Beispiel #1
0
/*
 * If requested via GET, serves the login page.
 * If requested via POST (form submission), checks password and logs user in.
 */
static void login_handler(struct mg_connection *nc, int ev, void *p) {
  struct http_message *hm = (struct http_message *) p;
  if (mg_vcmp(&hm->method, "POST") != 0) {
    /* Serve login.html */
    mg_serve_http(nc, (struct http_message *) p, s_http_server_opts);
  } else {
    /* Perform password check. */
    char user[50], pass[50];
    int ul = mg_get_http_var(&hm->body, "user", user, sizeof(user));
    int pl = mg_get_http_var(&hm->body, "pass", pass, sizeof(pass));
    if (ul > 0 && pl > 0) {
      if (check_pass(user, pass)) {
        struct session *s = create_session(user, hm);
        mg_printf(nc, "HTTP/1.0 302 Found\r\n");
        set_session_cookie(nc, s);
        mg_printf(nc, "Location: /\r\n");
        mg_printf(nc, "\r\nHello, %s!\r\n", s->user);
        fprintf(stderr, "%s logged in, sid %" INT64_X_FMT "\n", s->user, s->id);
      } else {
        mg_printf(nc, "HTTP/1.0 403 Unauthorized\r\n\r\nWrong password.\r\n");
      }
    } else {
      mg_printf(nc, "HTTP/1.0 400 Bad Request\r\n\r\nuser, pass required.\r\n");
    }
    nc->flags |= MG_F_SEND_AND_CLOSE;
  }
  (void) ev;
}
Beispiel #2
0
void session_interface::update_exposed(bool force)
{
	for(data_type::iterator p=data_.begin();p!=data_.end();++p) {
		data_type::iterator p2=data_copy_.find(p->first);
		if(p->second.exposed && (force || p2==data_copy_.end() || !p2->second.exposed || p->second.value!=p2->second.value)){
			set_session_cookie(cookie_age(),p->second.value,p->first);
		}
		else if(!p->second.exposed && ((p2!=data_copy_.end() && p2->second.exposed) || force)) {
			set_session_cookie(-1,"",p->first);
		}
	}
	for(data_type::iterator p=data_copy_.begin();p!=data_copy_.end();++p) {
		if(p->second.exposed && data_.find(p->first)==data_.end()) {
			set_session_cookie(-1,"",p->first);
		}
	}
}
Beispiel #3
0
void session_interface::save()
{
	if(storage_.get()==NULL || !loaded_ || saved_)
		return;
	check();
	new_session_  = data_copy_.empty() && !data_.empty();
	if(data_.empty()) {
		if(get_session_cookie()!="")
			storage_->clear(*this);
		update_exposed(true);
		return;
	}

	time_t now = time(NULL);

	bool force_update=false;
	if(data_==data_copy_) {
		if(how_==fixed) {
			return;
		}
		if(how_==renew || how_==browser) {
			int64_t delta=now + timeout_val_ - timeout_in_;
			if(delta < timeout_val_ * 0.1) {// Less then 10% -- no renew need
				return;
			}
		}
		force_update=true;
	}

	string ar;
	save_data(data_,ar);
	
	temp_cookie_.clear();
	storage_->save(*this,ar,session_age(),new_session_,on_server_);
	set_session_cookie(cookie_age(),temp_cookie_);
	temp_cookie_.clear();

	update_exposed(force_update);	
	saved_=true;
}
Beispiel #4
0
void session_interface::save()
{
    if(storage.get()==NULL || saved)
        return;
    check();
    new_session  = data_copy.empty() && !data.empty();
    if(data.empty()) {
        if(get_session_cookie()!="")
            storage->clear(this);
        update_exposed();
        return;
    }

    time_t now = time(NULL);

    if(data==data_copy) {
        if(how==fixed) {
            return;
        }
        if(how==renew || how==browser) {
            int64_t delta=now + timeout_val - timeout_in;
            if(delta < timeout_val * 0.1) {// Less then 10% -- no renew need
                return;
            }
        }
    }

    string ar;
    save_data(data,ar);

    temp_cookie.clear();
    storage->save(this,ar,session_age(),new_session);
    set_session_cookie(cookie_age(),temp_cookie);
    temp_cookie.clear();

    update_exposed();
    saved=true;
}
static int validate_authentication_session(request_rec *r, modauthopenid_config *s_cfg, opkele::params_t& params, std::string& return_to) {
  // make sure nonce is present
  if(!params.has_param("modauthopenid.nonce")) 
    return show_input(r, s_cfg, modauthopenid::invalid_nonce);

  modauthopenid::MoidConsumer consumer(std::string(s_cfg->db_location), params.get_param("modauthopenid.nonce"), return_to);
  try {
    consumer.id_res(modauthopenid::modauthopenid_message_t(params));
    
    // if no exception raised, check nonce
    if(!consumer.session_exists()) {
      consumer.close();
      return show_input(r, s_cfg, modauthopenid::invalid_nonce); 
    }

    // if we should be using a user specified auth program, run it to see if user is authorized
    if(s_cfg->use_auth_program) {
      std::string username = consumer.get_claimed_id();
      std::string progname = std::string(s_cfg->auth_program);
      modauthopenid::exec_result_t eresult = modauthopenid::exec_auth(progname, username);
      if(eresult != modauthopenid::id_accepted) {
	std::string error = modauthopenid::exec_error_to_string(eresult, progname, username);
	APERR(r, "Error in authentication: %s", error.c_str());	
	consumer.close();
	return show_input(r, s_cfg, modauthopenid::unauthorized);       
      } else {
	APDEBUG(r, "Authenticated %s using %s", username.c_str(), progname.c_str());	
      }
    }

    // Make sure that identity is set to the original one given by the user (in case of delegation
    // this will be different than openid_identifier GET param
    std::string identity;
    if (s_cfg->sso_url && s_cfg->sso_user_base) {
	std::string c_identity = consumer.get_claimed_id();
	if (strstr(c_identity.c_str(), s_cfg->sso_user_base) == c_identity.c_str()) {
		identity = strdup(c_identity.c_str() + strlen(s_cfg->sso_user_base));
	} else {
		std::string error = "SSOUserBase didn't match in the identity";
		APERR(r, "Error in authentication: %s", error.c_str());	
		consumer.close();
		return show_input(r, s_cfg, modauthopenid::unauthorized);       
	}
    } else
    	identity = consumer.get_claimed_id();

    consumer.kill_session();
    consumer.close();

    if(s_cfg->use_cookie) 
      return set_session_cookie(r, s_cfg, params, identity);
      
    // if we're not setting cookie - don't redirect, just show page
    APERR(r, "Setting REMOTE_USER to %s", identity.c_str());
    r->user = apr_pstrdup(r->pool, identity.c_str());
    return DECLINED;
  } catch(opkele::exception &e) {
    APERR(r, "Error in authentication: %s", e.what());
    consumer.close();
    return show_input(r, s_cfg, modauthopenid::unspecified);
  }
};
Beispiel #6
0
void session_interface::clear_session_cookie()
{
	check();
	if(get_session_cookie()!="")
		set_session_cookie(-1,"");
}