From 4b90a75a51c3134e18c76bb6a8f75b1d202cb2cb Mon Sep 17 00:00:00 2001 From: amass Date: Thu, 26 Dec 2024 23:10:41 +0800 Subject: [PATCH] add login cookie verify. --- WebApplication/Application.cpp | 7 ++++++- WebApplication/Application.h | 2 +- WebApplication/Restful.cpp | 30 +++++++++++++++++++++++++++--- WebApplication/Restful.h | 2 ++ 4 files changed, 36 insertions(+), 5 deletions(-) diff --git a/WebApplication/Application.cpp b/WebApplication/Application.cpp index 632a6cf..9ef8902 100644 --- a/WebApplication/Application.cpp +++ b/WebApplication/Application.cpp @@ -16,6 +16,7 @@ #include #include #include +#include #include #include #include @@ -90,6 +91,10 @@ void Application::authEvent() { m_loginPageRef = m_navigationBar->addLoginItem(std::move(m_loginPage)); } setInternalPath("/", true); + auto app = Amass::Singleton::instance(); + auto &service = app->authService(); + Wt::Http::Cookie cookie(service.authTokenCookieName(), service.createAuthToken(u)); + setCookie(cookie); } else { m_loginPage = m_navigationBar->removeLoginItem(); LOG(info) << "User logged out."; @@ -167,7 +172,7 @@ void Server::initializeAuthenticationService() { m_passwordService->setStrengthValidator(std::make_unique()); } -const Wt::Auth::AuthService &Server::authService() { +Wt::Auth::AuthService &Server::authService() { return *m_authService; } diff --git a/WebApplication/Application.h b/WebApplication/Application.h index 62e52c7..5dc837d 100644 --- a/WebApplication/Application.h +++ b/WebApplication/Application.h @@ -49,7 +49,7 @@ public: ~Server(); void initializeAuthenticationService(); - const Wt::Auth::AuthService &authService(); + Wt::Auth::AuthService &authService(); const Wt::Auth::PasswordService &passwordService(); protected: diff --git a/WebApplication/Restful.cpp b/WebApplication/Restful.cpp index 86c79f0..0a02dc6 100644 --- a/WebApplication/Restful.cpp +++ b/WebApplication/Restful.cpp @@ -1,22 +1,46 @@ #include "Restful.h" +#include "Application.h" #include "Database/Session.h" +#include +#include #include #include #include #include +#include DBO_INSTANTIATE_TEMPLATES(MyMessage) DbStruct *m_dbStruct; void AuthenticationResource::handleRequest(const Wt::Http::Request &request, Wt::Http::Response &response) { + auto app = Amass::Singleton::instance(); auto session = Database::session(); + auto &service = app->authService(); + + auto enabled = service.authTokenUpdateEnabled(); + boost::scope::scope_exit raii([&enabled, &service] { service.setAuthTokenUpdateEnabled(enabled); }); + service.setAuthTokenUpdateEnabled(false); + Wt::Auth::AuthTokenState state; + Wt::Auth::User user; + if (service.authTokensEnabled()) { + const std::string *token = request.getCookieValue(service.authTokenCookieName()); + if (token != nullptr) { + Wt::Auth::AuthTokenResult result = service.processAuthToken(*token, session->users()); + state = result.state(); + if (state == Wt::Auth::AuthTokenState::Valid) { + user = result.user(); + } + } + } + MyMessage message; + if (user.isValid()) { + message.user = user.identity(Wt::Auth::Identity::LoginName).toUTF8(); + } + LOG(info) << "state: " << (int)state << " " << message.user; response.setMimeType("application/json"); response.addHeader("Server", "Wt"); - - MyMessage message; message.message = "Hello, World!"; - Wt::Dbo::JsonSerializer writer(response.out()); writer.serialize(message); } diff --git a/WebApplication/Restful.h b/WebApplication/Restful.h index 00a7a14..6d335c6 100644 --- a/WebApplication/Restful.h +++ b/WebApplication/Restful.h @@ -9,10 +9,12 @@ class MyMessage { public: std::string message; + std::string user; template void persist(Action &a) { Wt::Dbo::field(a, message, "message"); + Wt::Dbo::field(a, user, "user"); } };