From 25bc92a45dc5bb2cae9e4aeb23457b97f72796df Mon Sep 17 00:00:00 2001 From: amass Date: Fri, 3 Jan 2025 22:17:45 +0800 Subject: [PATCH] add auth verify api. --- WebApplication/Application.cpp | 3 +- WebApplication/Restful.cpp | 66 ++++++++++++++++------------------ WebApplication/Restful.h | 10 ++---- 3 files changed, 35 insertions(+), 44 deletions(-) diff --git a/WebApplication/Application.cpp b/WebApplication/Application.cpp index 67cbd0e..ab7e1ad 100644 --- a/WebApplication/Application.cpp +++ b/WebApplication/Application.cpp @@ -122,6 +122,7 @@ void Application::authEvent() { m_loginPage = m_navigationBar->removeLoginItem(); LOG(info) << "User logged out."; } + doJavaScript("if (window.updateAuthStatus) window.updateAuthStatus();"); } void Application::handlePathChange(const std::string &path) { @@ -170,7 +171,7 @@ Server::Server(uint16_t port, const std::string &applicationRoot, const std::str std::bind(&Server::createApplication, this, std::placeholders::_1, false)); m_server->addEntryPoint(Wt::EntryPointType::WidgetSet, std::bind(&Server::createApplication, this, std::placeholders::_1, true), "/wt/app.js"); - m_server->addResource(std::make_shared(), "/auth/verify"); + m_server->addResource(std::make_shared(), "/api/v1/auth/${tag}"); m_server->addResource(std::make_shared(), "/plaintext"); m_server->start(); diff --git a/WebApplication/Restful.cpp b/WebApplication/Restful.cpp index 0a02dc6..e71cc9d 100644 --- a/WebApplication/Restful.cpp +++ b/WebApplication/Restful.cpp @@ -1,6 +1,7 @@ #include "Restful.h" #include "Application.h" #include "Database/Session.h" +#include "model/AuthModel.h" #include #include #include @@ -8,39 +9,44 @@ #include #include #include +#include DBO_INSTANTIATE_TEMPLATES(MyMessage) -DbStruct *m_dbStruct; - void AuthenticationResource::handleRequest(const Wt::Http::Request &request, Wt::Http::Response &response) { + auto tag = request.urlParam("tag"); + LOG(info) << "path: " << request.path() << ", tag: " << tag; + response.setMimeType("application/json"); + MyMessage message; auto app = Amass::Singleton::instance(); - auto session = Database::session(); auto &service = app->authService(); - - auto enabled = service.authTokenUpdateEnabled(); - boost::scope::scope_exit raii([&enabled, &service] { service.setAuthTokenUpdateEnabled(enabled); }); - service.setAuthTokenUpdateEnabled(false); - Wt::Auth::AuthTokenState state; - Wt::Auth::User user; - if (service.authTokensEnabled()) { - const std::string *token = request.getCookieValue(service.authTokenCookieName()); - if (token != nullptr) { - Wt::Auth::AuthTokenResult result = service.processAuthToken(*token, session->users()); - state = result.state(); - if (state == Wt::Auth::AuthTokenState::Valid) { - user = result.user(); + if (tag == "verify") { + auto session = Database::session(); + auto enabled = service.authTokenUpdateEnabled(); + boost::scope::scope_exit raii([&enabled, &service] { service.setAuthTokenUpdateEnabled(enabled); }); + service.setAuthTokenUpdateEnabled(false); + Wt::Auth::AuthTokenState state; + Wt::Auth::User user; + if (service.authTokensEnabled()) { + const std::string *token = request.getCookieValue(service.authTokenCookieName()); + if (token != nullptr) { + Wt::Auth::AuthTokenResult result = service.processAuthToken(*token, session->users()); + state = result.state(); + if (state == Wt::Auth::AuthTokenState::Valid) { + user = result.user(); + } } } + if (user.isValid()) { + message.user = user.identity(Wt::Auth::Identity::LoginName).toUTF8(); + } + LOG(info) << "state: " << (int)state << " " << message.user; + message.message = "Hello, World!"; + message.status = state == Wt::Auth::AuthTokenState::Valid ? 0 : 404; + } else { // logout + response.addHeader("Set-Cookie", std::format("{}=; path={}; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 GMT", + service.authTokenCookieName(), AuthModel::CookiePath)); } - MyMessage message; - if (user.isValid()) { - message.user = user.identity(Wt::Auth::Identity::LoginName).toUTF8(); - } - LOG(info) << "state: " << (int)state << " " << message.user; - response.setMimeType("application/json"); - response.addHeader("Server", "Wt"); - message.message = "Hello, World!"; Wt::Dbo::JsonSerializer writer(response.out()); writer.serialize(message); } @@ -51,15 +57,5 @@ void PlaintextResource::handleRequest(const Wt::Http::Request &request, Wt::Http response.out() << "Hello, World!"; } -int DbStruct::rand() { - return distribution(rng); -} - AuthenticationResource::AuthenticationResource() { -} - -DbStruct::DbStruct(const std::string &db) : rng(clock()), distribution(1, 10000) { - session.setConnection(std::make_unique(db)); - session.mapClass("world"); - session.mapClass("fortune"); -} +} \ No newline at end of file diff --git a/WebApplication/Restful.h b/WebApplication/Restful.h index 6d335c6..47575c6 100644 --- a/WebApplication/Restful.h +++ b/WebApplication/Restful.h @@ -8,11 +8,13 @@ class MyMessage { public: + int status = 0; std::string message; std::string user; template void persist(Action &a) { + Wt::Dbo::field(a, status, "status"); Wt::Dbo::field(a, message, "message"); Wt::Dbo::field(a, user, "user"); } @@ -38,14 +40,6 @@ public: } }; -struct DbStruct { - DbStruct(const std::string &db); - int rand(); - Wt::Dbo::Session session; - std::default_random_engine rng; - std::uniform_int_distribution distribution; -}; - class AuthenticationResource : public Wt::WResource { public: AuthenticationResource();