146 lines
3.7 KiB
C
146 lines
3.7 KiB
C
#include "server/auth.h"
|
|
#include "server/response.h"
|
|
#include "server/util.h"
|
|
|
|
|
|
#include "db/auth.h"
|
|
|
|
#include "jwt/jwt.h"
|
|
|
|
#include <civetweb.h>
|
|
|
|
#include <cjson/cJSON.h>
|
|
|
|
#include <assert.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
|
|
typedef struct
|
|
{
|
|
char* token;
|
|
char* user_id;
|
|
char* raw_passwd;
|
|
char* new_passwd;
|
|
} repasswd_form_t;
|
|
|
|
static void repasswd_form_dtor(repasswd_form_t* form)
|
|
{
|
|
if (form->token) free(form->token);
|
|
if (form->user_id) free(form->user_id);
|
|
if (form->raw_passwd) free(form->raw_passwd);
|
|
if (form->new_passwd) free(form->new_passwd);
|
|
}
|
|
|
|
static int field_found(const char* key, const char* filename, char* path, size_t pathlen, void* user_data)
|
|
{
|
|
return MG_FORM_FIELD_HANDLE_GET;
|
|
}
|
|
|
|
static int field_get(const char* key, const char* value, size_t valuelen, void* user_data)
|
|
{
|
|
repasswd_form_t* form = (repasswd_form_t*)user_data;
|
|
if (strcmp(key, "token") == 0) {
|
|
form->token = kqm_strndup(value, valuelen);
|
|
} else if (strcmp(key, "user_id") == 0) {
|
|
form->user_id = kqm_strndup(value, valuelen);
|
|
} else if (strcmp(key, "raw_passwd") == 0) {
|
|
form->raw_passwd = kqm_strndup(value, valuelen);
|
|
} else if (strcmp(key, "new_passwd") == 0) {
|
|
form->new_passwd = kqm_strndup(value, valuelen);
|
|
}
|
|
if (form->token && form->user_id && form->raw_passwd && form->new_passwd) {
|
|
return MG_FORM_FIELD_HANDLE_ABORT;
|
|
}
|
|
return MG_FORM_FIELD_HANDLE_GET;
|
|
}
|
|
|
|
int user_repasswd_handler(mg_connection* conn, void* cbdata)
|
|
{
|
|
const mg_request_info* post_body = mg_get_request_info(conn);
|
|
|
|
if (post_body == NULL) {
|
|
res_null_req(conn);
|
|
return 1;
|
|
}
|
|
if (strcmp(post_body->request_method, "POST")) {
|
|
res_must_post(conn);
|
|
return 1;
|
|
}
|
|
|
|
repasswd_form_t form = {NULL, NULL, NULL, NULL};
|
|
|
|
mg_form_data_handler repasswd_callback = {
|
|
.field_found = field_found,
|
|
.field_get = field_get,
|
|
.field_store = NULL,
|
|
.user_data = &form,
|
|
};
|
|
|
|
mg_handle_form_request(conn, &repasswd_callback);
|
|
|
|
if (!form.token) {
|
|
res_need_token(conn);
|
|
repasswd_form_dtor(&form);
|
|
return 1;
|
|
}
|
|
if (!form.new_passwd) {
|
|
res_need_password(conn);
|
|
repasswd_form_dtor(&form);
|
|
return 1;
|
|
}
|
|
if (!verify_token(form.token, secret)) {
|
|
res_unauth(conn);
|
|
repasswd_form_dtor(&form);
|
|
return 1;
|
|
}
|
|
|
|
char* user_id = get_payload(form.token);
|
|
|
|
if (form.user_id && strcmp(user_id, form.user_id)) {
|
|
int perm1;
|
|
int flag = get_user_permission(user_id, &perm1);
|
|
if (!flag) {
|
|
res_check_permission_fail(conn);
|
|
}
|
|
|
|
int perm2;
|
|
flag = get_user_permission(form.user_id, &perm2);
|
|
if (!flag) {
|
|
res_check_permission_fail(conn);
|
|
}
|
|
|
|
if (perm1 < perm2) {
|
|
int flag = set_user_password(form.user_id, form.new_passwd);
|
|
if (!flag) {
|
|
res_repasswd_fail(conn);
|
|
} else {
|
|
res_repasswd(conn);
|
|
}
|
|
} else {
|
|
res_permission_denied(conn);
|
|
}
|
|
} else if(form.raw_passwd) {
|
|
int result;
|
|
int flag = login(user_id, form.raw_passwd, &result);
|
|
if (!flag) {
|
|
res_repasswd_fail(conn);
|
|
} else {
|
|
if (result) {
|
|
flag = set_user_password(user_id, form.new_passwd);
|
|
if (!flag) {
|
|
res_repasswd_fail(conn);
|
|
} else {
|
|
res_repasswd(conn);
|
|
}
|
|
} else {
|
|
res_incorrect(conn);
|
|
}
|
|
}
|
|
} else {
|
|
res_need_password(conn);
|
|
}
|
|
free(user_id);
|
|
repasswd_form_dtor(&form);
|
|
return 1;
|
|
}
|