nas
/
wikipp
Suivre 1
Favoriser 0
Bifurcation 0
Code Tickets 0 Demandes d'ajout 0 Versions 0 Wiki Activité
Fork de wikipp, le moteur de wiki en c++, basé sur cppcms. Le fork ajoute la langue française
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
17 Révisions
1 Branche
Branche: master
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de 'master'
${ noResults }
wikipp/src/users.cpp

users.cpp 4.3KB
Lien permanent Historique Brut

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226 
  1. #include "users.h"

  2. #include "wiki.h"

  3. #include "users_content.h"

  4. #include <sys/time.h>

  5. #include <time.h>

  6. 

  7. #include <cppcms/url_dispatcher.h>

  8. #include <cppcms/cache_interface.h>

  9. #include <cppcms/session_interface.h>

  10. 

  11. #define _(X) ::cppcms::locale::translate(X)

  12. 

  13. namespace content {

  14. login_form::login_form(apps::wiki *_w) :

  15. 	w(_w)

  16. {

  17. 	username.message(_("Username"));

  18. 	password.message(_("Password"));

  19. 	login.value(_("Login"));

  20. 	add(username);

  21. 	add(password);

  22. 	add(login);

  23. 	username.non_empty();

  24. 	password.non_empty();

  25. }

  26. 

  27. bool login_form::validate()

  28. {

  29. 	if(!form::validate())

  30. 		return false;

  31. 	if(w->users.check_login(username.value(),password.value()))

  32. 		return true;

  33. 	password.valid(false);

  34. 	return false;

  35. }

  36. 

  37. 

  38. new_user_form::new_user_form(apps::wiki *_w):

  39. 	w(_w)

  40. {

  41. 	username.message(_("Username"));

  42. 	password1.message(_("Password"));

  43. 	password2.message(_("Confirm"));

  44. 	captcha.message(_("Solve"));

  45. 	submit.value(_("Submit"));

  46. 	add(username);

  47. 	add(password1);

  48. 	add(password2);

  49. 	add(captcha);

  50. 	add(submit);

  51. 	username.non_empty();

  52. 	password1.non_empty();

  53. 	password2.check_equal(password1);

  54. }

  55. 

  56. void new_user_form::generate_captcha()

  57. {

  58. 	struct timeval tv;

  59. 	gettimeofday(&tv,NULL);

  60. 	unsigned seed=tv.tv_usec / 1000 % 100;

  61. 	int num1=rand_r(&seed) % 10+1;

  62. 	int num2=rand_r(&seed) % 10+1;

  63. 	int sol=num1+num2;

  64. 	captcha.help((booster::locale::format("{1} + {2}") % num1 % num2).str());

  65. 	w->session().set("captcha",sol);

  66. 	w->session().age(5*60); // at most 5 minutes

  67. }

  68. 

  69. bool new_user_form::validate()

  70. {

  71. 	if(!form::validate())

  72. 		return false;

  73. 	

  74. 	if(!w->session().is_set("captcha") || captcha.value()!=w->session()["captcha"]) {

  75. 		w->session().erase("captcha");

  76. 		return false;

  77. 	}

  78. 	if(w->users.user_exists(username.value())) {

  79. 		username.error_message(_("This user exists"));

  80. 		username.valid(false);

  81. 		return false;

  82. 	}

  83. 	return true;

  84. }

  85. 

  86. 

  87. } 

  88. 

  89. namespace apps {

  90. 

  91. users::users(wiki &w) :	master(w)

  92. {

  93. 	wi.dispatcher().assign("^/login/?$",&users::login,this);

  94. 	disable_reg=settings().get("wikipp.disable_registration",true);

  95. 	if(!disable_reg){

  96. 		wi.dispatcher().assign("^/register/?$",&users::new_user,this);

  97. 	}

  98. 	reset();

  99. }

  100. 

  101. void users::new_user()

  102. {

  103. 	content::new_user c(&wi);

  104. 	if(request().request_method()=="POST") {

  105. 		c.form.load(context());

  106. 		cppdb::session sql(conn);

  107. 		cppdb::transaction tr(sql);

  108. 		if(c.form.validate()) {

  109. 			sql<<	"INSERT INTO users(username,password) "

  110. 				"VALUES(?,?)"

  111. 				<< c.form.username.value()

  112. 				<< c.form.password1.value()

  113. 				<< cppdb::exec;

  114. 			tr.commit();

  115. 			wi.page.redirect(locale_name);

  116. 			session()["username"]=c.form.username.value();

  117. 			session().expose("username");

  118. 			session().default_age(); // return to default

  119. 			return;

  120. 		}

  121. 		tr.commit();

  122. 	}

  123. 	c.form.generate_captcha();

  124. 	ini(c);

  125. 	render("new_user",c);

  126. }

  127. 

  128. void users::reset()

  129. {

  130. 	auth_done=auth_ok=false;

  131. }

  132. 

  133. std::string users::login_url()

  134. {

  135. 	return wi.root()+"/login/";

  136. }

  137. 

  138. bool users::user_exists(std::string u)

  139. {

  140. 	std::string key="user_exists_"+u;

  141. 	std::string tmp;

  142. 	if(cache().fetch_frame(key,tmp,true)) { // No triggers

  143. 		return true;

  144. 	}

  145. 	cppdb::result r;

  146. 	cppdb::session sql(conn);

  147. 	r=sql<<"SELECT id FROM users WHERE username=?" << u << cppdb::row;

  148. 	if(!r.empty()) {

  149. 		cache().store_frame(key,tmp);

  150. 		return true;

  151. 	}

  152. 	return false;

  153. }

  154. 

  155. void users::login()

  156. {

  157. 	content::login c(&wi);

  158. 	if(request().request_method()=="POST") {

  159. 		c.form.load(context());

  160. 		if(c.form.validate()) {

  161. 			wi.page.redirect(locale_name);

  162. 			session()["username"]=c.form.username.value();

  163. 			session().expose("username");

  164. 			return;

  165. 		}

  166. 	}

  167. 	else {

  168. 		if(auth()) {

  169. 			response().set_redirect_header(request().http_referer());

  170. 			session().clear();

  171. 			return;

  172. 		}

  173. 	}

  174. 	ini(c);

  175. 	if(!disable_reg)

  176. 		c.new_user=wi.root()+"/register/";

  177. 	render("login",c);

  178. }

  179. 

  180. bool users::check_login(std::string u,std::string p)

  181. {

  182. 	if(u.empty() || p.empty())

  183. 		return false;

  184. 	cppdb::result r;

  185. 	cppdb::session sql(conn);

  186. 	r=sql<<	"SELECT password FROM users "

  187. 		"WHERE username=?" << u << cppdb::row;

  188. 	if(r.empty()) {

  189. 		return false;

  190. 	}

  191. 	std::string pass;

  192. 	r>>pass;

  193. 	if(p!=pass)

  194. 		return false;

  195. 	return true;

  196. }

  197. 

  198. bool users::auth()

  199. {

  200. 	if(!auth_done)

  201. 		do_auth();

  202. 	return auth_ok;

  203. }

  204. 

  205. void users::do_auth()

  206. {

  207. 	if(session().is_set("username") && user_exists(session()["username"])) {

  208. 		auth_ok=true;

  209. 	}

  210. 	else {

  211. 		auth_ok=false;

  212. 	}

  213. 	if(auth_ok)

  214. 		username=session()["username"];

  215. 	else

  216. 		username=request().remote_addr();

  217. 	auth_done=true;

  218. }

  219. 

  220. void users::error_forbidden()

  221. {

  222. 	response().set_redirect_header(login_url());

  223. }

  224. 

  225. 

  226. }