Compare commits
3 Commits
c80a950177
...
683973bd4f
| Author | SHA1 | Date | |
|---|---|---|---|
| 683973bd4f | |||
| 571541b34d | |||
| f560099e38 |
@ -86,7 +86,7 @@ extern "C"
|
||||
auto value = std::string{};
|
||||
auto status = user_db->Get(leveldb::ReadOptions{}, mangle_user_id(user_id), &value);
|
||||
if (!status.ok()) {
|
||||
std::println(stderr, "Failed to login: {}", status.ToString());
|
||||
if (!status.IsNotFound()) std::println(stderr, "Failed to login: {}", status.ToString());
|
||||
return 0;
|
||||
}
|
||||
*result = validate_password(password, value.data());
|
||||
@ -132,7 +132,7 @@ extern "C"
|
||||
if (status.ok()) {
|
||||
*result = std::stoi(value);
|
||||
} else {
|
||||
std::println(stderr, "Failed to get user permission: {}", status.ToString());
|
||||
if (!status.IsNotFound()) std::println(stderr, "Failed to get user permission: {}", status.ToString());
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
|
||||
@ -55,6 +55,8 @@ static int field_get(const char* key, const char* value, size_t valuelen, void*
|
||||
form->user_id = kqm_strndup(value, valuelen);
|
||||
} else if (strcmp(key, "raw_passwd") == 0) {
|
||||
form->raw_passwd = kqm_strndup(value, valuelen);
|
||||
} else if (strcmp(key, "new_passwd") == 0) {
|
||||
form->new_passwd = kqm_strndup(value, valuelen);
|
||||
} else if (strcmp(key, "permission") == 0) {
|
||||
form->permission = kqm_strndup(value, valuelen);
|
||||
}
|
||||
@ -89,10 +91,12 @@ static void impl_repasswd(mg_connection* conn, admin_form_t* form)
|
||||
}
|
||||
|
||||
int result;
|
||||
if (!admin_login(form->password, &result)) {
|
||||
if (!admin_login(form->raw_passwd, &result)) {
|
||||
res_unauth(conn);
|
||||
return;
|
||||
} else if (!result) {
|
||||
res_incorrect(conn);
|
||||
return;
|
||||
}
|
||||
|
||||
if (!set_admin_password(form->new_passwd)) {
|
||||
@ -113,7 +117,17 @@ static void impl_repasswd2(mg_connection* conn, admin_form_t* form)
|
||||
return;
|
||||
}
|
||||
|
||||
int flag = set_user_password(form->user_id, form->new_passwd);
|
||||
int result;
|
||||
int flag = check_user_exists(form->user_id, &result);
|
||||
if (!flag) {
|
||||
res_check_exist_fail(conn);
|
||||
return;
|
||||
} else if (!result) {
|
||||
res_not_exist(conn);
|
||||
return;
|
||||
}
|
||||
|
||||
flag = set_user_password(form->user_id, form->new_passwd);
|
||||
if (!flag) {
|
||||
res_repasswd_fail(conn);
|
||||
} else {
|
||||
@ -147,7 +161,17 @@ static void impl_delete(mg_connection* conn, admin_form_t* form)
|
||||
return;
|
||||
}
|
||||
|
||||
int flag = delete_user(form->user_id);
|
||||
int result;
|
||||
int flag = check_user_exists(form->user_id, &result);
|
||||
if (!flag) {
|
||||
res_check_exist_fail(conn);
|
||||
return;
|
||||
} else if (!result) {
|
||||
res_not_exist(conn);
|
||||
return;
|
||||
}
|
||||
|
||||
flag = delete_user(form->user_id);
|
||||
if (!flag) {
|
||||
res_delete_account_fail(conn);
|
||||
} else {
|
||||
@ -155,6 +179,11 @@ static void impl_delete(mg_connection* conn, admin_form_t* form)
|
||||
}
|
||||
}
|
||||
|
||||
static void impl_auth(mg_connection* conn, admin_form_t* form)
|
||||
{
|
||||
res_auth(conn);
|
||||
}
|
||||
|
||||
|
||||
int admin_handler(mg_connection* conn, void* cbdata)
|
||||
{
|
||||
@ -181,17 +210,20 @@ int admin_handler(mg_connection* conn, void* cbdata)
|
||||
|
||||
mg_handle_form_request(conn, &admin_callback);
|
||||
|
||||
if (form.action && !strcmp(form.action, "login")) {
|
||||
form.token = strdup("");
|
||||
if (!admin_session) {
|
||||
admin_session = strdup("");
|
||||
}
|
||||
|
||||
if (form.action && !strcmp(form.action, "login")) {
|
||||
form.token = strdup(admin_session);
|
||||
}
|
||||
|
||||
if (!form.action) {
|
||||
res_need_action(conn);
|
||||
} else if (!form.token) {
|
||||
res_need_token(conn);
|
||||
} else if (!admin_session || strcmp(form.token, admin_session)) {
|
||||
res_permission_denied(conn);
|
||||
res_auth_fail(conn);
|
||||
} else {
|
||||
if (!strcmp(form.action, "login")) {
|
||||
impl_login(conn, &form);
|
||||
@ -203,6 +235,8 @@ int admin_handler(mg_connection* conn, void* cbdata)
|
||||
impl_permission(conn, &form);
|
||||
} else if (!strcmp(form.action, "delete")) {
|
||||
impl_delete(conn, &form);
|
||||
} else if (!strcmp(form.action, "auth")) {
|
||||
impl_auth(conn, &form);
|
||||
} else {
|
||||
res_bad_action(conn);
|
||||
}
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
#include "server/auth.h"
|
||||
#include "server/response.h"
|
||||
#include "server/types.h"
|
||||
#include "server/util.h"
|
||||
|
||||
|
||||
@ -54,6 +55,60 @@ static int field_get(const char* key, const char* value, size_t valuelen, void*
|
||||
return MG_FORM_FIELD_HANDLE_GET;
|
||||
}
|
||||
|
||||
static void impl_self(mg_connection* conn, const char* user_id, repasswd_form_t* form)
|
||||
{
|
||||
int result;
|
||||
int flag = login(user_id, form->raw_passwd, &result);
|
||||
if (!flag) {
|
||||
res_repasswd_fail(conn);
|
||||
} else {
|
||||
if (result) {
|
||||
flag = set_user_password(user_id, form->new_passwd);
|
||||
if (!flag) {
|
||||
res_repasswd_fail(conn);
|
||||
} else {
|
||||
res_repasswd(conn);
|
||||
}
|
||||
} else {
|
||||
res_incorrect(conn);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
static void impl_others(mg_connection* conn, const char* user_id, repasswd_form_t* form)
|
||||
{
|
||||
int result1, result2;
|
||||
int flag = check_user_exists(user_id, &result1);
|
||||
flag &= check_user_exists(form->user_id, &result2);
|
||||
if (!flag) {
|
||||
res_check_exist_fail(conn);
|
||||
return;
|
||||
}
|
||||
if (!(result1 && result2)) {
|
||||
res_not_exist(conn);
|
||||
return;
|
||||
}
|
||||
|
||||
int perm1, perm2;
|
||||
flag = get_user_permission(user_id, &perm1);
|
||||
flag &= get_user_permission(form->user_id, &perm2);
|
||||
if (!flag) {
|
||||
res_check_permission_fail(conn);
|
||||
return;
|
||||
}
|
||||
|
||||
if (perm1 == 1 && perm2 == 2) {
|
||||
int flag = set_user_password(form->user_id, form->new_passwd);
|
||||
if (!flag) {
|
||||
res_repasswd_fail(conn);
|
||||
} else {
|
||||
res_repasswd(conn);
|
||||
}
|
||||
} else {
|
||||
res_permission_denied(conn);
|
||||
}
|
||||
}
|
||||
|
||||
int user_repasswd_handler(mg_connection* conn, void* cbdata)
|
||||
{
|
||||
const mg_request_info* post_body = mg_get_request_info(conn);
|
||||
@ -97,45 +152,9 @@ int user_repasswd_handler(mg_connection* conn, void* cbdata)
|
||||
char* user_id = get_payload(form.token);
|
||||
|
||||
if (form.user_id && strcmp(user_id, form.user_id)) {
|
||||
int perm1;
|
||||
int flag = get_user_permission(user_id, &perm1);
|
||||
if (!flag) {
|
||||
res_check_permission_fail(conn);
|
||||
}
|
||||
|
||||
int perm2;
|
||||
flag = get_user_permission(form.user_id, &perm2);
|
||||
if (!flag) {
|
||||
res_check_permission_fail(conn);
|
||||
}
|
||||
|
||||
if (perm1 < perm2) {
|
||||
int flag = set_user_password(form.user_id, form.new_passwd);
|
||||
if (!flag) {
|
||||
res_repasswd_fail(conn);
|
||||
} else {
|
||||
res_repasswd(conn);
|
||||
}
|
||||
} else {
|
||||
res_permission_denied(conn);
|
||||
}
|
||||
impl_others(conn, user_id, &form);
|
||||
} else if (form.raw_passwd) {
|
||||
int result;
|
||||
int flag = login(user_id, form.raw_passwd, &result);
|
||||
if (!flag) {
|
||||
res_repasswd_fail(conn);
|
||||
} else {
|
||||
if (result) {
|
||||
flag = set_user_password(user_id, form.new_passwd);
|
||||
if (!flag) {
|
||||
res_repasswd_fail(conn);
|
||||
} else {
|
||||
res_repasswd(conn);
|
||||
}
|
||||
} else {
|
||||
res_incorrect(conn);
|
||||
}
|
||||
}
|
||||
impl_self(conn, user_id, &form);
|
||||
} else {
|
||||
res_need_password(conn);
|
||||
}
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
<v-divider :thickness="10" class="border-opacity-0"></v-divider>
|
||||
|
||||
<v-btn :loading="loading" class="mb-8" color="blue" size="large" type="submit" variant="tonal" block>
|
||||
修改密码
|
||||
修改权限
|
||||
</v-btn>
|
||||
|
||||
</v-form>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user