Fixing MFA saving issue

2025-10-29 18:02:29 +00:00 · 2021-10-12 14:54:09 -07:00
parent e66a498889
commit 20227b0cd9
9 changed files with 44 additions and 82 deletions
--- a/2
+++ b/2
@@ -1 +1 @@
-40
+42
--- a/src/RESTAPI_AssetServer.cpp
+++ b/src/RESTAPI_AssetServer.cpp
@@ -20,8 +20,7 @@ namespace OpenWifi {
            AssetFile = RESTAPI_Server()->AssetDir() + "/" + AssetName;
        }
        if(!AssetFile.isFile()) {
-            NotFound();
-            return;
+            return NotFound();
        }
        SendFile(AssetFile);
    }
--- a/src/RESTAPI_action_links.cpp
+++ b/src/RESTAPI_action_links.cpp
@@ -19,11 +19,11 @@ namespace OpenWifi {
        auto Id = GetParameter("id","");

        if(Action=="password_reset")
-            RequestResetPassword(Id);
+            return RequestResetPassword(Id);
        else if(Action=="email_verification")
-            DoEmailVerification(Id);
+            return DoEmailVerification(Id);
        else
-            DoReturnA404();
+            return DoReturnA404();
    }

    void RESTAPI_action_links::DoPost() {
@@ -60,8 +60,7 @@ namespace OpenWifi {
                                                                 " accepted password creation restrictions. Please consult our on-line help"
                                                                 " to look at the our password policy. If you would like to contact us, please mention"
                                                                 " id(" + Id + ")"}};
-                SendHTMLFileBack(FormFile,FormVars);
-                return;
+                return SendHTMLFileBack(FormFile,FormVars);
            }

            SecurityObjects::UserInfo   UInfo;
@@ -69,24 +68,21 @@ namespace OpenWifi {
                Poco::File  FormFile{ RESTAPI_Server()->AssetDir() + "/password_reset_error.html"};
                Types::StringPairVec    FormVars{ {"UUID", Id},
                                                  {"ERROR_TEXT", "This request does not contain a valid user ID. Please contact your system administrator."}};
-                SendHTMLFileBack(FormFile,FormVars);
-                return;
+                return SendHTMLFileBack(FormFile,FormVars);
            }

            if(UInfo.blackListed || UInfo.suspended) {
                Poco::File  FormFile{ RESTAPI_Server()->AssetDir() + "/password_reset_error.html"};
                Types::StringPairVec    FormVars{ {"UUID", Id},
                                                  {"ERROR_TEXT", "Please contact our system administrators. We have identified an error in your account that must be resolved first."}};
-                SendHTMLFileBack(FormFile,FormVars);
-                return;
+                return SendHTMLFileBack(FormFile,FormVars);
            }

            if(!AuthService()->SetPassword(Password1,UInfo)) {
                Poco::File  FormFile{ RESTAPI_Server()->AssetDir() + "/password_reset_error.html"};
                Types::StringPairVec    FormVars{ {"UUID", Id},
                                                  {"ERROR_TEXT", "You cannot reuse one of your recent passwords."}};
-                SendHTMLFileBack(FormFile,FormVars);
-                return;
+                return SendHTMLFileBack(FormFile,FormVars);
            }
            Storage()->UpdateUserInfo(UInfo.email,Id,UInfo);
            Poco::File  FormFile{ RESTAPI_Server()->AssetDir() + "/password_reset_success.html"};
@@ -107,8 +103,7 @@ namespace OpenWifi {
            Types::StringPairVec FormVars{{"UUID",       Id},
                                          {"ERROR_TEXT", "This does not appear to be a valid email verification link.."}};
            Poco::File FormFile{RESTAPI_Server()->AssetDir() + "/email_verification_error.html"};
-            SendHTMLFileBack(FormFile, FormVars);
-            return;
+            return SendHTMLFileBack(FormFile, FormVars);
        }

        UInfo.waitingForEmailCheck = false;
--- a/src/RESTAPI_avatarHandler.cpp
+++ b/src/RESTAPI_avatarHandler.cpp
@@ -33,8 +33,7 @@ namespace OpenWifi {
        SecurityObjects::UserInfo UInfo;

        if (Id.empty() || !Storage()->GetUserById(Id, UInfo)) {
-            NotFound();
-            return;
+            return NotFound();
        }

        //  if there is an avatar, just remove it...
@@ -62,14 +61,12 @@ namespace OpenWifi {
    void RESTAPI_avatarHandler::DoGet() {
        std::string Id = GetBinding(RESTAPI::Protocol::ID, "");
        if (Id.empty()) {
-            NotFound();
-            return;
+            return NotFound();
        }
        Poco::TemporaryFile TempAvatar;
        std::string Type, Name;
        if (!Storage()->GetAvatar(UserInfo_.userinfo.email, Id, TempAvatar, Type, Name)) {
-            NotFound();
-            return;
+            return NotFound();
        }
        SendFile(TempAvatar, Type, Name);
    }
@@ -77,12 +74,10 @@ namespace OpenWifi {
    void RESTAPI_avatarHandler::DoDelete() {
        std::string Id = GetBinding(RESTAPI::Protocol::ID, "");
        if (Id.empty()) {
-            NotFound();
-            return;
+            return NotFound();
        }
        if (!Storage()->DeleteAvatar(UserInfo_.userinfo.email, Id)) {
-            NotFound();
-            return;
+            return NotFound();
        }
        OK();
    }
--- a/src/RESTAPI_email_handler.cpp
+++ b/src/RESTAPI_email_handler.cpp
@@ -25,11 +25,9 @@ namespace OpenWifi {
            Attrs[SUBJECT] = Obj->get("subject").toString();
            Attrs[TEXT] = Obj->get("text").toString();
            if(SMTPMailerService()->SendMessage(Recipients->get(0).toString(), "password_reset.txt", Attrs)) {
-                OK();
-                return;
+                return OK();
            }
-            ReturnStatus(Poco::Net::HTTPResponse::HTTP_SERVICE_UNAVAILABLE);
-            return;
+            return ReturnStatus(Poco::Net::HTTPResponse::HTTP_SERVICE_UNAVAILABLE);
        }
        BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
    }
--- a/src/RESTAPI_system_command.cpp
+++ b/src/RESTAPI_system_command.cpp
@@ -41,8 +41,7 @@ namespace OpenWifi {
 								Poco::format("Setting log level for %s at %s", Name, Value));
 						}
 					}
-					OK();
-					return;
+					return OK();
 				}
 			} else if (Command == RESTAPI::Protocol::GETLOGLEVELS) {
 				auto CurrentLogLevels = Daemon()->GetLogLevels();
@@ -55,8 +54,7 @@ namespace OpenWifi {
 					Array.add(Pair);
 				}
 				Result.set(RESTAPI::Protocol::TAGLIST, Array);
-				ReturnObject(Result);
-				return;
+				return ReturnObject(Result);
 			} else if (Command == RESTAPI::Protocol::GETLOGLEVELNAMES) {
 				Poco::JSON::Object Result;
 				Poco::JSON::Array LevelNamesArray;
@@ -64,8 +62,7 @@ namespace OpenWifi {
 				for (const auto &i : LevelNames)
 					LevelNamesArray.add(i);
 				Result.set(RESTAPI::Protocol::LIST, LevelNamesArray);
-				ReturnObject(Result);
-				return;
+				return ReturnObject(Result);
 			} else if (Command == RESTAPI::Protocol::GETSUBSYSTEMNAMES) {
 				Poco::JSON::Object Result;
 				Poco::JSON::Array LevelNamesArray;
@@ -73,8 +70,7 @@ namespace OpenWifi {
 				for (const auto &i : SubSystemNames)
 					LevelNamesArray.add(i);
 				Result.set(RESTAPI::Protocol::LIST, LevelNamesArray);
-				ReturnObject(Result);
-				return;
+				return ReturnObject(Result);
 			} else if (Command == RESTAPI::Protocol::STATS) {

 			} else if (Command == RESTAPI::Protocol::RELOAD) {
@@ -95,12 +91,10 @@ namespace OpenWifi {
 					 });
 					ReloadThread.detach();
 				}
-				OK();
-				return;
+				return OK();
 			}
 		} else {
-			BadRequest(RESTAPI::Errors::InvalidCommand);
-			return;
+			return BadRequest(RESTAPI::Errors::InvalidCommand);
 		}
 		BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 	}
@@ -138,8 +132,7 @@ namespace OpenWifi {
 			    }
 			}
 			Answer.set("certificates", Certificates);
-			ReturnObject(Answer);
-			return;
+			return ReturnObject(Answer);
 		}
 		BadRequest(RESTAPI::Errors::InvalidCommand);
 	}
--- a/src/RESTAPI_user_handler.cpp
+++ b/src/RESTAPI_user_handler.cpp
@@ -14,14 +14,12 @@ namespace OpenWifi {
    void RESTAPI_user_handler::DoGet() {
        std::string Id = GetBinding("id", "");
        if(Id.empty()) {
-            BadRequest(RESTAPI::Errors::MissingUserID);
-            return;
+            return BadRequest(RESTAPI::Errors::MissingUserID);
        }

        SecurityObjects::UserInfo   UInfo;
        if(!Storage()->GetUserById(Id,UInfo)) {
-            NotFound();
-            return;
+            return NotFound();
        }
        Poco::JSON::Object  UserInfoObject;
        UInfo.to_json(UserInfoObject);
@@ -31,19 +29,16 @@ namespace OpenWifi {
    void RESTAPI_user_handler::DoDelete() {
        std::string Id = GetBinding("id", "");
        if(Id.empty()) {
-            BadRequest(RESTAPI::Errors::MissingUserID);
-            return;
+            return BadRequest(RESTAPI::Errors::MissingUserID);
        }

        SecurityObjects::UserInfo UInfo;
        if(!Storage()->GetUserById(Id,UInfo)) {
-            NotFound();
-            return;
+            return NotFound();
        }

        if(!Storage()->DeleteUser(UserInfo_.userinfo.email,Id)) {
-            NotFound();
-            return;
+            return NotFound();
        }

        if(AuthService()->DeleteUserFromCache(UInfo.email))
@@ -57,28 +52,24 @@ namespace OpenWifi {
    void RESTAPI_user_handler::DoPost() {
        std::string Id = GetBinding("id", "");
        if(Id!="0") {
-            BadRequest(RESTAPI::Errors::IdMustBe0);
-            return;
+            return BadRequest(RESTAPI::Errors::IdMustBe0);
        }

        SecurityObjects::UserInfo   UInfo;
        RESTAPI_utils::from_request(UInfo,*Request);

        if(UInfo.userRole == SecurityObjects::UNKNOWN) {
-            BadRequest(RESTAPI::Errors::InvalidUserRole);
-            return;
+            return BadRequest(RESTAPI::Errors::InvalidUserRole);
        }

        Poco::toLowerInPlace(UInfo.email);
        if(!Utils::ValidEMailAddress(UInfo.email)) {
-            BadRequest(RESTAPI::Errors::InvalidEmailAddress);
-            return;
+            return BadRequest(RESTAPI::Errors::InvalidEmailAddress);
        }

        if(!UInfo.currentPassword.empty()) {
            if(!AuthService()->ValidatePassword(UInfo.currentPassword)) {
-                BadRequest(RESTAPI::Errors::InvalidPassword);
-                return;
+                return BadRequest(RESTAPI::Errors::InvalidPassword);
            }
        }

@@ -87,8 +78,7 @@ namespace OpenWifi {

        if(!Storage()->CreateUser(UInfo.email,UInfo)) {
            Logger_.information(Poco::format("Could not add user '%s'.",UInfo.email));
-            BadRequest(RESTAPI::Errors::RecordNotCreated);
-            return;
+            return BadRequest(RESTAPI::Errors::RecordNotCreated);
        }

        if(GetParameter("email_verification","false")=="true") {
@@ -99,8 +89,7 @@ namespace OpenWifi {

        if(!Storage()->GetUserByEmail(UInfo.email, UInfo)) {
            Logger_.information(Poco::format("User '%s' but not retrieved.",UInfo.email));
-            NotFound();
-            return;
+            return NotFound();
        }

        Poco::JSON::Object  UserInfoObject;
@@ -155,12 +144,10 @@ namespace OpenWifi {
        }
        if(RawObject->has("currentPassword")) {
            if(!AuthService()->ValidatePassword(RawObject->get("currentPassword").toString())) {
-                BadRequest(RESTAPI::Errors::InvalidPassword);
-                return;
+                return BadRequest(RESTAPI::Errors::InvalidPassword);
            }
            if(!AuthService()->SetPassword(RawObject->get("currentPassword").toString(),Existing)) {
-                BadRequest(RESTAPI::Errors::PasswordRejected);
-                return;
+                return BadRequest(RESTAPI::Errors::PasswordRejected);
            }
        }

@@ -181,6 +168,9 @@ namespace OpenWifi {
                if(!NewUser.userTypeProprietaryInfo.mobiles.empty() && !SMSSender()->IsNumberValid(NewUser.userTypeProprietaryInfo.mobiles[0].number)){
                    return BadRequest(RESTAPI::Errors::NeedMobileNumber);
                }
+                if(NewUser.userTypeProprietaryInfo.mfa.enabled && Existing.userTypeProprietaryInfo.mobiles.empty()) {
+                    return BadRequest(RESTAPI::Errors::NeedMobileNumber);
+                }
            } else if(NewUser.userTypeProprietaryInfo.mfa.method=="email") {
                Existing.userTypeProprietaryInfo.mfa.method=NewUser.userTypeProprietaryInfo.mfa.method;
            } else {
@@ -189,15 +179,10 @@ namespace OpenWifi {
        }

        if(Storage()->UpdateUserInfo(UserInfo_.userinfo.email,Id,Existing)) {
-
-            std::cout << "Saved data." << std::endl;
-
            SecurityObjects::UserInfo   NewUserInfo;
            Storage()->GetUserByEmail(UserInfo_.userinfo.email,NewUserInfo);
-
            Poco::JSON::Object  ModifiedObject;
            NewUserInfo.to_json(ModifiedObject);
-
            return ReturnObject(ModifiedObject);
        }
        BadRequest(RESTAPI::Errors::RecordNotUpdated);
--- a/src/RESTAPI_users_handler.cpp
+++ b/src/RESTAPI_users_handler.cpp
@@ -27,8 +27,7 @@ namespace OpenWifi {
                }
                Answer.set(RESTAPI::Protocol::USERS, ArrayObj);
            }
-            ReturnObject(Answer);
-            return;
+            return ReturnObject(Answer);
        } else {
            Types::StringVec IDs = Utils::Split(QB_.Select);
            Poco::JSON::Array ArrayObj;
@@ -46,8 +45,7 @@ namespace OpenWifi {
            }
            Poco::JSON::Object RetObj;
            RetObj.set(RESTAPI::Protocol::USERS, ArrayObj);
-            ReturnObject(RetObj);
-            return;
+            return ReturnObject(RetObj);
        }
    }
 }
--- a/src/RESTAPI_validateToken_handler.cpp
+++ b/src/RESTAPI_validateToken_handler.cpp
@@ -18,11 +18,10 @@ namespace OpenWifi {
                if (AuthService()->IsValidToken(i.second, SecObj.webtoken, SecObj.userinfo)) {
                    Poco::JSON::Object Obj;
                    SecObj.to_json(Obj);
-                    ReturnObject(Obj);
-                    return;
+                    return ReturnObject(Obj);
                }
            }
        }
-        NotFound();
+        return NotFound();
    }
 }