mirror of
https://github.com/eddyem/onionserver.git
synced 2026-01-31 20:35:12 +03:00
little fixes
This commit is contained in:
parent
cf158b6dac
commit
c1873f23ff
10
auth.c
10
auth.c
@ -164,7 +164,7 @@ onion_connection_status auth(_U_ onion_handler *h, onion_request *req, onion_res
|
|||||||
sessinfo *session = qookieSession(req);
|
sessinfo *session = qookieSession(req);
|
||||||
if(!session) DBG("No cookie, need to create\n");
|
if(!session) DBG("No cookie, need to create\n");
|
||||||
else if(!logout){
|
else if(!logout){
|
||||||
onion_response_write0(res, "AuthOK");
|
onion_response_write0(res, AUTH_ANS_AUTHOK);
|
||||||
goto closeconn;
|
goto closeconn;
|
||||||
}
|
}
|
||||||
const char *username = NULL, *passwd = NULL;
|
const char *username = NULL, *passwd = NULL;
|
||||||
@ -174,7 +174,7 @@ onion_connection_status auth(_U_ onion_handler *h, onion_request *req, onion_res
|
|||||||
if(deleteSession(session->sessID))
|
if(deleteSession(session->sessID))
|
||||||
WARNX("Can't delete session with ID=%s from database", session->sessID);
|
WARNX("Can't delete session with ID=%s from database", session->sessID);
|
||||||
}
|
}
|
||||||
onion_response_write0(res, "LogOut");
|
onion_response_write0(res, AUTH_ANS_LOGOUT);
|
||||||
onion_response_add_cookie(res, SESSION_COOKIE_NAME, "clear", 0, "/", NULL, OC_HTTP_ONLY|OC_SECURE);
|
onion_response_add_cookie(res, SESSION_COOKIE_NAME, "clear", 0, "/", NULL, OC_HTTP_ONLY|OC_SECURE);
|
||||||
goto closeconn;
|
goto closeconn;
|
||||||
}else{ // log in
|
}else{ // log in
|
||||||
@ -182,13 +182,13 @@ onion_connection_status auth(_U_ onion_handler *h, onion_request *req, onion_res
|
|||||||
username = getQdata(req, "login");
|
username = getQdata(req, "login");
|
||||||
if(!username){
|
if(!username){
|
||||||
ONION_WARNING("no login field -> need auth");
|
ONION_WARNING("no login field -> need auth");
|
||||||
onion_response_write0(res, "NeedAuth");
|
onion_response_write0(res, AUTH_ANS_NEEDAUTH);
|
||||||
return OCS_CLOSE_CONNECTION;
|
return OCS_CLOSE_CONNECTION;
|
||||||
}
|
}
|
||||||
passwd = getQdata(req, "passwd");
|
passwd = getQdata(req, "passwd");
|
||||||
if(!passwd){
|
if(!passwd){
|
||||||
ONION_WARNING("Trying to enter authenticated area without password");
|
ONION_WARNING("Trying to enter authenticated area without password");
|
||||||
onion_response_write0(res, "No password");
|
onion_response_write0(res, AUTH_ANS_NOPASSWD);
|
||||||
return OCS_FORBIDDEN;
|
return OCS_FORBIDDEN;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -235,7 +235,7 @@ onion_connection_status auth(_U_ onion_handler *h, onion_request *req, onion_res
|
|||||||
sleep(2);
|
sleep(2);
|
||||||
}while(1);
|
}while(1);
|
||||||
onion_response_add_cookie(res, SESSION_COOKIE_NAME, session->sessID, 366*86400, "/", NULL, OC_HTTP_ONLY|OC_SECURE);
|
onion_response_add_cookie(res, SESSION_COOKIE_NAME, session->sessID, 366*86400, "/", NULL, OC_HTTP_ONLY|OC_SECURE);
|
||||||
onion_response_write0(res, "AuthOK");
|
onion_response_write0(res, AUTH_ANS_AUTHOK);
|
||||||
closeconn:
|
closeconn:
|
||||||
freeSessInfo(&session);
|
freeSessInfo(&session);
|
||||||
return OCS_CLOSE_CONNECTION;
|
return OCS_CLOSE_CONNECTION;
|
||||||
|
|||||||
6
auth.h
6
auth.h
@ -24,6 +24,12 @@
|
|||||||
|
|
||||||
#define SESSION_COOKIE_NAME "Acookie"
|
#define SESSION_COOKIE_NAME "Acookie"
|
||||||
|
|
||||||
|
// standard answers to client
|
||||||
|
#define AUTH_ANS_NEEDAUTH "NeedAuth"
|
||||||
|
#define AUTH_ANS_AUTHOK "AuthOK"
|
||||||
|
#define AUTH_ANS_LOGOUT "LogOut"
|
||||||
|
#define AUTH_ANS_NOPASSWD "NoPassword"
|
||||||
|
|
||||||
typedef struct{
|
typedef struct{
|
||||||
char *username; // user name
|
char *username; // user name
|
||||||
char *password; // password hash (SHA512)
|
char *password; // password hash (SHA512)
|
||||||
|
|||||||
@ -7,7 +7,6 @@
|
|||||||
<body onload="auth.init();">
|
<body onload="auth.init();">
|
||||||
<p>Text
|
<p>Text
|
||||||
<p>More text
|
<p>More text
|
||||||
<button onclick="auth.wsinit();">Push me</button>
|
|
||||||
<p>
|
<p>
|
||||||
<div id="wsmsgs"></div>
|
<div id="wsmsgs"></div>
|
||||||
<div id="errmsg" style='background-color: red;'></div>
|
<div id="errmsg" style='background-color: red;'></div>
|
||||||
|
|||||||
41
websockets.c
41
websockets.c
@ -16,6 +16,7 @@
|
|||||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include "auth.h"
|
||||||
#include "websockets.h"
|
#include "websockets.h"
|
||||||
|
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
@ -26,8 +27,14 @@
|
|||||||
|
|
||||||
#define BUFLEN 255
|
#define BUFLEN 255
|
||||||
|
|
||||||
static onion_connection_status websocket_cont(_U_ void *data, onion_websocket *ws, ssize_t dlen){
|
// bit-fields of `data` field (websocket_cont)
|
||||||
|
#define WS_FLAG_NOTAUTHORIZED 1
|
||||||
|
|
||||||
|
TODO: add logout!
|
||||||
|
|
||||||
|
static onion_connection_status websocket_cont(void *data, onion_websocket *ws, ssize_t dlen){
|
||||||
FNAME();
|
FNAME();
|
||||||
|
uint32_t flags = *((uint32_t*)data);
|
||||||
char tmp[BUFLEN+1];
|
char tmp[BUFLEN+1];
|
||||||
if(dlen > BUFLEN) dlen = BUFLEN;
|
if(dlen > BUFLEN) dlen = BUFLEN;
|
||||||
|
|
||||||
@ -37,9 +44,30 @@ static onion_connection_status websocket_cont(_U_ void *data, onion_websocket *w
|
|||||||
return OCS_NEED_MORE_DATA;
|
return OCS_NEED_MORE_DATA;
|
||||||
}
|
}
|
||||||
tmp[len] = 0;
|
tmp[len] = 0;
|
||||||
|
//ONION_INFO("Read from websocket: %s (len=%d)", tmp, len);
|
||||||
DBG("WS: got %s", tmp);
|
DBG("WS: got %s", tmp);
|
||||||
onion_websocket_printf(ws, "Echo: %s", tmp);
|
if(flags & WS_FLAG_NOTAUTHORIZED){ // not authorized over websocket
|
||||||
ONION_INFO("Read from websocket: %d: %s", len, tmp);
|
sessinfo *session = NULL;
|
||||||
|
if(strncmp(tmp, "Akey=", 5) == 0){ // got authorized key - check it
|
||||||
|
char *key = tmp + 5;
|
||||||
|
session = getSession(key);
|
||||||
|
/* here we should make a proper check, but for now do simplest */
|
||||||
|
}
|
||||||
|
if(!session){
|
||||||
|
onion_websocket_printf(ws, AUTH_ANS_NEEDAUTH);
|
||||||
|
WARNX("Wrong websocket session ID");
|
||||||
|
return OCS_FORBIDDEN;
|
||||||
|
}
|
||||||
|
flags &= ~WS_FLAG_NOTAUTHORIZED; // clear non-authorized flag
|
||||||
|
return OCS_NEED_MORE_DATA;
|
||||||
|
}
|
||||||
|
char *eq = strchr(tmp, '=');
|
||||||
|
if(eq){
|
||||||
|
*eq++ = 0;
|
||||||
|
onion_websocket_printf(ws, "parameter: '%s', its value: '%s'", tmp, eq);
|
||||||
|
}else{
|
||||||
|
onion_websocket_printf(ws, "Echo: %s", tmp);
|
||||||
|
}
|
||||||
return OCS_NEED_MORE_DATA;
|
return OCS_NEED_MORE_DATA;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -52,8 +80,11 @@ onion_connection_status websocket_run(_U_ void *data, onion_request *req, onion_
|
|||||||
return OCS_PROCESSED;
|
return OCS_PROCESSED;
|
||||||
}
|
}
|
||||||
DBG("WS ready");
|
DBG("WS ready");
|
||||||
green("RDY\n");
|
const char *host = onion_request_get_client_description(req);
|
||||||
onion_websocket_printf(ws, "Hello from server. Write something to echo it");
|
const char *UA = onion_request_get_header(req, "User-Agent");
|
||||||
|
green("Got WS connection from %s (UA: %s)\n", host, UA);
|
||||||
|
uint32_t *flags = calloc(1, 4);
|
||||||
|
onion_websocket_set_userdata(ws, (void*)flags, free);
|
||||||
onion_websocket_set_callback(ws, websocket_cont);
|
onion_websocket_set_callback(ws, websocket_cont);
|
||||||
return OCS_WEBSOCKET;
|
return OCS_WEBSOCKET;
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user