static void member_after_login(CGI *cgi, HASH *evth,
char *mname, char *mnick, char *mid)
{
char tm[LEN_TM_GMT], *p, mmsn[LEN_CK];
mevent_t *evt = (mevent_t*)hash_lookup(evth, "member");
if (!evt) return;
memset(mmsn, 0x0, sizeof(mmsn));
mstr_rand_string(mmsn, sizeof(mmsn));
mutil_getdatetime_gmt(tm, sizeof(tm), "%A, %d-%b-%Y %T GMT", ONE_WEEK);
/*
* set cookie
*/
cgi_cookie_set(cgi, "mname", mname, NULL, SITE_DOMAIN, tm, 1, 0);
cgi_cookie_set(cgi, "mnick", mnick, NULL, SITE_DOMAIN, tm, 1, 0);
neos_url_escape(mnick, &p, NULL);
cgi_cookie_set(cgi, "mnick_esc", p, NULL, SITE_DOMAIN, tm, 1, 0);
free(p);
//cgi_url_escape(mmsn, &p);
cgi_cookie_set(cgi, "mmsn", mmsn, NULL, SITE_DOMAIN, tm, 1, 0);
cgi_cookie_set(cgi, "mid", mid, NULL, SITE_DOMAIN, tm, 1, 0);
hdf_set_value(evt->hdfsnd, "mname", mname);
hdf_set_value(evt->hdfsnd, "mmsn", mmsn);
MEVENT_TRIGGER_NRET(evt, mname, REQ_CMD_MEMBER_UP, FLAGS_NONE);
hdf_set_copy(cgi->hdf, PRE_OUTPUT".mnick", PRE_QUERY".mnick");
hdf_set_copy(cgi->hdf, PRE_OUTPUT".mname", PRE_QUERY".mname");
hdf_set_value(cgi->hdf, PRE_OUTPUT".mmsn", mmsn);
hdf_set_value(cgi->hdf, PRE_OUTPUT".mid", mid);
}
static NEOERR* member_after_login(CGI *cgi, HASH *dbh, char *mname)
{
char tm[LEN_TM_GMT], *p, mmsn[LEN_CK];
mdb_conn *db = hash_lookup(dbh, "main");
NEOERR *err;
memset(mmsn, 0x0, sizeof(mmsn));
mstr_rand_string(mmsn, sizeof(mmsn));
mutil_getdatetime_gmt(tm, sizeof(tm), "%A, %d-%b-%Y %T GMT", ONE_WEEK);
/*
* set cookie
*/
neos_url_escape(mname, &p, NULL);
cgi_cookie_set(cgi, "mname", mname, NULL, SITE_DOMAIN, tm, 1, 0);
cgi_cookie_set(cgi, "mname_esc", p, NULL, SITE_DOMAIN, tm, 1, 0);
cgi_cookie_set(cgi, "mmsn", mmsn, NULL, SITE_DOMAIN, tm, 1, 0);
free(p);
hdf_set_value(cgi->hdf, PRE_OUTPUT".mname", mname);
hdf_set_value(cgi->hdf, PRE_OUTPUT".mmsn", mmsn);
MDB_EXEC(db, NULL, "UPDATE member SET mmsn=$1 WHERE mname=$2",
"ss", mmsn, mname);
return STATUS_OK;
}
static PyObject * p_cgi_cookie_set (PyObject *self, PyObject *args,
PyObject *keywds)
{
CGI *cgi = ((CGIObject *) self)->cgi;
char *name, *value, *path = NULL, *domain = NULL, *time_str = NULL;
int persist = 0;
int secure = 0;
NEOERR *err;
static char *kwlist[] = {"name", "value", "path", "domain", "time_str", "persist", "secure", NULL};
if (!PyArg_ParseTupleAndKeywords(args, keywds, "ss|sssii:cookieSet()", kwlist, &name, &value, &path, &domain, &time_str, &persist, &secure))
return NULL;
err = cgi_cookie_set (cgi, name, value, path, domain, time_str, persist, secure);
if (err) return p_neo_error (err);
Py_INCREF(Py_None);
return Py_None;
}
int main(int argc, char **argv, char **envp)
{
CGI *cgi = NULL;
NEOERR *err;
mdb_conn *conn = NULL;
/* skey, user, pass, return jsoncallback*/
char *s, *u, *p, *r, *jcbk;
/* keeptime(hours) */
int t;
char tm[LEN_TM_GMT];
//sleep(20);
mtc_init("login");
mconfig_parse_file(SITE_CONFIG, &g_cfg);
mutil_wrap_fcgi(argc, argv, envp);
if (mdb_init(&conn, DB_DSN) != MDB_ERR_NONE) {
mtc_err("init db error %s", mdb_get_errmsg(conn));
printf("Content-Type: text/html; charset=UTF-8\r\n\r\n");
printf("{errcode: %d}", SAM_ERR_INIT);
return 1;
}
#ifndef DROP_FCGI
while (FCGI_Accept() >= 0) {
#endif
/*
* cgi init
*/
err = cgi_init(&cgi, NULL);
if (err != STATUS_OK) {
mtc_err("init cgi error");
printf("Content-Type: text/html; charset=UTF-8\r\n\r\n");
printf("{errcode: %d}", SAM_ERR_INIT);
goto opfinish;
}
err = cgi_parse(cgi);
if (err != STATUS_OK) {
mtc_err("parse cgi error");
hdf_set_int_value(cgi->hdf, PRE_OUTPUT".errcode", SAM_ERR_PARSE);
goto opfinish;
}
#if 0
if (mutil_client_attack_cookie(cgi->hdf, "login", 30, 60)) {
mtc_err("client attack");
hdf_set_int_value(cgi->hdf, PRE_OUTPUT".errcode", SAM_ERR_NEEDREST);
goto opfinish;
}
#endif
u = hdf_get_value(cgi->hdf, PRE_COOKIE".samuser", NULL);
s = hdf_get_value(cgi->hdf, PRE_COOKIE".samkey", NULL);
if (s && u) {
if (user_has_login(conn, u, s)) {
hdf_set_copy(cgi->hdf, PRE_OUTPUT".samuser", PRE_COOKIE".samuser");
hdf_set_copy(cgi->hdf, PRE_OUTPUT".samkey", PRE_COOKIE".samkey");
goto done;
}
}
u = hdf_get_value(cgi->hdf, PRE_QUERY".u", NULL);
p = hdf_get_value(cgi->hdf, PRE_QUERY".p", NULL);
if (!u || !p) {
mtc_err("parameter miss %s %s", u, p);
hdf_set_int_value(cgi->hdf, PRE_OUTPUT".errcode", SAM_ERR_NEEDINPUT);
goto opfinish;
}
s = user_login_auth(conn, u, p);
if (!s) {
mtc_err("login error %s %s", u, p);
hdf_set_int_value(cgi->hdf, PRE_OUTPUT".errcode", SAM_ERR_PASSW);
goto opfinish;
}
cgiwrap_write(P3P_HEADER, strlen(P3P_HEADER));
cgi_cookie_set(cgi, "samuser", u, NULL, SITE_DOMAIN, NULL, 1, 0);
cgi_cookie_set(cgi, "samkey", s, NULL, SITE_DOMAIN, NULL, 1, 0);
#if 0
t = hdf_get_int_value(cgi->hdf, PRE_QUERY".t", 0);
mmisc_getdatetime_gmt(tm, sizeof(tm), "%A, %d-%b-%Y %T GMT", 60*60*t);
cgi_cookie_set(cgi, "samkey", s, NULL, SITE_DOMAIN, tm, 1, 0);
#endif
hdf_set_value(cgi->hdf, PRE_OUTPUT".samuser", u);
hdf_set_value(cgi->hdf, PRE_OUTPUT".samkey", s);
free(s);
done:
/*
* TODO set samkey, samuser to app's domain
* DONE this is done by jsonp
*/
hdf_set_value(cgi->hdf, PRE_OUTPUT".success", "1");
opfinish:
if (cgi) {
r = hdf_get_value(cgi->hdf, PRE_QUERY".r", NULL);
if (r) {
cgi_redirect(cgi, r);
} else {
jcbk = hdf_get_value(cgi->hdf, PRE_QUERY".jsoncallback", NULL);
if (jcbk != NULL) {
mjson_execute_hdf(cgi->hdf, jcbk, 0);
} else {
mjson_output_hdf(cgi->hdf, 0);
}
}
#ifdef DEBUG_HDF
hdf_write_file(cgi->hdf, HF_LOG_PATH"hdf.login");
#endif
cgi_destroy(&cgi);
}
#ifndef DROP_FCGI
} /* FCGI_Accept() */
#endif
mdb_destroy(conn);
return 0;
}
