From 438c2f14b6c22ce4fa7cf144d4cb0f6e53327d9d Mon Sep 17 00:00:00 2001 From: keqingmoe Date: Fri, 27 Dec 2024 19:13:20 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E7=94=A8=E6=88=B7=E6=B3=A8?= =?UTF-8?q?=E9=94=80=E5=92=8C=E4=BF=AE=E6=94=B9=E5=AF=86=E7=A0=81=E5=8A=9F?= =?UTF-8?q?=E8=83=BD=EF=BC=8C=E9=87=8D=E6=9E=84=E6=B3=A8=E5=86=8C=E5=A4=84?= =?UTF-8?q?=E7=90=86=E9=80=BB=E8=BE=91=EF=BC=8C=E5=A2=9E=E5=BC=BA=E9=94=99?= =?UTF-8?q?=E8=AF=AF=E5=A4=84=E7=90=86=E5=92=8C=E5=93=8D=E5=BA=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/server/auth/delete.c | 98 +++++++++++-------------- src/server/auth/login.c | 58 +++------------ src/server/auth/logout.c | 122 +++++++++++++++++++++++++++++++ src/server/auth/register.c | 53 +++----------- src/server/auth/repasswd.c | 143 +++++++++++++++++++++++++++++++++++++ 5 files changed, 329 insertions(+), 145 deletions(-) create mode 100644 src/server/auth/logout.c create mode 100644 src/server/auth/repasswd.c diff --git a/src/server/auth/delete.c b/src/server/auth/delete.c index 6cabe2c..8094fb8 100644 --- a/src/server/auth/delete.c +++ b/src/server/auth/delete.c @@ -1,4 +1,5 @@ #include "server/auth.h" +#include "server/response.h" #include "server/util.h" #include "db/auth.h" @@ -16,11 +17,13 @@ typedef struct { char* token; + char* user_id; } delete_form_t; static void delete_form_dtor(delete_form_t* form) { if (form->token) free(form->token); + if (form->user_id) free(form->user_id); } static int field_found(const char* key, const char* filename, char* path, size_t pathlen, void* user_data) @@ -33,35 +36,30 @@ static int field_get(const char* key, const char* value, size_t valuelen, void* delete_form_t* form = (delete_form_t*)user_data; if (strcmp(key, "token") == 0) { form->token = kqm_strndup(value, valuelen); + } else if (strcmp(key, "user_id") == 0) { + form->user_id = kqm_strndup(value, valuelen); + } + if (form->token && form->user_id) { return MG_FORM_FIELD_HANDLE_ABORT; } return MG_FORM_FIELD_HANDLE_GET; } - -int delete_handler(mg_connection* conn, void* cbdata) +int user_delete_handler(mg_connection* conn, void* cbdata) { const mg_request_info* post_body = mg_get_request_info(conn); if (post_body == NULL) { - mg_printf(conn, - "HTTP/1.1 400 Bad Request\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n"); - mg_printf(conn, "{\"error\":\"null request\"}"); + res_null_req(conn); return 1; } if (strcmp(post_body->request_method, "POST")) { - mg_printf(conn, - "HTTP/1.1 405 Method Not Allowed\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n"); - mg_printf(conn, "{\"error\":\"must use post request\"}"); + res_must_post(conn); return 1; } - delete_form_t form = {NULL}; + delete_form_t form = {NULL, NULL}; mg_form_data_handler delete_callback = { .field_found = field_found, @@ -73,60 +71,48 @@ int delete_handler(mg_connection* conn, void* cbdata) mg_handle_form_request(conn, &delete_callback); if (!form.token) { - mg_printf(conn, - "HTTP/1.1 400 Bad Request\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"need token\"}"); + res_need_token(conn); delete_form_dtor(&form); return 1; } - - int result = verify_token(form.token, secret); - if (!result) { - mg_printf(conn, - "HTTP/1.1 401 Unauthorized\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"auth failed\"}"); + if (!verify_token(form.token, secret)) { + res_auth_fail(conn); delete_form_dtor(&form); return 1; } char* user_id = get_payload(form.token); - int flag = check_user_exists(user_id, &result); - if (!flag) { - mg_printf(conn, - "HTTP/1.1 500 Internal Server Error\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"failed to check user existence\"}"); - delete_form_dtor(&form); - return 1; - } else if (!result) { - mg_printf(conn, - "HTTP/1.1 404 Not Found\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"user does not exist\"}"); - delete_form_dtor(&form); - return 1; - } + if (form.user_id && strcmp(user_id, form.user_id)) { + int perm1; + int flag = get_user_permission(user_id, &perm1); + if (!flag) { + res_check_permission_fail(conn); + } - flag = delete_user(user_id); - if (!flag) { - mg_printf(conn, - "HTTP/1.1 500 Internal Server Error\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"failed to delete account\"}"); + int perm2; + flag = get_user_permission(form.user_id, &perm2); + if (!flag) { + res_check_permission_fail(conn); + } + + if (perm1 < perm2) { + int flag = delete_user(form.user_id); + if (!flag) { + res_delete_account_fail(conn); + } else { + res_delete_account(conn); + } + } else { + res_permission_denied(conn); + } } else { - mg_printf(conn, - "HTTP/1.1 200 OK\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"success\":\"delete account success\"}"); + int flag = delete_user(user_id); + if (!flag) { + res_delete_account_fail(conn); + } else { + res_delete_account(conn); + } } free(user_id); delete_form_dtor(&form); diff --git a/src/server/auth/login.c b/src/server/auth/login.c index 5ea2026..be29a62 100644 --- a/src/server/auth/login.c +++ b/src/server/auth/login.c @@ -1,5 +1,6 @@ #include "server/auth.h" #include "server/util.h" +#include "server/response.h" #include "db/auth.h" @@ -45,25 +46,17 @@ static int field_get(const char* key, const char* value, size_t valuelen, void* } -int login_handler(mg_connection* conn, void* cbdata) +int user_login_handler(mg_connection* conn, void* cbdata) { const mg_request_info* post_body = mg_get_request_info(conn); if (post_body == NULL) { - mg_printf(conn, - "HTTP/1.1 400 Bad Request\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n"); - mg_printf(conn, "{\"error\":\"null request\"}"); + res_null_req(conn); return 1; } if (strcmp(post_body->request_method, "POST")) { - mg_printf(conn, - "HTTP/1.1 405 Method Not Allowed\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n"); - mg_printf(conn, "{\"error\":\"must use post request\"}"); + res_must_post(conn); return 1; } @@ -79,20 +72,12 @@ int login_handler(mg_connection* conn, void* cbdata) mg_handle_form_request(conn, &login_callback); if (!form.user_id) { - mg_printf(conn, - "HTTP/1.1 400 Bad Request\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"need user_id\"}"); + res_need_user_id(conn); login_form_dtor(&form); return 1; } if (!form.password) { - mg_printf(conn, - "HTTP/1.1 400 Bad Request\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"need password\"}"); + res_need_password(conn); login_form_dtor(&form); return 1; } @@ -100,44 +85,23 @@ int login_handler(mg_connection* conn, void* cbdata) int result; int flag = check_user_exists(form.user_id, &result); if (!flag) { - mg_printf(conn, - "HTTP/1.1 500 Internal Server Error\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"failed to check user existence\"}"); + res_check_exist_fail(conn); login_form_dtor(&form); return 1; } else if (!result) { - mg_printf(conn, - "HTTP/1.1 404 Not Found\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"user does not exist\"}"); + res_not_exist(conn); login_form_dtor(&form); return 1; } flag = login(form.user_id, form.password, &result); if (!flag) { - mg_printf(conn, - "HTTP/1.1 500 Internal Server Error\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"failed to login\"}"); + res_login_fail(conn); } else if (!result) { - mg_printf(conn, - "HTTP/1.1 401 Unauthorized\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"incorrect password or user id\"}"); + res_incorrect(conn); } else { char* token = create_token(form.user_id, secret); - mg_printf(conn, - "HTTP/1.1 200 OK\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"success\":\"login success\", \"token\":\"%s\"}", - token); + res_login(conn, token); free(token); } login_form_dtor(&form); diff --git a/src/server/auth/logout.c b/src/server/auth/logout.c new file mode 100644 index 0000000..bb5345e --- /dev/null +++ b/src/server/auth/logout.c @@ -0,0 +1,122 @@ +#include "server/auth.h" +#include "server/response.h" +#include "server/util.h" + +#include "db/auth.h" + +#include "jwt/jwt.h" + +#include + +#include + +#include +#include +#include + +// typedef struct +// { +// char* token; +// char* user_id; +// } logout_form_t; + +// static void logout_form_dtor(logout_form_t* form) +// { +// if (form->token) free(form->token); +// if (form->user_id) free(form->user_id); +// } + +// static int field_found(const char* key, const char* filename, char* path, size_t pathlen, void* user_data) +// { +// return MG_FORM_FIELD_HANDLE_GET; +// } + +// static int field_get(const char* key, const char* value, size_t valuelen, void* user_data) +// { +// logout_form_t* form = (logout_form_t*)user_data; +// if (strcmp(key, "token") == 0) { +// form->token = kqm_strndup(value, valuelen); +// } else if (strcmp(key, "user_id") == 0) { +// form->user_id = kqm_strndup(value, valuelen); +// } +// if (form->token && form->user_id) { +// return MG_FORM_FIELD_HANDLE_ABORT; +// } +// return MG_FORM_FIELD_HANDLE_GET; +// } + +int user_logout_handler(mg_connection* conn, void* cbdata) +{ + const mg_request_info* post_body = mg_get_request_info(conn); + + if (post_body == NULL) { + res_null_req(conn); + return 1; + } + + if (strcmp(post_body->request_method, "POST")) { + res_must_post(conn); + return 1; + } + + res_logout(conn); + + // logout_form_t form = {NULL, NULL}; + + // mg_form_data_handler logout_callback = { + // .field_found = field_found, + // .field_get = field_get, + // .field_store = NULL, + // .user_data = &form, + // }; + + // mg_handle_form_request(conn, &logout_callback); + + // if (!form.token) { + // res_need_token(conn); + // logout_form_dtor(&form); + // return 1; + // } + // if (!verify_token(form.token, secret)) { + // res_auth_fail(conn); + // logout_form_dtor(&form); + // return 1; + // } + + // char* user_id = get_payload(form.token); + + // if (form.user_id && strcmp(user_id, form.user_id)) { + // int perm1; + // int flag = get_user_permission(user_id, &perm1); + // if (!flag) { + // res_check_permission_fail(conn); + // } + + // int perm2; + // flag = get_user_permission(form.user_id, &perm2); + // if (!flag) { + // res_check_permission_fail(conn); + // } + + // if (perm1 < perm2) { + // int flag = logout_user(form.user_id); + // if (!flag) { + // res_logout_fail(conn); + // } else { + // res_logout(conn); + // } + // } else { + // res_permission_denied(conn); + // } + // } else { + // int flag = logout_user(user_id); + // if (!flag) { + // res_logout_account_fail(conn); + // } else { + // res_logout_account(conn); + // } + // } + // free(user_id); + // logout_form_dtor(&form); + return 1; +} diff --git a/src/server/auth/register.c b/src/server/auth/register.c index 1f32f7f..f7c04d6 100644 --- a/src/server/auth/register.c +++ b/src/server/auth/register.c @@ -1,4 +1,5 @@ #include "server/auth.h" +#include "server/response.h" #include "server/util.h" #include "db/auth.h" @@ -43,25 +44,17 @@ static int field_get(const char* key, const char* value, size_t valuelen, void* } -int register_handler(mg_connection* conn, void* cbdata) +int user_register_handler(mg_connection* conn, void* cbdata) { const mg_request_info* post_body = mg_get_request_info(conn); if (post_body == NULL) { - mg_printf(conn, - "HTTP/1.1 400 Bad Request\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n"); - mg_printf(conn, "{\"error\":\"null request\"}"); + res_null_req(conn); return 1; } if (strcmp(post_body->request_method, "POST")) { - mg_printf(conn, - "HTTP/1.1 405 Method Not Allowed\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n"); - mg_printf(conn, "{\"error\":\"must use post request\"}"); + res_must_post(conn); return 1; } @@ -77,20 +70,12 @@ int register_handler(mg_connection* conn, void* cbdata) mg_handle_form_request(conn, ®ister_callback); if (!form.user_id) { - mg_printf(conn, - "HTTP/1.1 400 Bad Request\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"need user_id\"}"); + res_need_user_id(conn); register_form_dtor(&form); return 1; } if (!form.password) { - mg_printf(conn, - "HTTP/1.1 400 Bad Request\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"need password\"}"); + res_need_password(conn); register_form_dtor(&form); return 1; } @@ -98,36 +83,20 @@ int register_handler(mg_connection* conn, void* cbdata) int result; int flag = check_user_exists(form.user_id, &result); if (!flag) { - mg_printf(conn, - "HTTP/1.1 500 Internal Server Error\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"failed to check user existence\"}"); + res_check_exist_fail(conn); register_form_dtor(&form); return 1; } else if (result) { - mg_printf(conn, - "HTTP/1.1 409 Conflict\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"user already exists\"}"); + res_user_exist(conn); register_form_dtor(&form); return 1; } - flag = set_user_password(form.user_id, form.password); + flag = registe(form.user_id, form.password); if (!flag) { - mg_printf(conn, - "HTTP/1.1 500 Internal Server Error\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"error\":\"failed to register\"}"); + res_register_fail(conn); } else { - mg_printf(conn, - "HTTP/1.1 200 OK\r\n" - "Content-Type: application/json\r\n" - "Access-Control-Allow-Origin: *\r\n\r\n" - "{\"success\":\"registration success\"}"); + res_register(conn); } register_form_dtor(&form); return 1; diff --git a/src/server/auth/repasswd.c b/src/server/auth/repasswd.c new file mode 100644 index 0000000..acab2c8 --- /dev/null +++ b/src/server/auth/repasswd.c @@ -0,0 +1,143 @@ +#include "server/auth.h" +#include "server/response.h" +#include "server/util.h" + + +#include "db/auth.h" + +#include "jwt/jwt.h" + +#include + +#include + +#include +#include +#include + +typedef struct +{ + char* token; + char* user_id; + char* raw_passwd; + char* new_passwd; +} repasswd_form_t; + +static void repasswd_form_dtor(repasswd_form_t* form) +{ + if (form->token) free(form->token); + if (form->user_id) free(form->user_id); +} + +static int field_found(const char* key, const char* filename, char* path, size_t pathlen, void* user_data) +{ + return MG_FORM_FIELD_HANDLE_GET; +} + +static int field_get(const char* key, const char* value, size_t valuelen, void* user_data) +{ + repasswd_form_t* form = (repasswd_form_t*)user_data; + if (strcmp(key, "token") == 0) { + form->token = kqm_strndup(value, valuelen); + } else if (strcmp(key, "user_id") == 0) { + form->user_id = kqm_strndup(value, valuelen); + } else if (strcmp(key, "raw_passwd") == 0) { + form->raw_passwd = kqm_strndup(value, valuelen); + } else if (strcmp(key, "new_passwd") == 0) { + form->new_passwd = kqm_strndup(value, valuelen); + } + if (form->token && form->user_id && form->raw_passwd && form->new_passwd) { + return MG_FORM_FIELD_HANDLE_ABORT; + } + return MG_FORM_FIELD_HANDLE_GET; +} + +int user_repasswd_handler(mg_connection* conn, void* cbdata) +{ + const mg_request_info* post_body = mg_get_request_info(conn); + + if (post_body == NULL) { + res_null_req(conn); + return 1; + } + if (strcmp(post_body->request_method, "POST")) { + res_must_post(conn); + return 1; + } + + repasswd_form_t form = {NULL, NULL, NULL, NULL}; + + mg_form_data_handler repasswd_callback = { + .field_found = field_found, + .field_get = field_get, + .field_store = NULL, + .user_data = &form, + }; + + mg_handle_form_request(conn, &repasswd_callback); + + if (!form.token) { + res_need_token(conn); + repasswd_form_dtor(&form); + return 1; + } + if (!form.new_passwd) { + res_need_password(conn); + repasswd_form_dtor(&form); + return 1; + } + if (!verify_token(form.token, secret)) { + res_auth_fail(conn); + repasswd_form_dtor(&form); + return 1; + } + + char* user_id = get_payload(form.token); + + if (form.user_id && strcmp(user_id, form.user_id)) { + int perm1; + int flag = get_user_permission(user_id, &perm1); + if (!flag) { + res_check_permission_fail(conn); + } + + int perm2; + flag = get_user_permission(form.user_id, &perm2); + if (!flag) { + res_check_permission_fail(conn); + } + + if (perm1 < perm2) { + int flag = set_user_password(form.user_id, form.new_passwd); + if (!flag) { + res_repasswd_fail(conn); + } else { + res_repasswd(conn); + } + } else { + res_permission_denied(conn); + } + } else if(form.raw_passwd) { + int result; + int flag = login(user_id, form.raw_passwd, &result); + if (!flag) { + res_repasswd_fail(conn); + } else { + if (result) { + flag = set_user_password(user_id, form.new_passwd); + if (!flag) { + res_repasswd_fail(conn); + } else { + res_repasswd(conn); + } + } else { + res_incorrect(conn); + } + } + } else { + res_need_password(conn); + } + free(user_id); + repasswd_form_dtor(&form); + return 1; +}