void WebApplication::action_public_login()
{
const Preferences* const pref = Preferences::instance();
QCryptographicHash md5(QCryptographicHash::Md5);
md5.addData(request().posts["password"].toLocal8Bit());
QString pass = md5.result().toHex();
QString token = request().posts["token"];
bool equalUser = Utils::String::slowEquals(request().posts["username"].toUtf8(), pref->getWebUiUsername().toUtf8());
bool equalPass = Utils::String::slowEquals(pass.toUtf8(), pref->getWebUiPassword().toUtf8());
bool userAuthenticated = equalUser && equalPass;
// check if the provided token matches one of our authentication tokens
bool tokenAuthenticated = pref->isAuthenticationTokenValid(token);
if (tokenAuthenticated || userAuthenticated) {
sessionStart(token);
print(QByteArray("Ok."), Http::CONTENT_TYPE_TXT);
}
else {
QString addr = env().clientAddress.toString();
increaseFailedAttempts();
qDebug("client IP: %s (%d failed attempts)", qPrintable(addr), failedAttempts());
print(QByteArray("Fails."), Http::CONTENT_TYPE_TXT);
}
}
void WebApplication::action_public_login()
{
const Preferences* const pref = Preferences::instance();
QCryptographicHash md5(QCryptographicHash::Md5);
md5.addData(request().posts["password"].toLocal8Bit());
QString pass = md5.result().toHex();
bool equalUser = Utils::String::slowEquals(request().posts["username"].toUtf8(), pref->getWebUiUsername().toUtf8());
bool equalPass = Utils::String::slowEquals(pass.toUtf8(), pref->getWebUiPassword().toUtf8());
if (equalUser && equalPass) {
sessionStart();
print(QByteArray("Ok."), Http::CONTENT_TYPE_TXT);
}
else {
QString addr = env().clientAddress.toString();
increaseFailedAttempts();
qDebug("client IP: %s (%d failed attempts)", qPrintable(addr), failedAttempts());
print(QByteArray("Fails."), Http::CONTENT_TYPE_TXT);
}
}