Example #1
0
void EP1_SERVER_respond (const EP1_NET_packet* req, EP1_NET_packet* resp) {
  /* Guarda a linha de requisição do pacote req */
  request_line reqline;
  /* Possível arquivo html mandado em resposta */
  response_file response;
  /* Possível informações do POST */
  post_info postinfo;
  /* Lê a linha de requisição do pacote req */
  parse_reqline(req->data, &reqline);
  /* Verifica se é método GET ou POST */
  if (strcmp(reqline.method, "GET") == 0) {
    /* Caso especial / redireciona para /index.html */
    if (strcmp(reqline.uri, "/") == 0)
      strcat(reqline.uri, "index.html");
    /* Tenta carregar página HTML */
    get_file(reqline.uri, &response);
    /* 200 OK */
    if (response.file != NULL)
      handle_ok(&response, resp);
    /* 404 NOT FOUND */
    else
      handle_notfound(reqline.uri, resp);
  } else if (strcmp(reqline.method, "POST") == 0) {
    /* Pega informações enviadas via POST*/
    get_postinfo(req->data, &postinfo);
    /* E monta a resposta */
    handle_post(&postinfo, resp);
  } else printf("[Método %s não suportado]\n", reqline.method);
}
Example #2
0
bool cookie_auth::process_login(http::request_ptr& http_request_ptr, tcp::connection_ptr& tcp_conn)
{
    // strip off trailing slash if the request has one
    std::string resource(http::server::strip_trailing_slash(http_request_ptr->get_resource()));

    if (resource != m_login && resource != m_logout) {
        return false; // no login processing done
    }

    std::string redirect_url = http_request_ptr->get_query("url");
    std::string new_cookie;
    bool delete_cookie = false;

    if (resource == m_login) {
        // process login
        // check username
        std::string username = http_request_ptr->get_query("user");
        std::string password = http_request_ptr->get_query("pass");

        // match username/password
        user_ptr user=m_user_manager->get_user(username,password);
        if (!user) { // authentication failed, process as in case of failed authentication...
            handle_unauthorized(http_request_ptr,tcp_conn);
            return true;
        }
        // ok we have a new user session, create  a new cookie, add to cache

        // create random cookie
        std::string rand_binary;
        rand_binary.reserve(RANDOM_COOKIE_BYTES);
        for (unsigned int i=0; i<RANDOM_COOKIE_BYTES ; i++) {
            rand_binary += static_cast<unsigned char>(m_random_die());
        }
        algorithm::base64_encode(rand_binary, new_cookie);

        // add new session to cache
        boost::posix_time::ptime time_now(boost::posix_time::second_clock::universal_time());
        boost::mutex::scoped_lock cache_lock(m_cache_mutex);
        m_user_cache.insert(std::make_pair(new_cookie,std::make_pair(time_now,user)));
    } else {
        // process logout sequence
        // if auth cookie presented - clean cache out
        const std::string auth_cookie(http_request_ptr->get_cookie(AUTH_COOKIE_NAME));
        if (! auth_cookie.empty()) {
            boost::mutex::scoped_lock cache_lock(m_cache_mutex);
            user_cache_type::iterator user_cache_itr=m_user_cache.find(auth_cookie);
            if (user_cache_itr!=m_user_cache.end()) {
                m_user_cache.erase(user_cache_itr);
            }
        }
        // and remove cookie from browser
        delete_cookie = true;
    }
    
    // if redirect defined - send redirect
    if (! redirect_url.empty()) {
        handle_redirection(http_request_ptr,tcp_conn,redirect_url,new_cookie,delete_cookie);
    } else {
        // otherwise - OK
        handle_ok(http_request_ptr,tcp_conn,new_cookie,delete_cookie);
    }

    // yes, we processed login/logout somehow
    return true;
}