From 571541b34dfc56b97b18e0b7c06dbcae0de0fc97 Mon Sep 17 00:00:00 2001
From: keqingmoe <me@keqing.moe>
Date: Sat, 28 Dec 2024 22:21:20 +0800
Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E7=94=A8=E6=88=B7=E5=AF=86?=
 =?UTF-8?q?=E7=A0=81=E9=87=8D=E7=BD=AE=E5=8A=9F=E8=83=BD=EF=BC=8C=E4=BC=98?=
 =?UTF-8?q?=E5=8C=96=E6=9D=83=E9=99=90=E6=A3=80=E6=9F=A5=E9=80=BB=E8=BE=91?=
 =?UTF-8?q?=EF=BC=8C=E5=A2=9E=E5=BC=BA=E8=BA=AB=E4=BB=BD=E9=AA=8C=E8=AF=81?=
 =?UTF-8?q?=E6=B5=81=E7=A8=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/server/auth/admin.c    | 46 ++++++++++++++++---
 src/server/auth/repasswd.c | 91 ++++++++++++++++++++++----------------
 2 files changed, 92 insertions(+), 45 deletions(-)

diff --git a/src/server/auth/admin.c b/src/server/auth/admin.c
index acf1baf..383181d 100644
--- a/src/server/auth/admin.c
+++ b/src/server/auth/admin.c
@@ -55,6 +55,8 @@ static int field_get(const char* key, const char* value, size_t valuelen, void*
         form->user_id = kqm_strndup(value, valuelen);
     } else if (strcmp(key, "raw_passwd") == 0) {
         form->raw_passwd = kqm_strndup(value, valuelen);
+    } else if (strcmp(key, "new_passwd") == 0) {
+        form->new_passwd = kqm_strndup(value, valuelen);
     } else if (strcmp(key, "permission") == 0) {
         form->permission = kqm_strndup(value, valuelen);
     }
@@ -89,10 +91,12 @@ static void impl_repasswd(mg_connection* conn, admin_form_t* form)
     }
 
     int result;
-    if (!admin_login(form->password, &result)) {
+    if (!admin_login(form->raw_passwd, &result)) {
         res_unauth(conn);
+        return;
     } else if (!result) {
         res_incorrect(conn);
+        return;
     }
 
     if (!set_admin_password(form->new_passwd)) {
@@ -113,7 +117,17 @@ static void impl_repasswd2(mg_connection* conn, admin_form_t* form)
         return;
     }
 
-    int flag = set_user_password(form->user_id, form->new_passwd);
+    int result;
+    int flag = check_user_exists(form->user_id, &result);
+    if (!flag) {
+        res_check_exist_fail(conn);
+        return;
+    } else if (!result) {
+        res_not_exist(conn);
+        return;
+    }
+
+    flag = set_user_password(form->user_id, form->new_passwd);
     if (!flag) {
         res_repasswd_fail(conn);
     } else {
@@ -147,7 +161,17 @@ static void impl_delete(mg_connection* conn, admin_form_t* form)
         return;
     }
 
-    int flag = delete_user(form->user_id);
+    int result;
+    int flag = check_user_exists(form->user_id, &result);
+    if (!flag) {
+        res_check_exist_fail(conn);
+        return;
+    } else if (!result) {
+        res_not_exist(conn);
+        return;
+    }
+
+    flag = delete_user(form->user_id);
     if (!flag) {
         res_delete_account_fail(conn);
     } else {
@@ -155,6 +179,11 @@ static void impl_delete(mg_connection* conn, admin_form_t* form)
     }
 }
 
+static void impl_auth(mg_connection* conn, admin_form_t* form)
+{
+    res_auth(conn);
+}
+
 
 int admin_handler(mg_connection* conn, void* cbdata)
 {
@@ -181,17 +210,20 @@ int admin_handler(mg_connection* conn, void* cbdata)
 
     mg_handle_form_request(conn, &admin_callback);
 
-    if (form.action && !strcmp(form.action, "login")) {
-        form.token    = strdup("");
+    if (!admin_session) {
         admin_session = strdup("");
     }
 
+    if (form.action && !strcmp(form.action, "login")) {
+        form.token = strdup(admin_session);
+    }
+
     if (!form.action) {
         res_need_action(conn);
     } else if (!form.token) {
         res_need_token(conn);
     } else if (!admin_session || strcmp(form.token, admin_session)) {
-        res_permission_denied(conn);
+        res_auth_fail(conn);
     } else {
         if (!strcmp(form.action, "login")) {
             impl_login(conn, &form);
@@ -203,6 +235,8 @@ int admin_handler(mg_connection* conn, void* cbdata)
             impl_permission(conn, &form);
         } else if (!strcmp(form.action, "delete")) {
             impl_delete(conn, &form);
+        } else if (!strcmp(form.action, "auth")) {
+            impl_auth(conn, &form);
         } else {
             res_bad_action(conn);
         }
diff --git a/src/server/auth/repasswd.c b/src/server/auth/repasswd.c
index 056c56d..51d4a86 100644
--- a/src/server/auth/repasswd.c
+++ b/src/server/auth/repasswd.c
@@ -1,5 +1,6 @@
 #include "server/auth.h"
 #include "server/response.h"
+#include "server/types.h"
 #include "server/util.h"
 
 
@@ -54,6 +55,54 @@ static int field_get(const char* key, const char* value, size_t valuelen, void*
     return MG_FORM_FIELD_HANDLE_GET;
 }
 
+static void impl_self(mg_connection* conn, const char* user_id, repasswd_form_t* form)
+{
+    int result;
+    int flag = login(user_id, form->raw_passwd, &result);
+    if (!flag) {
+        res_repasswd_fail(conn);
+    } else {
+        if (result) {
+            flag = set_user_password(user_id, form->new_passwd);
+            if (!flag) {
+                res_repasswd_fail(conn);
+            } else {
+                res_repasswd(conn);
+            }
+        } else {
+            res_incorrect(conn);
+        }
+    }
+}
+
+static void impl_others(mg_connection* conn, const char* user_id, repasswd_form_t* form)
+{
+    int perm1;
+    int flag = get_user_permission(user_id, &perm1);
+    if (!flag) {
+        res_check_permission_fail(conn);
+        return;
+    }
+
+    int perm2;
+    flag = get_user_permission(form->user_id, &perm2);
+    if (!flag) {
+        res_check_permission_fail(conn);
+        return;
+    }
+
+    if (perm1 == 1 && perm2 == 2) {
+        int flag = set_user_password(form->user_id, form->new_passwd);
+        if (!flag) {
+            res_repasswd_fail(conn);
+        } else {
+            res_repasswd(conn);
+        }
+    } else {
+        res_permission_denied(conn);
+    }
+}
+
 int user_repasswd_handler(mg_connection* conn, void* cbdata)
 {
     const mg_request_info* post_body = mg_get_request_info(conn);
@@ -97,45 +146,9 @@ int user_repasswd_handler(mg_connection* conn, void* cbdata)
     char* user_id = get_payload(form.token);
 
     if (form.user_id && strcmp(user_id, form.user_id)) {
-        int perm1;
-        int flag = get_user_permission(user_id, &perm1);
-        if (!flag) {
-            res_check_permission_fail(conn);
-        }
-
-        int perm2;
-        flag = get_user_permission(form.user_id, &perm2);
-        if (!flag) {
-            res_check_permission_fail(conn);
-        }
-
-        if (perm1 < perm2) {
-            int flag = set_user_password(form.user_id, form.new_passwd);
-            if (!flag) {
-                res_repasswd_fail(conn);
-            } else {
-                res_repasswd(conn);
-            }
-        } else {
-            res_permission_denied(conn);
-        }
-    } else if(form.raw_passwd) {
-        int result;
-        int flag = login(user_id, form.raw_passwd, &result);
-        if (!flag) {
-            res_repasswd_fail(conn);
-        } else {
-            if (result) {
-                flag = set_user_password(user_id, form.new_passwd);
-                if (!flag) {
-                    res_repasswd_fail(conn);
-                } else {
-                    res_repasswd(conn);
-                }
-            } else {
-                res_incorrect(conn);
-            }
-        }
+        impl_others(conn, user_id, &form);
+    } else if (form.raw_passwd) {
+        impl_self(conn, user_id, &form);
     } else {
         res_need_password(conn);
     }