Esempio n. 1
0
User AuthModel::processAuthToken()
{
  WApplication *app = WApplication::instance();
  const WEnvironment& env = app->environment();

  if (baseAuth()->authTokensEnabled()) {
    const std::string *token =
      env.getCookie(baseAuth()->authTokenCookieName());

    if (token) {
      AuthTokenResult result = baseAuth()->processAuthToken(*token, users());

      switch(result.state()) {
      case AuthTokenState::Valid: {
        if (!result.newToken().empty()) {
          /*
           * Only extend the validity from what we had currently.
           */
          app->setCookie(baseAuth()->authTokenCookieName(), result.newToken(),
                         result.newTokenValidity(), "", "", app->environment().urlScheme() == "https");
        }

	return result.user();
      }
      case AuthTokenState::Invalid:
        app->setCookie(baseAuth()->authTokenCookieName(),std::string(), 0, "", "", app->environment().urlScheme() == "https");

	return User();
      }
    }
  }

  return User();
}
Esempio n. 2
0
bool AuthModel::isVisible(Field field) const
{
  if (field == RememberMeField)
    return baseAuth()->authTokensEnabled();
  else
    return WFormModel::isVisible(field);
}
Esempio n. 3
0
void AuthModel::logout(Login& login)
{
  if (login.loggedIn()) {
    if (baseAuth()->authTokensEnabled()) {
      WApplication *app = WApplication::instance();
      app->removeCookie(baseAuth()->authTokenCookieName());

      /*
       * FIXME: it would be nice if we also delete the relevant token
       * from the database!
       */
    }

    login.logout();
  }
}
Esempio n. 4
0
bool FormBaseModel::loginUser(Login& login, User& user, LoginState state)
{
  if (!user.isValid())
    return false;

  if (user.status() == User::Disabled) {
    setValidation
      (LoginNameField,
       WValidator::Result(WValidator::Invalid,
			  WString::tr("Wt.Auth.account-disabled")));

    login.login(user, DisabledLogin);

    return false;
  } else if (baseAuth()->emailVerificationRequired() &&
	     user.email().empty()) {
    setValidation
      (LoginNameField,
       WValidator::Result(WValidator::Invalid,
			  WString::tr("Wt.Auth.email-unverified")));

    login.login(user, DisabledLogin);

    return false;
  } else {
    login.login(user, state);

    return true;
  }  
}
Esempio n. 5
0
void AuthModel::reset()
{
  if (baseAuth()->identityPolicy() == EmailAddressIdentity)
    addField(LoginNameField, WString::tr("Wt.Auth.email-info"));
  else
    addField(LoginNameField, WString::tr("Wt.Auth.user-name-info"));

  addField(PasswordField, WString::tr("Wt.Auth.password-info"));

  int days = baseAuth()->authTokenValidity() / 24 / 60;

  WString info;
  if (days % 7 != 0)
    info = WString::tr("Wt.Auth.remember-me-info.days").arg(days);
  else
    info = WString::tr("Wt.Auth.remember-me-info.weeks").arg(days/7);

  addField(RememberMeField, info);
  setValidation(RememberMeField, WValidator::Result(WValidator::Valid, info));
}
Esempio n. 6
0
void AuthModel::setRememberMeCookie(const User& user)
{
  WApplication *app = WApplication::instance();
  const AuthService *s = baseAuth();

  app->setCookie(s->authTokenCookieName(),
		 s->createAuthToken(user),
		 s->authTokenValidity() * 60,
		 s->authTokenCookieDomain(),
		 "",
		 app->environment().urlScheme() == "https");
}
Esempio n. 7
0
bool AuthModel::login(Login& login)
{
  if (valid()) {
    User user = users().findWithIdentity(Identity::LoginName,
					 valueText(LoginNameField));
    boost::any v = value(RememberMeField);
    const AuthService *s = baseAuth();
    if (loginUser(login, user)) {
      reset();

      if (!v.empty() && boost::any_cast<bool>(v) == true) {
	WApplication *app = WApplication::instance();
	app->setCookie(s->authTokenCookieName(),
		       s->createAuthToken(user),
		       s->authTokenValidity() * 60);
      }

      return true;
    } else
      return false;
  } else
    return false;
}
Esempio n. 8
0
EmailTokenResult AuthModel::processEmailToken(const std::string& token)
{
  return baseAuth()->processEmailToken(token, users());
}
Esempio n. 9
0
EXPORT_C CUrl* CUrl::ResolveL(CUrl& aBaseUrl, CUrl& aRelativeUrl)
//
//	Based on the relative parsing algorithm in RFC2396
	{
	//	Return copy of aRelativeUrl if aBaseUrl is empty
	if (aBaseUrl.UrlDes().Compare(KNullDesC)==0)
		return aRelativeUrl.AllocL();

	TPtrC relativeUrl(aRelativeUrl.UrlDes());

	TPtrC relPath(aRelativeUrl.Component(EUrlPath));
	TPtrC relAuth(aRelativeUrl.Component(EUrlAuthority));
	TPtrC relScheme(aRelativeUrl.Component(EUrlScheme));
	TPtrC relQuery(aRelativeUrl.Component(EUrlQuery));
	TPtrC relFragment(aRelativeUrl.Component(EUrlFragment));

	if (relScheme.Length() > 0)
		{
		// LOOPHOLE in RFC 1630 if schemes match then remove the scheme from the relative url
		if (aBaseUrl.UrlDes().FindF(relScheme) == 0)
			relativeUrl.Set(relativeUrl.Mid(relScheme.Length() + 1)); // remove the ':' as well
		else // the relative url is absolute
			return NewL(relativeUrl);
		}

	TBool useBaseAuth = ETrue;
	TBool useRelQuery = ETrue;
	TPtrC basePath(aBaseUrl.Component(EUrlPath));
	HBufC* resolvedPath = NULL;
	if (relPath.Compare(KNullDesC)==0 && relAuth.Compare(KNullDesC)==0 
		&& relScheme.Compare(KNullDesC)==0 && relQuery.Compare(KNullDesC)==0) // relative URL could just be a fragment
		{
		// Use current document url (assume that it is aBaseUrl), including query, then add relative URL fragment
		useRelQuery = EFalse;
		resolvedPath = basePath.AllocLC();
		}
	else if (relativeUrl.Find(KUrlLoc) == 0) // relative url is a network path
		{
		// Set resolved path to be the relative path
		useBaseAuth = EFalse;
		resolvedPath = relPath.AllocLC();
		}	
	else if (relPath.Locate('/') == 0) // relative url is an absolute path
		{
		resolvedPath = relPath.AllocLC();
		}
	else 
		{
		//	Do path resolution, merge the base path and relative path
		if (relPath.Length() != 0)
			// if the relative path is a query or fragment then shouldn't strip the document from the basePath
			{
			TInt endBasePath = basePath.LocateReverse('/');
			if (endBasePath != KErrNotFound)
				basePath.Set(basePath.Left(endBasePath + 1)); // keep the '/' 
			else
				basePath.Set(_L("/"));	//	Create path of just '/'
			}
		//	Resolve relative path against base path
		resolvedPath = HBufC::NewLC(relPath.Length() + basePath.Length());
		TRelativePaths relativePaths(basePath, relPath, resolvedPath->Des());
		relativePaths.ResolveRelativePaths();
		}

	// put the url together
	TPtrC baseScheme(aBaseUrl.Component(EUrlScheme));
	TPtrC baseAuth(aBaseUrl.Component(EUrlAuthority));
	TPtrC baseQuery(aBaseUrl.Component(EUrlQuery));

	HBufC* resolvedUrl = HBufC::NewLC(aBaseUrl.UrlDes().Length()  
										 + relativeUrl.Length()
										 + KUrlColon().Length() 
										 + KUrlLoc().Length()
										 + KUrlQMark().Length()
										 + KUrlHash().Length()
										 + 1); // this will be long enough - extra 1 just in case basePath was empty
	TPtr resolvedBuf = resolvedUrl->Des();

	if (baseScheme.Length() > 0)
		{
		resolvedBuf.Append(baseScheme);
		resolvedBuf.Append(KUrlColon);
		}

	resolvedBuf.Append(KUrlLoc);	

	if (useBaseAuth && baseAuth.Length() >0)
		{
		resolvedBuf.Append(baseAuth);
		}
	else if (relAuth.Length() > 0)
		{
		resolvedBuf.Append(relAuth);
		}

	resolvedBuf.Append(*resolvedPath);

	if (useRelQuery && relQuery.Length() >0)
		{
		resolvedBuf.Append(KUrlQMark);
		resolvedBuf.Append(relQuery);
		}
	else if (!useRelQuery && baseQuery.Length() >0)
		{
		resolvedBuf.Append(KUrlQMark);
		resolvedBuf.Append(baseQuery);
		}

	if (relFragment.Length() >0)
		{
		resolvedBuf.Append(KUrlHash);
		resolvedBuf.Append(relFragment);
		}

	CUrl * url = CUrl::NewL(*resolvedUrl);
	CleanupStack::PopAndDestroy(2); // resolvedUrl, resolvedPath

	return url;
	}