nas
/
wikipp
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Fork de wikipp, le moteur de wiki en c++, basé sur cppcms. Le fork ajoute la langue française
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17 Commits
1 Branch
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
wikipp/src/users.cpp

users.cpp 4.3KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226 
  1. #include "users.h"

  2. #include "wiki.h"

  3. #include "users_content.h"

  4. #include <sys/time.h>

  5. #include <time.h>

  6. 

  7. #include <cppcms/url_dispatcher.h>

  8. #include <cppcms/cache_interface.h>

  9. #include <cppcms/session_interface.h>

  10. 

  11. #define _(X) ::cppcms::locale::translate(X)

  12. 

  13. namespace content {

  14. login_form::login_form(apps::wiki *_w) :

  15. 	w(_w)

  16. {

  17. 	username.message(_("Username"));

  18. 	password.message(_("Password"));

  19. 	login.value(_("Login"));

  20. 	add(username);

  21. 	add(password);

  22. 	add(login);

  23. 	username.non_empty();

  24. 	password.non_empty();

  25. }

  26. 

  27. bool login_form::validate()

  28. {

  29. 	if(!form::validate())

  30. 		return false;

  31. 	if(w->users.check_login(username.value(),password.value()))

  32. 		return true;

  33. 	password.valid(false);

  34. 	return false;

  35. }

  36. 

  37. 

  38. new_user_form::new_user_form(apps::wiki *_w):

  39. 	w(_w)

  40. {

  41. 	username.message(_("Username"));

  42. 	password1.message(_("Password"));

  43. 	password2.message(_("Confirm"));

  44. 	captcha.message(_("Solve"));

  45. 	submit.value(_("Submit"));

  46. 	add(username);

  47. 	add(password1);

  48. 	add(password2);

  49. 	add(captcha);

  50. 	add(submit);

  51. 	username.non_empty();

  52. 	password1.non_empty();

  53. 	password2.check_equal(password1);

  54. }

  55. 

  56. void new_user_form::generate_captcha()

  57. {

  58. 	struct timeval tv;

  59. 	gettimeofday(&tv,NULL);

  60. 	unsigned seed=tv.tv_usec / 1000 % 100;

  61. 	int num1=rand_r(&seed) % 10+1;

  62. 	int num2=rand_r(&seed) % 10+1;

  63. 	int sol=num1+num2;

  64. 	captcha.help((booster::locale::format("{1} + {2}") % num1 % num2).str());

  65. 	w->session().set("captcha",sol);

  66. 	w->session().age(5*60); // at most 5 minutes

  67. }

  68. 

  69. bool new_user_form::validate()

  70. {

  71. 	if(!form::validate())

  72. 		return false;

  73. 	

  74. 	if(!w->session().is_set("captcha") || captcha.value()!=w->session()["captcha"]) {

  75. 		w->session().erase("captcha");

  76. 		return false;

  77. 	}

  78. 	if(w->users.user_exists(username.value())) {

  79. 		username.error_message(_("This user exists"));

  80. 		username.valid(false);

  81. 		return false;

  82. 	}

  83. 	return true;

  84. }

  85. 

  86. 

  87. } 

  88. 

  89. namespace apps {

  90. 

  91. users::users(wiki &w) :	master(w)

  92. {

  93. 	wi.dispatcher().assign("^/login/?$",&users::login,this);

  94. 	disable_reg=settings().get("wikipp.disable_registration",true);

  95. 	if(!disable_reg){

  96. 		wi.dispatcher().assign("^/register/?$",&users::new_user,this);

  97. 	}

  98. 	reset();

  99. }

  100. 

  101. void users::new_user()

  102. {

  103. 	content::new_user c(&wi);

  104. 	if(request().request_method()=="POST") {

  105. 		c.form.load(context());

  106. 		cppdb::session sql(conn);

  107. 		cppdb::transaction tr(sql);

  108. 		if(c.form.validate()) {

  109. 			sql<<	"INSERT INTO users(username,password) "

  110. 				"VALUES(?,?)"

  111. 				<< c.form.username.value()

  112. 				<< c.form.password1.value()

  113. 				<< cppdb::exec;

  114. 			tr.commit();

  115. 			wi.page.redirect(locale_name);

  116. 			session()["username"]=c.form.username.value();

  117. 			session().expose("username");

  118. 			session().default_age(); // return to default

  119. 			return;

  120. 		}

  121. 		tr.commit();

  122. 	}

  123. 	c.form.generate_captcha();

  124. 	ini(c);

  125. 	render("new_user",c);

  126. }

  127. 

  128. void users::reset()

  129. {

  130. 	auth_done=auth_ok=false;

  131. }

  132. 

  133. std::string users::login_url()

  134. {

  135. 	return wi.root()+"/login/";

  136. }

  137. 

  138. bool users::user_exists(std::string u)

  139. {

  140. 	std::string key="user_exists_"+u;

  141. 	std::string tmp;

  142. 	if(cache().fetch_frame(key,tmp,true)) { // No triggers

  143. 		return true;

  144. 	}

  145. 	cppdb::result r;

  146. 	cppdb::session sql(conn);

  147. 	r=sql<<"SELECT id FROM users WHERE username=?" << u << cppdb::row;

  148. 	if(!r.empty()) {

  149. 		cache().store_frame(key,tmp);

  150. 		return true;

  151. 	}

  152. 	return false;

  153. }

  154. 

  155. void users::login()

  156. {

  157. 	content::login c(&wi);

  158. 	if(request().request_method()=="POST") {

  159. 		c.form.load(context());

  160. 		if(c.form.validate()) {

  161. 			wi.page.redirect(locale_name);

  162. 			session()["username"]=c.form.username.value();

  163. 			session().expose("username");

  164. 			return;

  165. 		}

  166. 	}

  167. 	else {

  168. 		if(auth()) {

  169. 			response().set_redirect_header(request().http_referer());

  170. 			session().clear();

  171. 			return;

  172. 		}

  173. 	}

  174. 	ini(c);

  175. 	if(!disable_reg)

  176. 		c.new_user=wi.root()+"/register/";

  177. 	render("login",c);

  178. }

  179. 

  180. bool users::check_login(std::string u,std::string p)

  181. {

  182. 	if(u.empty() || p.empty())

  183. 		return false;

  184. 	cppdb::result r;

  185. 	cppdb::session sql(conn);

  186. 	r=sql<<	"SELECT password FROM users "

  187. 		"WHERE username=?" << u << cppdb::row;

  188. 	if(r.empty()) {

  189. 		return false;

  190. 	}

  191. 	std::string pass;

  192. 	r>>pass;

  193. 	if(p!=pass)

  194. 		return false;

  195. 	return true;

  196. }

  197. 

  198. bool users::auth()

  199. {

  200. 	if(!auth_done)

  201. 		do_auth();

  202. 	return auth_ok;

  203. }

  204. 

  205. void users::do_auth()

  206. {

  207. 	if(session().is_set("username") && user_exists(session()["username"])) {

  208. 		auth_ok=true;

  209. 	}

  210. 	else {

  211. 		auth_ok=false;

  212. 	}

  213. 	if(auth_ok)

  214. 		username=session()["username"];

  215. 	else

  216. 		username=request().remote_addr();

  217. 	auth_done=true;

  218. }

  219. 

  220. void users::error_forbidden()

  221. {

  222. 	response().set_redirect_header(login_url());

  223. }

  224. 

  225. 

  226. }