void EP1_SERVER_respond (const EP1_NET_packet* req, EP1_NET_packet* resp) { /* Guarda a linha de requisição do pacote req */ request_line reqline; /* Possível arquivo html mandado em resposta */ response_file response; /* Possível informações do POST */ post_info postinfo; /* Lê a linha de requisição do pacote req */ parse_reqline(req->data, &reqline); /* Verifica se é método GET ou POST */ if (strcmp(reqline.method, "GET") == 0) { /* Caso especial / redireciona para /index.html */ if (strcmp(reqline.uri, "/") == 0) strcat(reqline.uri, "index.html"); /* Tenta carregar página HTML */ get_file(reqline.uri, &response); /* 200 OK */ if (response.file != NULL) handle_ok(&response, resp); /* 404 NOT FOUND */ else handle_notfound(reqline.uri, resp); } else if (strcmp(reqline.method, "POST") == 0) { /* Pega informações enviadas via POST*/ get_postinfo(req->data, &postinfo); /* E monta a resposta */ handle_post(&postinfo, resp); } else printf("[Método %s não suportado]\n", reqline.method); }
bool cookie_auth::process_login(http::request_ptr& http_request_ptr, tcp::connection_ptr& tcp_conn) { // strip off trailing slash if the request has one std::string resource(http::server::strip_trailing_slash(http_request_ptr->get_resource())); if (resource != m_login && resource != m_logout) { return false; // no login processing done } std::string redirect_url = http_request_ptr->get_query("url"); std::string new_cookie; bool delete_cookie = false; if (resource == m_login) { // process login // check username std::string username = http_request_ptr->get_query("user"); std::string password = http_request_ptr->get_query("pass"); // match username/password user_ptr user=m_user_manager->get_user(username,password); if (!user) { // authentication failed, process as in case of failed authentication... handle_unauthorized(http_request_ptr,tcp_conn); return true; } // ok we have a new user session, create a new cookie, add to cache // create random cookie std::string rand_binary; rand_binary.reserve(RANDOM_COOKIE_BYTES); for (unsigned int i=0; i<RANDOM_COOKIE_BYTES ; i++) { rand_binary += static_cast<unsigned char>(m_random_die()); } algorithm::base64_encode(rand_binary, new_cookie); // add new session to cache boost::posix_time::ptime time_now(boost::posix_time::second_clock::universal_time()); boost::mutex::scoped_lock cache_lock(m_cache_mutex); m_user_cache.insert(std::make_pair(new_cookie,std::make_pair(time_now,user))); } else { // process logout sequence // if auth cookie presented - clean cache out const std::string auth_cookie(http_request_ptr->get_cookie(AUTH_COOKIE_NAME)); if (! auth_cookie.empty()) { boost::mutex::scoped_lock cache_lock(m_cache_mutex); user_cache_type::iterator user_cache_itr=m_user_cache.find(auth_cookie); if (user_cache_itr!=m_user_cache.end()) { m_user_cache.erase(user_cache_itr); } } // and remove cookie from browser delete_cookie = true; } // if redirect defined - send redirect if (! redirect_url.empty()) { handle_redirection(http_request_ptr,tcp_conn,redirect_url,new_cookie,delete_cookie); } else { // otherwise - OK handle_ok(http_request_ptr,tcp_conn,new_cookie,delete_cookie); } // yes, we processed login/logout somehow return true; }