email();
Ref<FormField> pw = _profile_validator->new_field("password", "Password");
pw->ignore_if_not_exists();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_profile_validator->new_field("password_check", "Password check")->ignore_if_other_field_not_exists("password")->need_to_match("password");
}
}
UserController::~UserController() {
UserRegisterWebPage::~UserRegisterWebPage() {
}

46
modules/users/web/web_nodes/user_register_web_page.h
View File

@ -1,31 +1,20 @@
#ifndef USER_CONTROLLER_H
#define USER_CONTROLLER_H
#ifndef USER_REGISTER_WEB_PAGE_H
#define USER_REGISTER_WEB_PAGE_H
#include "core/reference.h"
#include "core/ustring.h"
#include "core/vector.h"
#include "modules/web/http/web_node.h"
#include "user_web_page.h"
class WebServerRequest;
class FormValidator;
class User;
class UserController : public WebNode {
GDCLASS(UserController, WebNode);
class UserRegisterWebPage : public UserWebPage {
GDCLASS(UserRegisterWebPage, UserWebPage);
public:
void _handle_request_main(Ref<WebServerRequest> request);
struct LoginRequestData {
String error_str;
String uname_val;
String pass_val;
};
virtual void handle_login_request_default(Ref<WebServerRequest> request);
virtual void render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data);
struct RegisterRequestData {
String error_str;
String uname_val;
@ -39,32 +28,11 @@ public:
virtual void render_register_success(Ref<WebServerRequest> request);
virtual void render_already_logged_in_error(Ref<WebServerRequest> request);
virtual void render_login_success(Ref<WebServerRequest> request);
virtual void handle_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request);
struct SettingsRequestData {
String error_str;
String uname_val;
String email_val;
String pass_val;
String pass_check_val;
};
virtual void handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data);
virtual void handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request);
UserController();
~UserController();
UserRegisterWebPage();
~UserRegisterWebPage();
protected:
Ref<FormValidator> _login_validator;
Ref<FormValidator> _registration_validator;
Ref<FormValidator> _profile_validator;
};

364
modules/users/web/web_nodes/user_settings_web_page.cpp
View File

@ -1,4 +1,4 @@
#include "user_controller.h"
#include "user_settings_web_page.h"
#include "../../singleton/user_db.h"
#include "../../users/user.h"
@ -14,7 +14,7 @@
#include "modules/web/http/web_server_cookie.h"
#include "modules/web/http/web_server_request.h"
void UserController::_handle_request_main(Ref<WebServerRequest> request) {
void UserSettingsWebPage::_handle_request_main(Ref<WebServerRequest> request) {
if (_web_permission.is_valid()) {
if (_web_permission->activate(request)) {
return;
@ -30,283 +30,9 @@ void UserController::_handle_request_main(Ref<WebServerRequest> request) {
return;
}
}
String segment = request->get_current_path_segment();
if (segment == "") {
handle_login_request_default(request);
return;
} else if (segment == "login") {
handle_login_request_default(request);
return;
} else if (segment == "register") {
handle_register_request_default(request);
return;
}
handle_login_request_default(request);
}
void UserController::handle_login_request_default(Ref<WebServerRequest> request) {
LoginRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
// this is probbaly not needed
// it's ok for now as I need to test the validators more
PoolStringArray errors = _login_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
// not needed end
data.uname_val = request->get_parameter("username");
data.pass_val = request->get_parameter("password");
Ref<User> user = UserDB::get_singleton()->get_user_name(data.uname_val);
if (user.is_valid()) {
if (!user->check_password(data.pass_val)) {
data.error_str += "Invalid username or password!";
} else {
Ref<HTTPSession> session = request->get_or_create_session();
session->add("user_id", user->get_user_id());
Ref<WebServerCookie> c;
c.instance();
c->set_data("session_id", session->session_id);
//c.path = "/";
request->response_add_cookie(c);
render_login_success(request);
return;
}
} else {
data.error_str += "Invalid username or password!";
}
}
render_login_request_default(request, &data);
}
void UserController::render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data) {
HTMLBuilder b;
b.w("Login");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("login");
{
// todo href path helper
b.form()->method("POST")->href("/user/login");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->value(data->uname_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->name("password");
b.cinput();
b.br();
b.input()->type("submit")->value("Send");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_register_request_default(Ref<WebServerRequest> request) {
RegisterRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
PoolStringArray errors = _registration_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
data.uname_val = request->get_parameter("username");
data.email_val = request->get_parameter("email");
data.pass_val = request->get_parameter("password");
data.pass_check_val = request->get_parameter("password_check");
// todo username length etc check
// todo pw length etc check
if (UserDB::get_singleton()->is_username_taken(data.uname_val)) {
data.error_str += "Username already taken!<br>";
}
if (UserDB::get_singleton()->is_email_taken(data.email_val)) {
data.error_str += "Email already in use!<br>";
}
if (data.pass_val != data.pass_check_val) {
data.error_str += "The passwords did not match!<br>";
}
if (data.error_str.size() == 0) {
Ref<User> user;
user = UserDB::get_singleton()->create_user();
user->set_user_name(data.uname_val);
user->set_email(data.email_val);
user->create_password(data.pass_val);
user->save();
render_register_success(request);
return;
}
}
render_register_request_default(request, &data);
}
void UserController::render_register_success(Ref<WebServerRequest> request) {
HTMLBuilder b;
b.div()->cls("success");
{
b.w("Registration successful! You can now log in!");
b.br();
b.a()->href("/user/login");
b.w(">> Login <<");
b.ca();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data) {
HTMLBuilder b;
b.w("Registration");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("register");
{
// todo href path helper
b.form()->method("POST")->href("/user/register");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->value(data->uname_val);
b.cinput();
b.br();
b.w("Email");
b.br();
b.input()->type("email")->name("email")->value(data->email_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->name("password");
b.cinput();
b.br();
b.w("Password again");
b.br();
b.input()->type("password")->name("password_check");
b.cinput();
b.br();
b.input()->type("submit")->value("Register");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::render_already_logged_in_error(Ref<WebServerRequest> request) {
request->body += "You are already logged in.";
request->compile_and_send_body();
}
void UserController::render_login_success(Ref<WebServerRequest> request) {
request->body = "Login Success!<br>";
// request->compile_and_send_body();
request->send_redirect("/user/settings");
}
void UserController::handle_request(Ref<User> &user, Ref<WebServerRequest> request) {
const String &segment = request->get_current_path_segment();
if (segment == "") {
handle_main_page_request(user, request);
} else if (segment == "settings") {
handle_settings_request(user, request);
} else if (segment == "password_reset") {
handle_password_reset_request(user, request);
} else if (segment == "logout") {
handle_logout_request(user, request);
} else if (segment == "delete") {
handle_delete_request(user, request);
} else if (segment == "login") {
render_already_logged_in_error(request);
} else if (segment == "register") {
render_already_logged_in_error(request);
} else {
request->send_error(404);
}
}
void UserController::handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_main_page_request";
request->compile_and_send_body();
}
void UserController::handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request) {
void UserSettingsWebPage::handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request) {
SettingsRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
@ -374,7 +100,7 @@ void UserController::handle_settings_request(Ref<User> &user, Ref<WebServerReque
render_settings_request(user, request, &data);
}
void UserController::render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data) {
void UserSettingsWebPage::render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data) {
HTMLBuilder b;
b.w("Settings");
@ -433,77 +159,19 @@ void UserController::render_settings_request(Ref<User> &user, Ref<WebServerReque
request->compile_and_send_body();
}
void UserController::handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_password_reset_request";
UserSettingsWebPage::UserSettingsWebPage() {
_profile_validator.instance();
request->compile_and_send_body();
_profile_validator->new_field("username", "Username")->ignore_if_not_exists()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_profile_validator->new_field("email", "Email")->ignore_if_not_exists()->need_to_be_email();
Ref<FormField> pw = _profile_validator->new_field("password", "Password");
pw->ignore_if_not_exists();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_profile_validator->new_field("password_check", "Password check")->ignore_if_other_field_not_exists("password")->need_to_match("password");
}
void UserController::handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->response_remove_cookie_simple("session_id");
user->save();
HTTPSessionManager *sess_man = request->get_server()->get_session_manager();
sess_man->delete_session(request->get_session()->get_session_id());
request->set_session(Ref<HTTPSession>());
HTMLBuilder b;
b.w("Logout successful!");
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_delete_request";
request->compile_and_send_body();
}
UserController::UserController() {
{
// Login
_login_validator.instance();
_login_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
Ref<FormField> pw = _login_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
}
{
// Registration
_registration_validator.instance();
_registration_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
Ref<FormField> pw = _registration_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_registration_validator->new_field("password_check", "Password check")->need_to_match("password");
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
}
{
_profile_validator.instance();
_profile_validator->new_field("username", "Username")->ignore_if_not_exists()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_profile_validator->new_field("email", "Email")->ignore_if_not_exists()->need_to_be_email();
Ref<FormField> pw = _profile_validator->new_field("password", "Password");
pw->ignore_if_not_exists();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_profile_validator->new_field("password_check", "Password check")->ignore_if_other_field_not_exists("password")->need_to_match("password");
}
}
UserController::~UserController() {
UserSettingsWebPage::~UserSettingsWebPage() {
}

44
modules/users/web/web_nodes/user_settings_web_page.h
View File

@ -1,46 +1,22 @@
#ifndef USER_CONTROLLER_H
#define USER_CONTROLLER_H
#ifndef USER_SETTINGS_WEB_PAGE_H
#define USER_SETTINGS_WEB_PAGE_H
#include "core/reference.h"
#include "core/ustring.h"
#include "core/vector.h"
#include "modules/web/http/web_node.h"
#include "user_web_page.h"
class WebServerRequest;
class FormValidator;
class User;
class UserController : public WebNode {
GDCLASS(UserController, WebNode);
class UserSettingsWebPage : public UserWebPage {
GDCLASS(UserSettingsWebPage, UserWebPage);
public:
void _handle_request_main(Ref<WebServerRequest> request);
struct LoginRequestData {
String error_str;
String uname_val;
String pass_val;
};
virtual void handle_login_request_default(Ref<WebServerRequest> request);
virtual void render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data);
struct RegisterRequestData {
String error_str;
String uname_val;
String email_val;
String pass_val;
String pass_check_val;
};
virtual void handle_register_request_default(Ref<WebServerRequest> request);
virtual void render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data);
virtual void render_register_success(Ref<WebServerRequest> request);
virtual void render_already_logged_in_error(Ref<WebServerRequest> request);
virtual void render_login_success(Ref<WebServerRequest> request);
virtual void handle_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request);
@ -56,16 +32,10 @@ public:
virtual void handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data);
virtual void handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request);
UserController();
~UserController();
UserSettingsWebPage();
~UserSettingsWebPage();
protected:
Ref<FormValidator> _login_validator;
Ref<FormValidator> _registration_validator;
Ref<FormValidator> _profile_validator;
};

508
modules/users/web/web_nodes/user_stats_web_page.cpp
View File

@ -1,509 +1,7 @@
#include "user_controller.h"
#include "user_stats_web_page.h"
#include "../../singleton/user_db.h"
#include "../../users/user.h"
#include "core/variant.h"
#include "modules/web/html/form_validator.h"
#include "modules/web/html/html_builder.h"
#include "modules/web/http/http_server_enums.h"
#include "modules/web/http/http_session.h"
#include "modules/web/http/http_session_manager.h"
#include "modules/web/http/web_permission.h"
#include "modules/web/http/web_server.h"
#include "modules/web/http/web_server_cookie.h"
#include "modules/web/http/web_server_request.h"
void UserController::_handle_request_main(Ref<WebServerRequest> request) {
if (_web_permission.is_valid()) {
if (_web_permission->activate(request)) {
return;
}
}
if (request->get_session().is_valid()) {
Ref<User> u = request->get_meta("user");
if (u.is_valid()) {
handle_request(u, request);
return;
}
}
String segment = request->get_current_path_segment();
if (segment == "") {
handle_login_request_default(request);
return;
} else if (segment == "login") {
handle_login_request_default(request);
return;
} else if (segment == "register") {
handle_register_request_default(request);
return;
}
handle_login_request_default(request);
UserStatsWebPage::UserStatsWebPage() {
}
void UserController::handle_login_request_default(Ref<WebServerRequest> request) {
LoginRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
// this is probbaly not needed
// it's ok for now as I need to test the validators more
PoolStringArray errors = _login_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
// not needed end
data.uname_val = request->get_parameter("username");
data.pass_val = request->get_parameter("password");
Ref<User> user = UserDB::get_singleton()->get_user_name(data.uname_val);
if (user.is_valid()) {
if (!user->check_password(data.pass_val)) {
data.error_str += "Invalid username or password!";
} else {
Ref<HTTPSession> session = request->get_or_create_session();
session->add("user_id", user->get_user_id());
Ref<WebServerCookie> c;
c.instance();
c->set_data("session_id", session->session_id);
//c.path = "/";
request->response_add_cookie(c);
render_login_success(request);
return;
}
} else {
data.error_str += "Invalid username or password!";
}
}
render_login_request_default(request, &data);
}
void UserController::render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data) {
HTMLBuilder b;
b.w("Login");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("login");
{
// todo href path helper
b.form()->method("POST")->href("/user/login");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->value(data->uname_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->name("password");
b.cinput();
b.br();
b.input()->type("submit")->value("Send");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_register_request_default(Ref<WebServerRequest> request) {
RegisterRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
PoolStringArray errors = _registration_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
data.uname_val = request->get_parameter("username");
data.email_val = request->get_parameter("email");
data.pass_val = request->get_parameter("password");
data.pass_check_val = request->get_parameter("password_check");
// todo username length etc check
// todo pw length etc check
if (UserDB::get_singleton()->is_username_taken(data.uname_val)) {
data.error_str += "Username already taken!<br>";
}
if (UserDB::get_singleton()->is_email_taken(data.email_val)) {
data.error_str += "Email already in use!<br>";
}
if (data.pass_val != data.pass_check_val) {
data.error_str += "The passwords did not match!<br>";
}
if (data.error_str.size() == 0) {
Ref<User> user;
user = UserDB::get_singleton()->create_user();
user->set_user_name(data.uname_val);
user->set_email(data.email_val);
user->create_password(data.pass_val);
user->save();
render_register_success(request);
return;
}
}
render_register_request_default(request, &data);
}
void UserController::render_register_success(Ref<WebServerRequest> request) {
HTMLBuilder b;
b.div()->cls("success");
{
b.w("Registration successful! You can now log in!");
b.br();
b.a()->href("/user/login");
b.w(">> Login <<");
b.ca();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data) {
HTMLBuilder b;
b.w("Registration");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("register");
{
// todo href path helper
b.form()->method("POST")->href("/user/register");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->value(data->uname_val);
b.cinput();
b.br();
b.w("Email");
b.br();
b.input()->type("email")->name("email")->value(data->email_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->name("password");
b.cinput();
b.br();
b.w("Password again");
b.br();
b.input()->type("password")->name("password_check");
b.cinput();
b.br();
b.input()->type("submit")->value("Register");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::render_already_logged_in_error(Ref<WebServerRequest> request) {
request->body += "You are already logged in.";
request->compile_and_send_body();
}
void UserController::render_login_success(Ref<WebServerRequest> request) {
request->body = "Login Success!<br>";
// request->compile_and_send_body();
request->send_redirect("/user/settings");
}
void UserController::handle_request(Ref<User> &user, Ref<WebServerRequest> request) {
const String &segment = request->get_current_path_segment();
if (segment == "") {
handle_main_page_request(user, request);
} else if (segment == "settings") {
handle_settings_request(user, request);
} else if (segment == "password_reset") {
handle_password_reset_request(user, request);
} else if (segment == "logout") {
handle_logout_request(user, request);
} else if (segment == "delete") {
handle_delete_request(user, request);
} else if (segment == "login") {
render_already_logged_in_error(request);
} else if (segment == "register") {
render_already_logged_in_error(request);
} else {
request->send_error(404);
}
}
void UserController::handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_main_page_request";
request->compile_and_send_body();
}
void UserController::handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request) {
SettingsRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
data.uname_val = request->get_parameter("username");
data.email_val = request->get_parameter("email");
data.pass_val = request->get_parameter("password");
data.pass_check_val = request->get_parameter("password_check");
bool changed = false;
PoolStringArray errors = _profile_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
if (errors.size() == 0) {
if (data.uname_val == user->get_user_name()) {
data.uname_val = "";
}
if (data.email_val == user->get_email()) {
data.email_val = "";
}
if (data.uname_val != "") {
if (UserDB::get_singleton()->is_username_taken(data.uname_val)) {
data.error_str += "Username already taken!<br>";
} else {
// todo sanitize for html special chars!
user->set_user_name(data.uname_val);
changed = true;
data.uname_val = "";
}
}
if (data.email_val != "") {
if (UserDB::get_singleton()->is_email_taken(data.email_val)) {
data.error_str += "Email already in use!<br>";
} else {
// todo sanitize for html special chars!
// also send email
user->set_email(data.email_val);
changed = true;
data.email_val = "";
}
}
if (data.pass_val != "") {
if (data.pass_val != data.pass_check_val) {
data.error_str += "The passwords did not match!<br>";
} else {
user->create_password(data.pass_val);
changed = true;
}
}
if (changed) {
user->save();
}
}
}
render_settings_request(user, request, &data);
}
void UserController::render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data) {
HTMLBuilder b;
b.w("Settings");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("settings");
{
// todo href path helper
b.form()->method("POST")->href("/user/settings");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->placeholder(user->get_user_name())->value(data->uname_val);
b.cinput();
b.br();
b.w("Email");
b.br();
b.input()->type("email")->name("email")->placeholder(user->get_email())->value(data->email_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->placeholder("*******")->name("password");
b.cinput();
b.br();
b.w("Password again");
b.br();
b.input()->type("password")->placeholder("*******")->name("password_check");
b.cinput();
b.br();
b.input()->type("submit")->value("Save");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_password_reset_request";
request->compile_and_send_body();
}
void UserController::handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->response_remove_cookie_simple("session_id");
user->save();
HTTPSessionManager *sess_man = request->get_server()->get_session_manager();
sess_man->delete_session(request->get_session()->get_session_id());
request->set_session(Ref<HTTPSession>());
HTMLBuilder b;
b.w("Logout successful!");
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_delete_request";
request->compile_and_send_body();
}
UserController::UserController() {
{
// Login
_login_validator.instance();
_login_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
Ref<FormField> pw = _login_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
}
{
// Registration
_registration_validator.instance();
_registration_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
Ref<FormField> pw = _registration_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_registration_validator->new_field("password_check", "Password check")->need_to_match("password");
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
}
{
_profile_validator.instance();
_profile_validator->new_field("username", "Username")->ignore_if_not_exists()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_profile_validator->new_field("email", "Email")->ignore_if_not_exists()->need_to_be_email();
Ref<FormField> pw = _profile_validator->new_field("password", "Password");
pw->ignore_if_not_exists();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_profile_validator->new_field("password_check", "Password check")->ignore_if_other_field_not_exists("password")->need_to_match("password");
}
}
UserController::~UserController() {
UserStatsWebPage::~UserStatsWebPage() {
}

55
modules/users/web/web_nodes/user_stats_web_page.h
View File

@ -1,67 +1,26 @@
#ifndef USER_CONTROLLER_H
#define USER_CONTROLLER_H
#ifndef USER_STATS_WEB_PAGE_H
#define USER_STATS_WEB_PAGE_H
#include "core/reference.h"
#include "core/ustring.h"
#include "core/vector.h"
#include "modules/web/http/web_node.h"
#include "user_web_page.h"
class WebServerRequest;
class FormValidator;
class User;
class UserController : public WebNode {
GDCLASS(UserController, WebNode);
class UserStatsWebPage : public UserWebPage {
GDCLASS(UserStatsWebPage, UserWebPage);
public:
void _handle_request_main(Ref<WebServerRequest> request);
struct LoginRequestData {
String error_str;
String uname_val;
String pass_val;
};
virtual void handle_login_request_default(Ref<WebServerRequest> request);
virtual void render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data);
struct RegisterRequestData {
String error_str;
String uname_val;
String email_val;
String pass_val;
String pass_check_val;
};
virtual void handle_register_request_default(Ref<WebServerRequest> request);
virtual void render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data);
virtual void render_register_success(Ref<WebServerRequest> request);
virtual void render_already_logged_in_error(Ref<WebServerRequest> request);
virtual void render_login_success(Ref<WebServerRequest> request);
virtual void handle_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request);
struct SettingsRequestData {
String error_str;
String uname_val;
String email_val;
String pass_val;
String pass_check_val;
};
virtual void handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data);
virtual void handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request);
UserController();
~UserController();
UserStatsWebPage();
~UserStatsWebPage();
protected:
Ref<FormValidator> _login_validator;

508
modules/users/web/web_nodes/user_web_page.cpp
View File

@ -1,509 +1,7 @@
#include "user_controller.h"
#include "user_web_page.h"
#include "../../singleton/user_db.h"
#include "../../users/user.h"
#include "core/variant.h"
#include "modules/web/html/form_validator.h"
#include "modules/web/html/html_builder.h"
#include "modules/web/http/http_server_enums.h"
#include "modules/web/http/http_session.h"
#include "modules/web/http/http_session_manager.h"
#include "modules/web/http/web_permission.h"
#include "modules/web/http/web_server.h"
#include "modules/web/http/web_server_cookie.h"
#include "modules/web/http/web_server_request.h"
void UserController::_handle_request_main(Ref<WebServerRequest> request) {
if (_web_permission.is_valid()) {
if (_web_permission->activate(request)) {
return;
}
}
if (request->get_session().is_valid()) {
Ref<User> u = request->get_meta("user");
if (u.is_valid()) {
handle_request(u, request);
return;
}
}
String segment = request->get_current_path_segment();
if (segment == "") {
handle_login_request_default(request);
return;
} else if (segment == "login") {
handle_login_request_default(request);
return;
} else if (segment == "register") {
handle_register_request_default(request);
return;
}
handle_login_request_default(request);
UserWebPage::UserWebPage() {
}
void UserController::handle_login_request_default(Ref<WebServerRequest> request) {
LoginRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
// this is probbaly not needed
// it's ok for now as I need to test the validators more
PoolStringArray errors = _login_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
// not needed end
data.uname_val = request->get_parameter("username");
data.pass_val = request->get_parameter("password");
Ref<User> user = UserDB::get_singleton()->get_user_name(data.uname_val);
if (user.is_valid()) {
if (!user->check_password(data.pass_val)) {
data.error_str += "Invalid username or password!";
} else {
Ref<HTTPSession> session = request->get_or_create_session();
session->add("user_id", user->get_user_id());
Ref<WebServerCookie> c;
c.instance();
c->set_data("session_id", session->session_id);
//c.path = "/";
request->response_add_cookie(c);
render_login_success(request);
return;
}
} else {
data.error_str += "Invalid username or password!";
}
}
render_login_request_default(request, &data);
}
void UserController::render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data) {
HTMLBuilder b;
b.w("Login");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("login");
{
// todo href path helper
b.form()->method("POST")->href("/user/login");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->value(data->uname_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->name("password");
b.cinput();
b.br();
b.input()->type("submit")->value("Send");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_register_request_default(Ref<WebServerRequest> request) {
RegisterRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
PoolStringArray errors = _registration_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
data.uname_val = request->get_parameter("username");
data.email_val = request->get_parameter("email");
data.pass_val = request->get_parameter("password");
data.pass_check_val = request->get_parameter("password_check");
// todo username length etc check
// todo pw length etc check
if (UserDB::get_singleton()->is_username_taken(data.uname_val)) {
data.error_str += "Username already taken!<br>";
}
if (UserDB::get_singleton()->is_email_taken(data.email_val)) {
data.error_str += "Email already in use!<br>";
}
if (data.pass_val != data.pass_check_val) {
data.error_str += "The passwords did not match!<br>";
}
if (data.error_str.size() == 0) {
Ref<User> user;
user = UserDB::get_singleton()->create_user();
user->set_user_name(data.uname_val);
user->set_email(data.email_val);
user->create_password(data.pass_val);
user->save();
render_register_success(request);
return;
}
}
render_register_request_default(request, &data);
}
void UserController::render_register_success(Ref<WebServerRequest> request) {
HTMLBuilder b;
b.div()->cls("success");
{
b.w("Registration successful! You can now log in!");
b.br();
b.a()->href("/user/login");
b.w(">> Login <<");
b.ca();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data) {
HTMLBuilder b;
b.w("Registration");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("register");
{
// todo href path helper
b.form()->method("POST")->href("/user/register");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->value(data->uname_val);
b.cinput();
b.br();
b.w("Email");
b.br();
b.input()->type("email")->name("email")->value(data->email_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->name("password");
b.cinput();
b.br();
b.w("Password again");
b.br();
b.input()->type("password")->name("password_check");
b.cinput();
b.br();
b.input()->type("submit")->value("Register");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::render_already_logged_in_error(Ref<WebServerRequest> request) {
request->body += "You are already logged in.";
request->compile_and_send_body();
}
void UserController::render_login_success(Ref<WebServerRequest> request) {
request->body = "Login Success!<br>";
// request->compile_and_send_body();
request->send_redirect("/user/settings");
}
void UserController::handle_request(Ref<User> &user, Ref<WebServerRequest> request) {
const String &segment = request->get_current_path_segment();
if (segment == "") {
handle_main_page_request(user, request);
} else if (segment == "settings") {
handle_settings_request(user, request);
} else if (segment == "password_reset") {
handle_password_reset_request(user, request);
} else if (segment == "logout") {
handle_logout_request(user, request);
} else if (segment == "delete") {
handle_delete_request(user, request);
} else if (segment == "login") {
render_already_logged_in_error(request);
} else if (segment == "register") {
render_already_logged_in_error(request);
} else {
request->send_error(404);
}
}
void UserController::handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_main_page_request";
request->compile_and_send_body();
}
void UserController::handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request) {
SettingsRequestData data;
if (request->get_method() == HTTPServerEnums::HTTP_METHOD_POST) {
data.uname_val = request->get_parameter("username");
data.email_val = request->get_parameter("email");
data.pass_val = request->get_parameter("password");
data.pass_check_val = request->get_parameter("password_check");
bool changed = false;
PoolStringArray errors = _profile_validator->validate(request);
for (int i = 0; i < errors.size(); ++i) {
data.error_str += errors[i] + "<br>";
}
if (errors.size() == 0) {
if (data.uname_val == user->get_user_name()) {
data.uname_val = "";
}
if (data.email_val == user->get_email()) {
data.email_val = "";
}
if (data.uname_val != "") {
if (UserDB::get_singleton()->is_username_taken(data.uname_val)) {
data.error_str += "Username already taken!<br>";
} else {
// todo sanitize for html special chars!
user->set_user_name(data.uname_val);
changed = true;
data.uname_val = "";
}
}
if (data.email_val != "") {
if (UserDB::get_singleton()->is_email_taken(data.email_val)) {
data.error_str += "Email already in use!<br>";
} else {
// todo sanitize for html special chars!
// also send email
user->set_email(data.email_val);
changed = true;
data.email_val = "";
}
}
if (data.pass_val != "") {
if (data.pass_val != data.pass_check_val) {
data.error_str += "The passwords did not match!<br>";
} else {
user->create_password(data.pass_val);
changed = true;
}
}
if (changed) {
user->save();
}
}
}
render_settings_request(user, request, &data);
}
void UserController::render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data) {
HTMLBuilder b;
b.w("Settings");
b.br();
{
if (data->error_str.size() != 0) {
b.div()->cls("error");
b.w(data->error_str);
b.cdiv();
}
}
b.div()->cls("settings");
{
// todo href path helper
b.form()->method("POST")->href("/user/settings");
{
b.csrf_tokenr(request);
b.w("Username");
b.br();
b.input()->type("text")->name("username")->placeholder(user->get_user_name())->value(data->uname_val);
b.cinput();
b.br();
b.w("Email");
b.br();
b.input()->type("email")->name("email")->placeholder(user->get_email())->value(data->email_val);
b.cinput();
b.br();
b.w("Password");
b.br();
b.input()->type("password")->placeholder("*******")->name("password");
b.cinput();
b.br();
b.w("Password again");
b.br();
b.input()->type("password")->placeholder("*******")->name("password_check");
b.cinput();
b.br();
b.input()->type("submit")->value("Save");
b.cinput();
}
b.cform();
}
b.cdiv();
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_password_reset_request";
request->compile_and_send_body();
}
void UserController::handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->response_remove_cookie_simple("session_id");
user->save();
HTTPSessionManager *sess_man = request->get_server()->get_session_manager();
sess_man->delete_session(request->get_session()->get_session_id());
request->set_session(Ref<HTTPSession>());
HTMLBuilder b;
b.w("Logout successful!");
request->body += b.result;
request->compile_and_send_body();
}
void UserController::handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request) {
request->body += "handle_delete_request";
request->compile_and_send_body();
}
UserController::UserController() {
{
// Login
_login_validator.instance();
_login_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
Ref<FormField> pw = _login_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
}
{
// Registration
_registration_validator.instance();
_registration_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
Ref<FormField> pw = _registration_validator->new_field("password", "Password");
pw->need_to_exist();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_registration_validator->new_field("password_check", "Password check")->need_to_match("password");
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
}
{
_profile_validator.instance();
_profile_validator->new_field("username", "Username")->ignore_if_not_exists()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
_profile_validator->new_field("email", "Email")->ignore_if_not_exists()->need_to_be_email();
Ref<FormField> pw = _profile_validator->new_field("password", "Password");
pw->ignore_if_not_exists();
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
pw->need_minimum_length(5);
_profile_validator->new_field("password_check", "Password check")->ignore_if_other_field_not_exists("password")->need_to_match("password");
}
}
UserController::~UserController() {
UserWebPage::~UserWebPage() {
}

62
modules/users/web/web_nodes/user_web_page.h
View File

@ -1,5 +1,5 @@
#ifndef USER_CONTROLLER_H
#define USER_CONTROLLER_H
#ifndef USER_WEB_PAGE_H
#define USER_WEB_PAGE_H
#include "core/reference.h"
#include "core/ustring.h"
@ -8,65 +8,15 @@
#include "modules/web/http/web_node.h"
class WebServerRequest;
class FormValidator;
class User;
class UserController : public WebNode {
GDCLASS(UserController, WebNode);
class UserWebPage : public WebNode {
GDCLASS(UserWebPage, WebNode);
public:
void _handle_request_main(Ref<WebServerRequest> request);
struct LoginRequestData {
String error_str;
String uname_val;
String pass_val;
};
virtual void handle_login_request_default(Ref<WebServerRequest> request);
virtual void render_login_request_default(Ref<WebServerRequest> request, LoginRequestData *data);
struct RegisterRequestData {
String error_str;
String uname_val;
String email_val;
String pass_val;
String pass_check_val;
};
virtual void handle_register_request_default(Ref<WebServerRequest> request);
virtual void render_register_request_default(Ref<WebServerRequest> request, RegisterRequestData *data);
virtual void render_register_success(Ref<WebServerRequest> request);
virtual void render_already_logged_in_error(Ref<WebServerRequest> request);
virtual void render_login_success(Ref<WebServerRequest> request);
virtual void handle_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_main_page_request(Ref<User> &user, Ref<WebServerRequest> request);
struct SettingsRequestData {
String error_str;
String uname_val;
String email_val;
String pass_val;
String pass_check_val;
};
virtual void handle_settings_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void render_settings_request(Ref<User> &user, Ref<WebServerRequest> request, SettingsRequestData *data);
virtual void handle_password_reset_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_logout_request(Ref<User> &user, Ref<WebServerRequest> request);
virtual void handle_delete_request(Ref<User> &user, Ref<WebServerRequest> request);
UserController();
~UserController();
UserWebPage();
~UserWebPage();
protected:
Ref<FormValidator> _login_validator;
Ref<FormValidator> _registration_validator;
Ref<FormValidator> _profile_validator;
};
#endif