2021-07-07 12:20:05 +02:00
|
|
|
#include "user.h"
|
|
|
|
|
2021-08-21 20:15:29 +02:00
|
|
|
#include "rapidjson/filewritestream.h"
|
|
|
|
#include "rapidjson/rapidjson.h"
|
|
|
|
#include "rapidjson/stringbuffer.h"
|
|
|
|
#include <rapidjson/writer.h>
|
|
|
|
|
2021-08-05 19:35:15 +02:00
|
|
|
#include "core/hash/sha256.h"
|
2021-08-20 18:00:50 +02:00
|
|
|
#include "core/html/form_validator.h"
|
2021-08-05 18:26:11 +02:00
|
|
|
#include "core/html/html_builder.h"
|
2021-08-05 19:35:15 +02:00
|
|
|
#include "core/http/cookie.h"
|
2021-08-04 21:29:19 +02:00
|
|
|
#include "core/http/http_session.h"
|
2021-08-05 01:19:54 +02:00
|
|
|
#include "core/http/request.h"
|
2021-08-04 21:29:19 +02:00
|
|
|
#include "core/http/session_manager.h"
|
2021-08-05 18:26:11 +02:00
|
|
|
#include "core/utils.h"
|
|
|
|
#include "user_manager.h"
|
2021-08-03 21:10:24 +02:00
|
|
|
|
2021-08-21 18:28:29 +02:00
|
|
|
std::string User::get_name_ui() {
|
|
|
|
return _nameui;
|
|
|
|
}
|
|
|
|
void User::set_name_ui(const std::string &value) {
|
|
|
|
_nameui = value;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::string User::get_email_ui() {
|
|
|
|
return _emailui;
|
|
|
|
}
|
|
|
|
void User::set_email_ui(const std::string &value) {
|
|
|
|
_emailui = value;
|
|
|
|
}
|
|
|
|
|
|
|
|
int User::get_rank() {
|
|
|
|
return _rank;
|
|
|
|
}
|
|
|
|
void User::set_rank(const int value) {
|
|
|
|
_rank = value;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::string User::get_pre_salt() {
|
|
|
|
return _pre_salt;
|
|
|
|
}
|
|
|
|
void User::set_pre_salt(const std::string &value) {
|
|
|
|
_pre_salt = value;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::string User::get_post_salt() {
|
|
|
|
return _post_salt;
|
|
|
|
}
|
|
|
|
void User::set_post_salt(const std::string &value) {
|
|
|
|
_post_salt = value;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::string User::get_password_hash() {
|
|
|
|
return _password_hash;
|
|
|
|
}
|
|
|
|
void User::set_password_hash(const std::string &value) {
|
|
|
|
_password_hash = value;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool User::get_banned() {
|
|
|
|
return _banned;
|
|
|
|
}
|
|
|
|
void User::set_banned(const bool value) {
|
|
|
|
_banned = value;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::vector<std::string> User::get_sessions() {
|
|
|
|
return _sessions;
|
|
|
|
}
|
|
|
|
void User::set_sessions(const std::vector<std::string> &value) {
|
|
|
|
_sessions = value;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::string User::get_password_reset_token() {
|
|
|
|
return _password_reset_token;
|
|
|
|
}
|
|
|
|
void User::set_password_reset_token(const std::string &value) {
|
|
|
|
_password_reset_token = value;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool User::get_locked() {
|
|
|
|
return _locked;
|
|
|
|
}
|
|
|
|
void User::set_locked(const bool value) {
|
|
|
|
_locked = value;
|
|
|
|
}
|
|
|
|
|
2021-08-04 21:29:19 +02:00
|
|
|
void User::save() {
|
2021-08-03 21:10:24 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void User::load() {
|
2021-08-04 21:29:19 +02:00
|
|
|
//unregister_sessions()
|
|
|
|
//load_code
|
|
|
|
//register_sessions()
|
2021-08-03 21:10:24 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void User::load(const std::string &p_name) {
|
2021-08-19 23:55:36 +02:00
|
|
|
//name = p_name;
|
|
|
|
|
|
|
|
//load();
|
|
|
|
}
|
|
|
|
|
|
|
|
void User::load(const int p_id) {
|
2021-08-21 17:11:42 +02:00
|
|
|
set_id(p_id);
|
2021-08-03 21:10:24 +02:00
|
|
|
|
|
|
|
load();
|
|
|
|
}
|
|
|
|
|
|
|
|
void User::changed() {
|
|
|
|
save();
|
|
|
|
}
|
|
|
|
|
|
|
|
void User::update() {
|
2021-08-04 21:29:19 +02:00
|
|
|
}
|
|
|
|
|
2021-08-05 19:35:15 +02:00
|
|
|
bool User::check_password(const std::string &p_password) {
|
2021-08-21 18:28:29 +02:00
|
|
|
return hash_password(p_password) == _password_hash;
|
2021-08-05 19:35:15 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void User::create_password(const std::string &p_password) {
|
|
|
|
//todo improve a bit
|
2021-08-21 18:28:29 +02:00
|
|
|
_pre_salt = hash_password(_nameui + _emailui);
|
|
|
|
_post_salt = hash_password(_emailui + _nameui);
|
2021-08-05 19:35:15 +02:00
|
|
|
|
2021-08-21 18:28:29 +02:00
|
|
|
_password_hash = hash_password(p_password);
|
2021-08-05 19:35:15 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
std::string User::hash_password(const std::string &p_password) {
|
|
|
|
SHA256 *s = SHA256::get();
|
|
|
|
|
2021-08-21 18:28:29 +02:00
|
|
|
std::string p = _pre_salt + p_password + _post_salt;
|
2021-08-05 19:35:15 +02:00
|
|
|
|
|
|
|
std::string c = s->compute(p);
|
|
|
|
|
|
|
|
delete s;
|
|
|
|
|
|
|
|
return c;
|
|
|
|
}
|
|
|
|
|
2021-08-04 21:29:19 +02:00
|
|
|
void User::register_sessions() {
|
2021-08-21 18:28:29 +02:00
|
|
|
if (_sessions.size() == 0) {
|
2021-08-04 21:29:19 +02:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
SessionManager *sm = SessionManager::get_singleton();
|
|
|
|
|
|
|
|
if (!sm) {
|
|
|
|
printf("ERROR: UserManager::add_user SessionManager singleton is null, please allocate one!\n");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2021-08-20 19:53:58 +02:00
|
|
|
_mutex.lock();
|
|
|
|
|
2021-08-21 18:28:29 +02:00
|
|
|
for (int i = 0; i < _sessions.size(); ++i) {
|
2021-08-04 21:29:19 +02:00
|
|
|
HTTPSession *session = new HTTPSession();
|
2021-08-21 18:28:29 +02:00
|
|
|
session->session_id = _sessions[i];
|
2021-08-04 21:29:19 +02:00
|
|
|
session->add_object("user", this);
|
|
|
|
|
|
|
|
sm->add_session(session);
|
|
|
|
}
|
2021-08-20 19:53:58 +02:00
|
|
|
|
|
|
|
_mutex.unlock();
|
2021-08-04 21:29:19 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void User::unregister_sessions() {
|
2021-08-21 18:28:29 +02:00
|
|
|
if (_sessions.size() == 0) {
|
2021-08-04 21:29:19 +02:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
SessionManager *sm = SessionManager::get_singleton();
|
|
|
|
|
|
|
|
if (!sm) {
|
|
|
|
printf("ERROR: UserManager::remove_user SessionManager singleton is null, please allocate one!\n");
|
|
|
|
return;
|
|
|
|
}
|
2021-08-03 21:10:24 +02:00
|
|
|
|
2021-08-20 19:53:58 +02:00
|
|
|
_mutex.lock();
|
|
|
|
|
2021-08-21 18:28:29 +02:00
|
|
|
for (int i = 0; i < _sessions.size(); ++i) {
|
|
|
|
sm->delete_session(_sessions[i]);
|
2021-08-04 21:29:19 +02:00
|
|
|
}
|
2021-08-20 19:53:58 +02:00
|
|
|
|
|
|
|
_mutex.unlock();
|
2021-08-03 21:10:24 +02:00
|
|
|
}
|
|
|
|
|
2021-08-05 01:19:54 +02:00
|
|
|
void User::handle_request_default(Request *request) {
|
|
|
|
if (request->session) {
|
|
|
|
User *u = dynamic_cast<User *>(request->session->get_object("user"));
|
|
|
|
|
|
|
|
if (u) {
|
|
|
|
u->handle_request(request);
|
|
|
|
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
const std::string &segment = request->get_current_path_segment();
|
|
|
|
|
|
|
|
if (segment == "") {
|
|
|
|
handle_login_request_default(request);
|
|
|
|
|
|
|
|
return;
|
|
|
|
} else if (segment == "login") {
|
|
|
|
handle_login_request_default(request);
|
|
|
|
|
|
|
|
return;
|
|
|
|
} else if (segment == "register") {
|
|
|
|
handle_register_request_default(request);
|
|
|
|
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
handle_login_request_default(request);
|
|
|
|
}
|
|
|
|
|
|
|
|
void User::handle_login_request_default(Request *request) {
|
2021-08-05 17:32:09 +02:00
|
|
|
std::string error_str = "";
|
|
|
|
|
|
|
|
std::string uname_val = "";
|
|
|
|
std::string pass_val = "";
|
|
|
|
|
|
|
|
if (request->get_method() == HTTP_METHOD_POST) {
|
2021-08-20 19:18:26 +02:00
|
|
|
|
|
|
|
//this is probbaly not needed
|
|
|
|
//it's ok for now as I need to test the validators more
|
|
|
|
std::vector<std::string> errors;
|
|
|
|
_login_validator->validate(request, &errors);
|
|
|
|
for (int i = 0; i < errors.size(); ++i) {
|
|
|
|
error_str += errors[i] + "<br>";
|
|
|
|
}
|
|
|
|
//not needed end
|
|
|
|
|
2021-08-05 18:26:11 +02:00
|
|
|
uname_val = request->get_parameter("username");
|
|
|
|
pass_val = request->get_parameter("password");
|
2021-08-05 17:32:09 +02:00
|
|
|
|
2021-08-05 18:26:11 +02:00
|
|
|
User *user = UserManager::get_singleton()->get_user(uname_val);
|
2021-08-05 17:32:09 +02:00
|
|
|
|
2021-08-05 18:26:11 +02:00
|
|
|
if (user) {
|
2021-08-05 19:35:15 +02:00
|
|
|
if (!user->check_password(pass_val)) {
|
|
|
|
error_str += "Invalid username or password!";
|
|
|
|
} else {
|
|
|
|
HTTPSession *session = request->get_or_create_session();
|
|
|
|
|
|
|
|
session->add_object("user", user);
|
2021-08-20 19:53:58 +02:00
|
|
|
|
|
|
|
user->_mutex.lock();
|
2021-08-21 18:28:29 +02:00
|
|
|
user->_sessions.push_back(session->session_id);
|
2021-08-20 19:53:58 +02:00
|
|
|
user->_mutex.unlock();
|
|
|
|
|
2021-08-05 20:03:01 +02:00
|
|
|
user->save();
|
2021-08-05 19:35:15 +02:00
|
|
|
|
|
|
|
request->add_cookie(::Cookie("session_id", session->session_id));
|
|
|
|
|
|
|
|
//todo implement redirect!
|
|
|
|
|
|
|
|
request->body += "Login Success!<br>";
|
|
|
|
|
|
|
|
request->compile_and_send_body();
|
|
|
|
|
|
|
|
return;
|
|
|
|
}
|
2021-08-05 18:26:11 +02:00
|
|
|
} else {
|
2021-08-05 19:35:15 +02:00
|
|
|
error_str += "Invalid username or password!";
|
2021-08-05 18:26:11 +02:00
|
|
|
}
|
2021-08-05 17:32:09 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
HTMLBuilder b;
|
|
|
|
|
2021-08-05 19:35:15 +02:00
|
|
|
b.w("Login");
|
|
|
|
b.br();
|
|
|
|
|
2021-08-05 18:26:11 +02:00
|
|
|
if (error_str.size() != 0) {
|
|
|
|
b.div()->cls("error");
|
|
|
|
|
|
|
|
b.w(error_str);
|
|
|
|
|
|
|
|
b.cdiv();
|
|
|
|
}
|
|
|
|
|
2021-08-05 17:32:09 +02:00
|
|
|
b.div()->cls("login");
|
|
|
|
|
|
|
|
//todo href path helper
|
|
|
|
b.form()->method("POST")->href("/user/login");
|
|
|
|
b.w("Username");
|
|
|
|
b.br();
|
|
|
|
b.input()->type("text")->name("username")->value(uname_val);
|
|
|
|
b.cinput();
|
|
|
|
b.br();
|
|
|
|
b.w("Password");
|
|
|
|
b.br();
|
|
|
|
b.input()->type("password")->name("password");
|
|
|
|
b.cinput();
|
|
|
|
b.br();
|
|
|
|
b.input()->type("submit")->value("Send");
|
|
|
|
b.cinput();
|
|
|
|
b.cform();
|
|
|
|
|
|
|
|
b.cdiv();
|
|
|
|
|
|
|
|
request->body += b.result;
|
2021-08-05 01:19:54 +02:00
|
|
|
|
|
|
|
request->compile_and_send_body();
|
|
|
|
}
|
|
|
|
|
|
|
|
void User::handle_register_request_default(Request *request) {
|
2021-08-05 19:35:15 +02:00
|
|
|
std::string error_str = "";
|
|
|
|
|
|
|
|
std::string uname_val = "";
|
|
|
|
std::string email_val = "";
|
|
|
|
std::string pass_val = "";
|
|
|
|
std::string pass_check_val = "";
|
|
|
|
|
|
|
|
if (request->get_method() == HTTP_METHOD_POST) {
|
2021-08-20 19:18:26 +02:00
|
|
|
|
|
|
|
std::vector<std::string> errors;
|
|
|
|
|
|
|
|
_registration_validator->validate(request, &errors);
|
|
|
|
|
|
|
|
for (int i = 0; i < errors.size(); ++i) {
|
|
|
|
error_str += errors[i] + "<br>";
|
|
|
|
}
|
|
|
|
|
2021-08-05 19:35:15 +02:00
|
|
|
uname_val = request->get_parameter("username");
|
|
|
|
email_val = request->get_parameter("email");
|
|
|
|
pass_val = request->get_parameter("password");
|
|
|
|
pass_check_val = request->get_parameter("password_check");
|
|
|
|
|
|
|
|
//todo username length etc check
|
|
|
|
//todo pw length etc check
|
|
|
|
|
|
|
|
User *user = UserManager::get_singleton()->get_user(uname_val);
|
|
|
|
|
|
|
|
if (user) {
|
|
|
|
error_str += "Username already taken!<br>";
|
|
|
|
}
|
|
|
|
|
|
|
|
UserManager *um = UserManager::get_singleton();
|
|
|
|
|
|
|
|
bool email_found = false;
|
|
|
|
|
|
|
|
for (int i = 0; i < um->_users_vec.size(); ++i) {
|
|
|
|
User *u = um->_users_vec[i];
|
|
|
|
|
|
|
|
if (!u) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2021-08-21 18:28:29 +02:00
|
|
|
if (u->_emailui == email_val) {
|
2021-08-05 19:35:15 +02:00
|
|
|
email_found = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (email_found) {
|
|
|
|
error_str += "Email already in use!<br>";
|
|
|
|
}
|
|
|
|
|
|
|
|
if (pass_val != pass_check_val) {
|
|
|
|
error_str += "The passwords did not match!<br>";
|
|
|
|
}
|
|
|
|
|
|
|
|
if (error_str.size() == 0) {
|
|
|
|
user = UserManager::get_singleton()->create_user();
|
|
|
|
|
2021-08-21 18:28:29 +02:00
|
|
|
user->_nameui = uname_val;
|
|
|
|
user->_emailui = email_val;
|
2021-08-05 19:35:15 +02:00
|
|
|
//todo
|
2021-08-21 18:28:29 +02:00
|
|
|
user->_rank = 1;
|
2021-08-05 19:35:15 +02:00
|
|
|
user->create_password(pass_val);
|
|
|
|
user->save();
|
|
|
|
|
|
|
|
UserManager::get_singleton()->add_user(user);
|
|
|
|
|
|
|
|
HTMLBuilder b;
|
|
|
|
|
|
|
|
b.div()->cls("success");
|
|
|
|
b.w("Registration successful! You can now log in!");
|
|
|
|
b.br();
|
|
|
|
b.a()->href("/user/login");
|
|
|
|
b.w(">> Login <<");
|
|
|
|
b.ca();
|
|
|
|
b.cdiv();
|
|
|
|
|
|
|
|
request->body += b.result;
|
|
|
|
|
|
|
|
request->compile_and_send_body();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
HTMLBuilder b;
|
|
|
|
|
|
|
|
b.w("Registration");
|
|
|
|
b.br();
|
|
|
|
|
|
|
|
if (error_str.size() != 0) {
|
|
|
|
b.div()->cls("error");
|
|
|
|
|
|
|
|
b.w(error_str);
|
|
|
|
|
|
|
|
b.cdiv();
|
|
|
|
}
|
|
|
|
|
|
|
|
b.div()->cls("register");
|
|
|
|
|
|
|
|
//todo href path helper
|
|
|
|
b.form()->method("POST")->href("/user/register");
|
|
|
|
|
|
|
|
b.w("Username");
|
|
|
|
b.br();
|
|
|
|
b.input()->type("text")->name("username")->value(uname_val);
|
|
|
|
b.cinput();
|
|
|
|
b.br();
|
|
|
|
|
|
|
|
b.w("Email");
|
|
|
|
b.br();
|
|
|
|
b.input()->type("email")->name("email")->value(email_val);
|
|
|
|
b.cinput();
|
|
|
|
b.br();
|
|
|
|
|
|
|
|
b.w("Password");
|
|
|
|
b.br();
|
|
|
|
b.input()->type("password")->name("password");
|
|
|
|
b.cinput();
|
|
|
|
b.br();
|
|
|
|
|
|
|
|
b.w("Password again");
|
|
|
|
b.br();
|
|
|
|
b.input()->type("password")->name("password_check");
|
|
|
|
b.cinput();
|
|
|
|
b.br();
|
|
|
|
|
|
|
|
b.input()->type("submit")->value("Register");
|
|
|
|
b.cinput();
|
|
|
|
b.cform();
|
|
|
|
|
|
|
|
b.cdiv();
|
|
|
|
|
|
|
|
request->body += b.result;
|
2021-08-05 01:19:54 +02:00
|
|
|
|
|
|
|
request->compile_and_send_body();
|
|
|
|
}
|
|
|
|
|
|
|
|
void User::handle_request(Request *request) {
|
|
|
|
const std::string &segment = request->get_current_path_segment();
|
2021-08-05 18:26:11 +02:00
|
|
|
|
2021-08-05 01:19:54 +02:00
|
|
|
if (segment == "") {
|
|
|
|
handle_main_page_request(request);
|
|
|
|
} else if (segment == "settings") {
|
|
|
|
handle_settings_request(request);
|
|
|
|
} else if (segment == "password_reset") {
|
|
|
|
handle_password_reset_request(request);
|
|
|
|
} else if (segment == "logout") {
|
|
|
|
handle_logout_request(request);
|
|
|
|
} else if (segment == "delete") {
|
|
|
|
handle_delete_request(request);
|
2021-08-05 19:35:15 +02:00
|
|
|
} else if (segment == "login") {
|
|
|
|
request->body += "You are already logged in.";
|
|
|
|
|
|
|
|
request->compile_and_send_body();
|
|
|
|
} else if (segment == "register") {
|
|
|
|
request->body += "You are already logged in.";
|
|
|
|
|
|
|
|
request->compile_and_send_body();
|
2021-08-05 01:19:54 +02:00
|
|
|
} else {
|
|
|
|
request->send_error(404);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void User::handle_main_page_request(Request *request) {
|
|
|
|
request->body += "handle_main_page_request";
|
|
|
|
|
|
|
|
request->compile_and_send_body();
|
|
|
|
}
|
|
|
|
|
|
|
|
void User::handle_settings_request(Request *request) {
|
2021-08-20 20:32:40 +02:00
|
|
|
|
|
|
|
std::string error_str = "";
|
|
|
|
|
|
|
|
std::string uname_val;
|
|
|
|
std::string email_val;
|
|
|
|
std::string pass_val;
|
|
|
|
std::string pass_check_val;
|
|
|
|
|
|
|
|
if (request->get_method() == HTTP_METHOD_POST) {
|
|
|
|
|
|
|
|
uname_val = request->get_parameter("username");
|
|
|
|
email_val = request->get_parameter("email");
|
|
|
|
pass_val = request->get_parameter("password");
|
|
|
|
pass_check_val = request->get_parameter("password_check");
|
|
|
|
|
|
|
|
bool changed = false;
|
|
|
|
|
|
|
|
std::vector<std::string> errors;
|
|
|
|
|
|
|
|
bool valid = _profile_validator->validate(request, &errors);
|
|
|
|
|
|
|
|
for (int i = 0; i < errors.size(); ++i) {
|
|
|
|
error_str += errors[i] + "<br>";
|
|
|
|
}
|
|
|
|
|
|
|
|
if (valid) {
|
2021-08-21 18:28:29 +02:00
|
|
|
if (uname_val == _nameui) {
|
2021-08-20 20:32:40 +02:00
|
|
|
uname_val = "";
|
|
|
|
}
|
|
|
|
|
2021-08-21 18:28:29 +02:00
|
|
|
if (email_val == _emailui) {
|
2021-08-20 20:32:40 +02:00
|
|
|
email_val = "";
|
|
|
|
}
|
|
|
|
|
|
|
|
if (uname_val != "") {
|
|
|
|
User *user = UserManager::get_singleton()->get_user(uname_val);
|
|
|
|
|
|
|
|
if (user) {
|
|
|
|
error_str += "Username already taken!<br>";
|
|
|
|
} else {
|
|
|
|
//todo sanitize for html special chars!
|
2021-08-21 18:28:29 +02:00
|
|
|
_nameui = uname_val;
|
2021-08-20 20:32:40 +02:00
|
|
|
changed = true;
|
|
|
|
uname_val = "";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (email_val != "") {
|
|
|
|
UserManager *um = UserManager::get_singleton();
|
|
|
|
|
|
|
|
bool email_found = false;
|
|
|
|
|
|
|
|
//todo better way + should be thread safe
|
|
|
|
for (int i = 0; i < um->_users_vec.size(); ++i) {
|
|
|
|
User *u = um->_users_vec[i];
|
|
|
|
|
|
|
|
if (!u) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (u == this) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2021-08-21 18:28:29 +02:00
|
|
|
if (u->_emailui == email_val) {
|
2021-08-20 20:32:40 +02:00
|
|
|
email_found = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (email_found) {
|
|
|
|
error_str += "Email already in use!<br>";
|
|
|
|
} else {
|
|
|
|
//todo sanitize for html special chars!
|
|
|
|
//also send email
|
2021-08-21 18:28:29 +02:00
|
|
|
_emailui = email_val;
|
2021-08-20 20:32:40 +02:00
|
|
|
changed = true;
|
|
|
|
email_val = "";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (pass_val != "") {
|
|
|
|
if (pass_val != pass_check_val) {
|
|
|
|
error_str += "The passwords did not match!<br>";
|
|
|
|
} else {
|
|
|
|
create_password(pass_val);
|
|
|
|
changed = true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (changed) {
|
|
|
|
save();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
HTMLBuilder b;
|
|
|
|
|
|
|
|
b.w("Settings");
|
|
|
|
b.br();
|
|
|
|
|
|
|
|
if (error_str.size() != 0) {
|
|
|
|
b.div()->cls("error");
|
|
|
|
|
|
|
|
b.w(error_str);
|
|
|
|
|
|
|
|
b.cdiv();
|
|
|
|
}
|
|
|
|
|
|
|
|
b.div()->cls("settings");
|
|
|
|
|
|
|
|
//todo href path helper
|
|
|
|
b.form()->method("POST")->href("/user/settings");
|
|
|
|
|
|
|
|
b.w("Username");
|
|
|
|
b.br();
|
2021-08-21 18:28:29 +02:00
|
|
|
b.input()->type("text")->name("username")->placeholder(_nameui)->value(uname_val);
|
2021-08-20 20:32:40 +02:00
|
|
|
b.cinput();
|
|
|
|
b.br();
|
|
|
|
|
|
|
|
b.w("Email");
|
|
|
|
b.br();
|
2021-08-21 18:28:29 +02:00
|
|
|
b.input()->type("email")->name("email")->placeholder(_emailui)->value(email_val);
|
2021-08-20 20:32:40 +02:00
|
|
|
b.cinput();
|
|
|
|
b.br();
|
|
|
|
|
|
|
|
b.w("Password");
|
|
|
|
b.br();
|
|
|
|
b.input()->type("password")->placeholder("*******")->name("password");
|
|
|
|
b.cinput();
|
|
|
|
b.br();
|
|
|
|
|
|
|
|
b.w("Password again");
|
|
|
|
b.br();
|
|
|
|
b.input()->type("password")->placeholder("*******")->name("password_check");
|
|
|
|
b.cinput();
|
|
|
|
b.br();
|
|
|
|
|
|
|
|
b.input()->type("submit")->value("Save");
|
|
|
|
b.cinput();
|
|
|
|
b.cform();
|
|
|
|
|
|
|
|
b.cdiv();
|
|
|
|
|
|
|
|
request->body += b.result;
|
2021-08-05 01:19:54 +02:00
|
|
|
|
|
|
|
request->compile_and_send_body();
|
|
|
|
}
|
|
|
|
void User::handle_password_reset_request(Request *request) {
|
|
|
|
request->body += "handle_password_reset_request";
|
|
|
|
|
|
|
|
request->compile_and_send_body();
|
|
|
|
}
|
|
|
|
void User::handle_logout_request(Request *request) {
|
2021-08-20 19:29:39 +02:00
|
|
|
request->remove_cookie("session_id");
|
2021-08-20 19:53:58 +02:00
|
|
|
|
|
|
|
_mutex.lock();
|
|
|
|
|
2021-08-21 18:28:29 +02:00
|
|
|
for (int i = 0; i < _sessions.size(); ++i) {
|
|
|
|
if (_sessions[i] == request->session->session_id) {
|
|
|
|
_sessions[i] = _sessions[_sessions.size() - 1];
|
|
|
|
_sessions.pop_back();
|
2021-08-20 19:53:58 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
_mutex.unlock();
|
|
|
|
|
|
|
|
save();
|
|
|
|
|
2021-08-20 19:29:39 +02:00
|
|
|
SessionManager::get_singleton()->delete_session(request->session->session_id);
|
|
|
|
request->session = nullptr;
|
|
|
|
|
|
|
|
HTMLBuilder b;
|
|
|
|
b.w("Logout successful!");
|
|
|
|
request->body += b.result;
|
2021-08-05 01:19:54 +02:00
|
|
|
|
|
|
|
request->compile_and_send_body();
|
|
|
|
}
|
|
|
|
void User::handle_delete_request(Request *request) {
|
|
|
|
request->body += "handle_delete_request";
|
|
|
|
|
|
|
|
request->compile_and_send_body();
|
|
|
|
}
|
|
|
|
|
2021-08-20 18:00:50 +02:00
|
|
|
void User::create_validators() {
|
2021-08-20 19:18:26 +02:00
|
|
|
if (!_login_validator) {
|
|
|
|
//Login
|
|
|
|
_login_validator = new FormValidator();
|
|
|
|
|
|
|
|
_login_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
|
|
|
|
FormField *pw = _login_validator->new_field("password", "Password");
|
|
|
|
pw->need_to_exist();
|
|
|
|
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
|
|
|
|
pw->need_minimum_length(5);
|
|
|
|
}
|
2021-08-20 18:00:50 +02:00
|
|
|
|
2021-08-20 19:18:26 +02:00
|
|
|
if (!_registration_validator) {
|
|
|
|
//Registration
|
|
|
|
_registration_validator = new FormValidator();
|
2021-08-20 18:00:50 +02:00
|
|
|
|
2021-08-20 19:18:26 +02:00
|
|
|
_registration_validator->new_field("username", "Username")->need_to_exist()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
|
|
|
|
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
|
2021-08-20 18:00:50 +02:00
|
|
|
|
2021-08-20 19:18:26 +02:00
|
|
|
FormField *pw = _registration_validator->new_field("password", "Password");
|
|
|
|
pw->need_to_exist();
|
|
|
|
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
|
|
|
|
pw->need_minimum_length(5);
|
2021-08-20 18:00:50 +02:00
|
|
|
|
2021-08-20 19:18:26 +02:00
|
|
|
_registration_validator->new_field("password_check", "Password check")->need_to_match("password");
|
2021-08-20 18:00:50 +02:00
|
|
|
|
2021-08-20 19:18:26 +02:00
|
|
|
_registration_validator->new_field("email", "Email")->need_to_exist()->need_to_be_email();
|
|
|
|
}
|
2021-08-20 20:32:40 +02:00
|
|
|
|
|
|
|
if (!_profile_validator) {
|
|
|
|
_profile_validator = new FormValidator();
|
|
|
|
|
|
|
|
_profile_validator->new_field("username", "Username")->ignore_if_not_exists()->need_to_be_alpha_numeric()->need_minimum_length(5)->need_maximum_length(20);
|
|
|
|
_profile_validator->new_field("email", "Email")->ignore_if_not_exists()->need_to_be_email();
|
|
|
|
|
|
|
|
FormField *pw = _profile_validator->new_field("password", "Password");
|
|
|
|
pw->ignore_if_not_exists();
|
|
|
|
pw->need_to_have_lowercase_character()->need_to_have_uppercase_character();
|
|
|
|
pw->need_minimum_length(5);
|
|
|
|
|
|
|
|
_profile_validator->new_field("password_check", "Password check")->ignore_if_other_field_not_exists("password")->need_to_match("password");
|
|
|
|
}
|
2021-08-20 18:00:50 +02:00
|
|
|
}
|
|
|
|
|
2021-08-21 20:15:29 +02:00
|
|
|
std::string User::to_json(rapidjson::Document *into) {
|
|
|
|
rapidjson::Document *document;
|
|
|
|
|
|
|
|
if (into) {
|
|
|
|
document = into;
|
|
|
|
} else {
|
|
|
|
document = new rapidjson::Document();
|
|
|
|
}
|
|
|
|
|
|
|
|
document->SetObject();
|
|
|
|
|
|
|
|
document->AddMember("id", get_id(), document->GetAllocator());
|
|
|
|
|
|
|
|
document->AddMember("name", rapidjson::Value(_nameui.c_str(), document->GetAllocator()), document->GetAllocator());
|
|
|
|
document->AddMember("email", rapidjson::Value(_emailui.c_str(), document->GetAllocator()), document->GetAllocator());
|
|
|
|
document->AddMember("rank", _rank, document->GetAllocator());
|
|
|
|
document->AddMember("pre_salt", rapidjson::Value(_pre_salt.c_str(), document->GetAllocator()), document->GetAllocator());
|
|
|
|
document->AddMember("post_salt", rapidjson::Value(_post_salt.c_str(), document->GetAllocator()), document->GetAllocator());
|
|
|
|
document->AddMember("password_hash", rapidjson::Value(_password_hash.c_str(), document->GetAllocator()), document->GetAllocator());
|
|
|
|
document->AddMember("banned", _banned, document->GetAllocator());
|
|
|
|
document->AddMember("password_reset_token", rapidjson::Value(_password_reset_token.c_str(), document->GetAllocator()), document->GetAllocator());
|
|
|
|
document->AddMember("locked", _locked, document->GetAllocator());
|
|
|
|
|
|
|
|
rapidjson::Value sa(rapidjson::Type::kArrayType);
|
|
|
|
rapidjson::Document::AllocatorType &allocator = document->GetAllocator();
|
|
|
|
|
|
|
|
for (int i = 0; i < _sessions.size(); i++) {
|
|
|
|
sa.PushBack(rapidjson::Value(_sessions[i].c_str(), document->GetAllocator()), allocator);
|
|
|
|
}
|
|
|
|
|
|
|
|
document->AddMember("sessions", sa, document->GetAllocator());
|
|
|
|
|
|
|
|
if (into) {
|
|
|
|
return "";
|
|
|
|
}
|
|
|
|
|
|
|
|
rapidjson::StringBuffer buffer;
|
|
|
|
rapidjson::Writer<rapidjson::StringBuffer> writer(buffer);
|
|
|
|
document->Accept(writer);
|
|
|
|
|
|
|
|
std::string s = buffer.GetString();
|
|
|
|
|
|
|
|
delete document;
|
|
|
|
|
|
|
|
return s;
|
|
|
|
}
|
|
|
|
void User::from_json(const std::string &data) {
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2021-07-07 12:20:05 +02:00
|
|
|
User::User() :
|
2021-08-21 16:38:06 +02:00
|
|
|
Resource() {
|
2021-07-07 12:20:05 +02:00
|
|
|
|
2021-08-21 18:28:29 +02:00
|
|
|
_rank = 0;
|
|
|
|
_banned = false;
|
|
|
|
_locked = false;
|
2021-07-07 12:20:05 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
User::~User() {
|
2021-08-04 21:29:19 +02:00
|
|
|
unregister_sessions();
|
2021-07-07 12:20:05 +02:00
|
|
|
}
|
2021-08-20 19:18:26 +02:00
|
|
|
|
|
|
|
FormValidator *User::_login_validator = nullptr;
|
2021-08-20 20:32:40 +02:00
|
|
|
FormValidator *User::_registration_validator = nullptr;
|
|
|
|
FormValidator *User::_profile_validator = nullptr;
|