Implemented a simple registration form, and also login.

2024-11-10 00:52:11 +01:00 · 2021-08-05 19:35:15 +02:00 · 2021-08-05 19:35:15 +02:00 · fb5a059e2e
commit fb5a059e2e
parent 711d1eed6f
2 changed files with 185 additions and 3 deletions
--- a/modules/users/user.cpp
+++ b/modules/users/user.cpp
@ -1,6 +1,8 @@
 #include "user.h"

+#include "core/hash/sha256.h"
 #include "core/html/html_builder.h"
+#include "core/http/cookie.h"
 #include "core/http/http_session.h"
 #include "core/http/request.h"
 #include "core/http/session_manager.h"
@ -29,6 +31,30 @@ void User::changed() {
 void User::update() {
 }

+bool User::check_password(const std::string &p_password) {
+	return hash_password(p_password) == password_hash;
+}
+
+void User::create_password(const std::string &p_password) {
+	//todo improve a bit
+	pre_salt = hash_password(name + email);
+	post_salt = hash_password(email + name);
+
+	password_hash = hash_password(p_password);
+}
+
+std::string User::hash_password(const std::string &p_password) {
+	SHA256 *s = SHA256::get();
+
+	std::string p = pre_salt + p_password + post_salt;
+
+	std::string c = s->compute(p);
+
+	delete s;
+
+	return c;
+}
+
 void User::register_sessions() {
 	if (sessions.size() == 0) {
 		return;
@ -110,14 +136,34 @@ void User::handle_login_request_default(Request *request) {
 		User *user = UserManager::get_singleton()->get_user(uname_val);

 		if (user) {
-			//todo
+			if (!user->check_password(pass_val)) {
+				error_str += "Invalid username or password!";
+			} else {
+				HTTPSession *session = request->get_or_create_session();
+
+				session->add_object("user", user);
+				user->sessions.push_back(session->session_id);
+
+				request->add_cookie(::Cookie("session_id", session->session_id));
+
+				//todo implement redirect!
+
+				request->body += "Login Success!<br>";
+
+				request->compile_and_send_body();
+
+				return;
+			}
 		} else {
-			error_str = "Invalid username or password!";
+			error_str += "Invalid username or password!";
 		}
 	}

 	HTMLBuilder b;

+	b.w("Login");
+	b.br();
+
 	if (error_str.size() != 0) {
 		b.div()->cls("error");

@ -152,7 +198,131 @@ void User::handle_login_request_default(Request *request) {
 }

 void User::handle_register_request_default(Request *request) {
-	request->body += "handle_register_request_default";
+	std::string error_str = "";
+
+	std::string uname_val = "";
+	std::string email_val = "";
+	std::string pass_val = "";
+	std::string pass_check_val = "";
+
+	if (request->get_method() == HTTP_METHOD_POST) {
+		uname_val = request->get_parameter("username");
+		email_val = request->get_parameter("email");
+		pass_val = request->get_parameter("password");
+		pass_check_val = request->get_parameter("password_check");
+
+		//todo username length etc check
+		//todo pw length etc check
+
+		User *user = UserManager::get_singleton()->get_user(uname_val);
+
+		if (user) {
+			error_str += "Username already taken!<br>";
+		}
+
+		UserManager *um = UserManager::get_singleton();
+
+		bool email_found = false;
+
+		for (int i = 0; i < um->_users_vec.size(); ++i) {
+			User *u = um->_users_vec[i];
+
+			if (!u) {
+				continue;
+			}
+
+			if (u->email == email_val) {
+				email_found = true;
+				break;
+			}
+		}
+
+		if (email_found) {
+			error_str += "Email already in use!<br>";
+		}
+
+		if (pass_val != pass_check_val) {
+			error_str += "The passwords did not match!<br>";
+		}
+
+		if (error_str.size() == 0) {
+			user = UserManager::get_singleton()->create_user();
+
+			user->name = uname_val;
+			user->email = email_val;
+			//todo
+			user->rank = 1;
+			user->create_password(pass_val);
+			user->save();
+
+			UserManager::get_singleton()->add_user(user);
+
+			HTMLBuilder b;
+
+			b.div()->cls("success");
+			b.w("Registration successful! You can now log in!");
+			b.br();
+			b.a()->href("/user/login");
+			b.w(">> Login <<");
+			b.ca();
+			b.cdiv();
+
+			request->body += b.result;
+
+			request->compile_and_send_body();
+			return;
+		}
+	}
+
+	HTMLBuilder b;
+
+	b.w("Registration");
+	b.br();
+
+	if (error_str.size() != 0) {
+		b.div()->cls("error");
+
+		b.w(error_str);
+
+		b.cdiv();
+	}
+
+	b.div()->cls("register");
+
+	//todo href path helper
+	b.form()->method("POST")->href("/user/register");
+
+	b.w("Username");
+	b.br();
+	b.input()->type("text")->name("username")->value(uname_val);
+	b.cinput();
+	b.br();
+
+	b.w("Email");
+	b.br();
+	b.input()->type("email")->name("email")->value(email_val);
+	b.cinput();
+	b.br();
+
+	b.w("Password");
+	b.br();
+	b.input()->type("password")->name("password");
+	b.cinput();
+	b.br();
+
+	b.w("Password again");
+	b.br();
+	b.input()->type("password")->name("password_check");
+	b.cinput();
+	b.br();
+
+	b.input()->type("submit")->value("Register");
+	b.cinput();
+	b.cform();
+
+	b.cdiv();
+
+	request->body += b.result;

 	request->compile_and_send_body();
 }
@ -170,6 +340,14 @@ void User::handle_request(Request *request) {
 		handle_logout_request(request);
 	} else if (segment == "delete") {
 		handle_delete_request(request);
+	} else if (segment == "login") {
+		request->body += "You are already logged in.";
+
+		request->compile_and_send_body();
+	} else if (segment == "register") {
+		request->body += "You are already logged in.";
+
+		request->compile_and_send_body();
 	} else {
 		request->send_error(404);
 	}
--- a/modules/users/user.h
+++ b/modules/users/user.h
@ -30,6 +30,10 @@ public:
 	virtual void changed();
 	virtual void update();

+	virtual bool check_password(const std::string &p_password);
+	virtual void create_password(const std::string &p_password);
+	virtual std::string hash_password(const std::string &p_password);
+
 	static void handle_request_default(Request *request);

 	static void handle_login_request_default(Request *request);