scottk/wlan-cloud-ucentralsec
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git synced 2025-10-30 18:27:49 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

Fixing internal security token problem

Browse Source
This commit is contained in:
stephb9959
2021-07-18 22:13:10 -07:00
parent c585dc9884
commit 734ce263ee
19 changed files with 181 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
build
View File

@@ -1 +1 @@
6 7

0
data/user1 Normal file
View File

55
src/KafkaManager.cpp
View File

@@ -113,20 +113,22 @@ namespace uCentral {
cppkafka::Consumer Consumer(Config); cppkafka::Consumer Consumer(Config);
Consumer.set_assignment_callback([this](cppkafka::TopicPartitionList& partitions) { Consumer.set_assignment_callback([this](cppkafka::TopicPartitionList& partitions) {
if(partitions.size()>0) { if(!partitions.empty()) {
Logger_.information(Poco::format("Partition assigned: %Lu...", Logger_.information(Poco::format("Partition assigned: %Lu...",
(uint64_t)partitions.front().get_partition())); (uint64_t)partitions.front().get_partition()));
} }
}); });
Consumer.set_revocation_callback([this](const cppkafka::TopicPartitionList& partitions) { Consumer.set_revocation_callback([this](const cppkafka::TopicPartitionList& partitions) {
if(partitions.size()>0) { if(!partitions.empty()) {
Logger_.information(Poco::format("Partition revocation: %Lu...", Logger_.information(Poco::format("Partition revocation: %Lu...",
(uint64_t)partitions.front().get_partition())); (uint64_t)partitions.front().get_partition()));
} }
}); });
bool AutoCommit = Daemon()->ConfigGetBool("ucentral.kafka.auto.commit",false);
auto BatchSize = Daemon()->ConfigGetInt("ucentral.kafka.consumer.batchsize",20);
Types::StringVec Topics; Types::StringVec Topics;
for(const auto &i:Notifiers_) for(const auto &i:Notifiers_)
Topics.push_back(i.first); Topics.push_back(i.first);
@@ -135,28 +137,31 @@ namespace uCentral {
ConsumerRunning_ = true; ConsumerRunning_ = true;
while(ConsumerRunning_) { while(ConsumerRunning_) {
try { try {
cppkafka::Message Msg = Consumer.poll(std::chrono::milliseconds(200)); std::vector<cppkafka::Message> MsgVec = Consumer.poll_batch(BatchSize, std::chrono::milliseconds(200));
if (!Msg) for(auto const &Msg:MsgVec) {
continue; if (!Msg)
if (Msg.get_error()) { continue;
if (!Msg.is_eof()) { if (Msg.get_error()) {
Logger_.error(Poco::format("Error: %s", Msg.get_error().to_string())); if (!Msg.is_eof()) {
} Logger_.error(Poco::format("Error: %s", Msg.get_error().to_string()));
Consumer.commit(Msg); }if(!AutoCommit)
continue; Consumer.async_commit(Msg);
} continue;
SubMutexGuard G(ConsumerMutex_); }
auto It = Notifiers_.find(Msg.get_topic()); SubMutexGuard G(ConsumerMutex_);
if (It != Notifiers_.end()) { auto It = Notifiers_.find(Msg.get_topic());
Types::TopicNotifyFunctionList &FL = It->second; if (It != Notifiers_.end()) {
std::string Key{Msg.get_key()}; Types::TopicNotifyFunctionList &FL = It->second;
std::string Payload{Msg.get_payload()}; std::string Key{Msg.get_key()};
for (auto &F : FL) { std::string Payload{Msg.get_payload()};
std::thread T(F.first, Key, Payload); for (auto &F : FL) {
T.detach(); std::thread T(F.first, Key, Payload);
} T.detach();
} }
Consumer.commit(Msg); }
if (!AutoCommit)
Consumer.async_commit(Msg);
}
} catch (const cppkafka::HandleException &E) { } catch (const cppkafka::HandleException &E) {
Logger_.warning(Poco::format("Caught a Kafka exception (consumer): %s",std::string{E.what()})); Logger_.warning(Poco::format("Caught a Kafka exception (consumer): %s",std::string{E.what()}));
} catch (const Poco::Exception &E) { } catch (const Poco::Exception &E) {

5
src/RESTAPI_AssetServer.h
View File

@@ -10,14 +10,15 @@
namespace uCentral { namespace uCentral {
class RESTAPI_AssetServer : public RESTAPIHandler { class RESTAPI_AssetServer : public RESTAPIHandler {
public: public:
RESTAPI_AssetServer(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L) RESTAPI_AssetServer(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string> std::vector<std::string>
{Poco::Net::HTTPRequest::HTTP_POST, {Poco::Net::HTTPRequest::HTTP_POST,
Poco::Net::HTTPRequest::HTTP_GET, Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_PUT, Poco::Net::HTTPRequest::HTTP_PUT,
Poco::Net::HTTPRequest::HTTP_DELETE, Poco::Net::HTTPRequest::HTTP_DELETE,
Poco::Net::HTTPRequest::HTTP_OPTIONS}) {} Poco::Net::HTTPRequest::HTTP_OPTIONS},
Internal) {}
void handleRequest(Poco::Net::HTTPServerRequest &Request, Poco::Net::HTTPServerResponse &Response) override; void handleRequest(Poco::Net::HTTPServerRequest &Request, Poco::Net::HTTPServerResponse &Response) override;
static const std::list<const char *> PathName() { return std::list<const char *>{"/wwwassets/{id}" , static const std::list<const char *> PathName() { return std::list<const char *>{"/wwwassets/{id}" ,
"/favicon.ico"}; }; "/favicon.ico"}; };

2
src/RESTAPI_InternalServer.cpp
View File

@@ -64,7 +64,7 @@ namespace uCentral {
Poco::URI uri(Request.getURI()); Poco::URI uri(Request.getURI());
const auto & Path = uri.getPath(); const auto & Path = uri.getPath();
RESTAPIHandler::BindingMap Bindings; RESTAPIHandler::BindingMap Bindings;
return RESTAPI_Router< return RESTAPI_Router_I<
RESTAPI_users_handler, RESTAPI_users_handler,
RESTAPI_user_handler, RESTAPI_user_handler,
RESTAPI_system_command, RESTAPI_system_command,

5
src/RESTAPI_action_links.h
View File

@@ -18,12 +18,13 @@
namespace uCentral { namespace uCentral {
class RESTAPI_action_links : public RESTAPIHandler { class RESTAPI_action_links : public RESTAPIHandler {
public: public:
RESTAPI_action_links(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L) RESTAPI_action_links(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{ std::vector<std::string>{
Poco::Net::HTTPRequest::HTTP_GET, Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_POST, Poco::Net::HTTPRequest::HTTP_POST,
Poco::Net::HTTPRequest::HTTP_OPTIONS}) {} Poco::Net::HTTPRequest::HTTP_OPTIONS},
Internal) {}
void handleRequest(Poco::Net::HTTPServerRequest &Request, void handleRequest(Poco::Net::HTTPServerRequest &Request,
Poco::Net::HTTPServerResponse &Response) override; Poco::Net::HTTPServerResponse &Response) override;
static const std::list<const char *> PathName() { return std::list<const char *>{"/api/v1/actionLink"}; }; static const std::list<const char *> PathName() { return std::list<const char *>{"/api/v1/actionLink"}; };

5
src/RESTAPI_avatarHandler.h
View File

@@ -33,13 +33,14 @@ namespace uCentral {
class RESTAPI_avatarHandler : public RESTAPIHandler { class RESTAPI_avatarHandler : public RESTAPIHandler {
public: public:
RESTAPI_avatarHandler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L) RESTAPI_avatarHandler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{ std::vector<std::string>{
Poco::Net::HTTPRequest::HTTP_GET, Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_POST, Poco::Net::HTTPRequest::HTTP_POST,
Poco::Net::HTTPRequest::HTTP_DELETE, Poco::Net::HTTPRequest::HTTP_DELETE,
Poco::Net::HTTPRequest::HTTP_OPTIONS}) {} Poco::Net::HTTPRequest::HTTP_OPTIONS},
Internal) {}
void handleRequest(Poco::Net::HTTPServerRequest &Request, void handleRequest(Poco::Net::HTTPServerRequest &Request,
Poco::Net::HTTPServerResponse &Response) override; Poco::Net::HTTPServerResponse &Response) override;

64
src/RESTAPI_handler.cpp
View File

@@ -25,6 +25,7 @@
#include "RESTAPI_handler.h" #include "RESTAPI_handler.h"
#include "RESTAPI_protocol.h" #include "RESTAPI_protocol.h"
#include "Utils.h" #include "Utils.h"
#include "Daemon.h"
namespace uCentral { namespace uCentral {
@@ -306,10 +307,6 @@ namespace uCentral {
bool RESTAPIHandler::ContinueProcessing(Poco::Net::HTTPServerRequest &Request, bool RESTAPIHandler::ContinueProcessing(Poco::Net::HTTPServerRequest &Request,
Poco::Net::HTTPServerResponse &Response) { Poco::Net::HTTPServerResponse &Response) {
if (Request.getMethod() == Poco::Net::HTTPRequest::HTTP_OPTIONS) { if (Request.getMethod() == Poco::Net::HTTPRequest::HTTP_OPTIONS) {
/* std::cout << "REQUEST:" << std::endl;
for(const auto &[f,s]:Request)
std::cout << "First: " << f << " second:" << s << std::endl;
*/
ProcessOptions(Request, Response); ProcessOptions(Request, Response);
return false; return false;
} else if (std::find(Methods_.begin(), Methods_.end(), Request.getMethod()) == Methods_.end()) { } else if (std::find(Methods_.begin(), Methods_.end(), Request.getMethod()) == Methods_.end()) {
@@ -322,45 +319,34 @@ namespace uCentral {
bool RESTAPIHandler::IsAuthorized(Poco::Net::HTTPServerRequest &Request, bool RESTAPIHandler::IsAuthorized(Poco::Net::HTTPServerRequest &Request,
Poco::Net::HTTPServerResponse &Response) { Poco::Net::HTTPServerResponse &Response) {
if(SessionToken_.empty()) { if(Internal_) {
try { return Daemon()->IsValidAPIKEY(Request);
Poco::Net::OAuth20Credentials Auth(Request); } else {
if (SessionToken_.empty()) {
try {
Poco::Net::OAuth20Credentials Auth(Request);
if (Auth.getScheme() == "Bearer") { if (Auth.getScheme() == "Bearer") {
SessionToken_ = Auth.getBearerToken(); SessionToken_ = Auth.getBearerToken();
} }
} catch(const Poco::Exception &E) { } catch (const Poco::Exception &E) {
Logger_.log(E); Logger_.log(E);
} }
} }
#ifdef TIP_SECURITY_SERVICE #ifdef TIP_SECURITY_SERVICE
if (AuthService()->IsAuthorized(Request, SessionToken_, UserInfo_)) { if (AuthService()->IsAuthorized(Request, SessionToken_, UserInfo_)) {
#else #else
if (AuthClient()->IsAuthorized(Request, SessionToken_, UserInfo_)) { if (AuthClient()->IsAuthorized(Request, SessionToken_, UserInfo_)) {
#endif #endif
return true; return true;
} else { } else {
UnAuthorized(Request, Response); UnAuthorized(Request, Response);
} }
return false; return false;
} }
bool RESTAPIHandler::IsAuthorized(Poco::Net::HTTPServerRequest &Request,
Poco::Net::HTTPServerResponse &Response, std::string &UserName) {
#ifdef TIP_SECURITY_SERVICE
if (AuthService()->IsAuthorized(Request, SessionToken_, UserInfo_)) {
#else
if (AuthClient()->IsAuthorized(Request, SessionToken_, UserInfo_)) {
#endif
UserName = UserInfo_.webtoken.username_;
return true;
} else {
UnAuthorized(Request, Response);
}
return false;
} }
/*
bool RESTAPIHandler::ValidateAPIKey(Poco::Net::HTTPServerRequest &Request, bool RESTAPIHandler::ValidateAPIKey(Poco::Net::HTTPServerRequest &Request,
Poco::Net::HTTPServerResponse &Response) { Poco::Net::HTTPServerResponse &Response) {
auto Key = Request.get("X-API-KEY", ""); auto Key = Request.get("X-API-KEY", "");
@@ -370,7 +356,7 @@ namespace uCentral {
return true; return true;
} }
*/
void RESTAPIHandler::ReturnObject(Poco::Net::HTTPServerRequest &Request, Poco::JSON::Object &Object, void RESTAPIHandler::ReturnObject(Poco::Net::HTTPServerRequest &Request, Poco::JSON::Object &Object,
Poco::Net::HTTPServerResponse &Response) { Poco::Net::HTTPServerResponse &Response) {
PrepareResponse(Request, Response); PrepareResponse(Request, Response);

30
src/RESTAPI_handler.h
View File

@@ -91,8 +91,8 @@ namespace uCentral {
typedef std::map<std::string, std::string> BindingMap; typedef std::map<std::string, std::string> BindingMap;
RESTAPIHandler(BindingMap map, Poco::Logger &l, std::vector<std::string> Methods) RESTAPIHandler(BindingMap map, Poco::Logger &l, std::vector<std::string> Methods, bool Internal=false)
: Bindings_(std::move(map)), Logger_(l), Methods_(std::move(Methods)) {} : Bindings_(std::move(map)), Logger_(l), Methods_(std::move(Methods)), Internal_(Internal) {}
static bool ParseBindings(const std::string & Request, const std::list<const char *> & EndPoints, BindingMap &Keys); static bool ParseBindings(const std::string & Request, const std::list<const char *> & EndPoints, BindingMap &Keys);
void PrintBindings(); void PrintBindings();
@@ -111,10 +111,8 @@ namespace uCentral {
bool IsAuthorized(Poco::Net::HTTPServerRequest &Request, bool IsAuthorized(Poco::Net::HTTPServerRequest &Request,
Poco::Net::HTTPServerResponse &Response); Poco::Net::HTTPServerResponse &Response);
bool IsAuthorized(Poco::Net::HTTPServerRequest &Request, /* bool ValidateAPIKey(Poco::Net::HTTPServerRequest &Request,
Poco::Net::HTTPServerResponse &Response, std::string &UserName); Poco::Net::HTTPServerResponse &Response); */
bool ValidateAPIKey(Poco::Net::HTTPServerRequest &Request,
Poco::Net::HTTPServerResponse &Response);
uint64_t GetParameter(const std::string &Name, uint64_t Default); uint64_t GetParameter(const std::string &Name, uint64_t Default);
std::string GetParameter(const std::string &Name, const std::string &Default); std::string GetParameter(const std::string &Name, const std::string &Default);
@@ -157,6 +155,7 @@ namespace uCentral {
SecurityObjects::UserInfoAndPolicy UserInfo_; SecurityObjects::UserInfoAndPolicy UserInfo_;
std::vector<std::string> Methods_; std::vector<std::string> Methods_;
QueryBlock QB_; QueryBlock QB_;
bool Internal_=false;
}; };
class RESTAPI_UnknownRequestHandler : public RESTAPIHandler { class RESTAPI_UnknownRequestHandler : public RESTAPIHandler {
@@ -183,10 +182,10 @@ namespace uCentral {
} }
template<typename T, typename... Args> template<typename T, typename... Args>
RESTAPIHandler * RESTAPI_Router(const std::string & RequestedPath, RESTAPIHandler::BindingMap &Bindings, Poco::Logger & Logger) { RESTAPIHandler * RESTAPI_Router(const std::string & RequestedPath, RESTAPIHandler::BindingMap &Bindings, Poco::Logger & Logger ) {
static_assert(test_has_PathName_method((T*)nullptr), "Class must have a static PathName() method."); static_assert(test_has_PathName_method((T*)nullptr), "Class must have a static PathName() method.");
if(RESTAPIHandler::ParseBindings(RequestedPath,T::PathName(),Bindings)) { if(RESTAPIHandler::ParseBindings(RequestedPath,T::PathName(),Bindings)) {
return new T(Bindings, Logger); return new T(Bindings, Logger, false);
} }
if constexpr (sizeof...(Args) == 0) { if constexpr (sizeof...(Args) == 0) {
@@ -196,6 +195,21 @@ namespace uCentral {
} }
} }
template<typename T, typename... Args>
RESTAPIHandler * RESTAPI_Router_I(const std::string & RequestedPath, RESTAPIHandler::BindingMap &Bindings, Poco::Logger & Logger) {
static_assert(test_has_PathName_method((T*)nullptr), "Class must have a static PathName() method.");
if(RESTAPIHandler::ParseBindings(RequestedPath,T::PathName(),Bindings)) {
return new T(Bindings, Logger, true);
}
if constexpr (sizeof...(Args) == 0) {
return new RESTAPI_UnknownRequestHandler(Bindings,Logger);
} else {
return RESTAPI_Router_I<Args...>(RequestedPath, Bindings, Logger);
}
}
} }
#endif //UCENTRAL_RESTAPI_HANDLER_H #endif //UCENTRAL_RESTAPI_HANDLER_H

5
src/RESTAPI_oauth2Handler.h
View File

@@ -14,11 +14,12 @@
namespace uCentral { namespace uCentral {
class RESTAPI_oauth2Handler : public RESTAPIHandler { class RESTAPI_oauth2Handler : public RESTAPIHandler {
public: public:
RESTAPI_oauth2Handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L) RESTAPI_oauth2Handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_POST, std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_POST,
Poco::Net::HTTPRequest::HTTP_DELETE, Poco::Net::HTTPRequest::HTTP_DELETE,
Poco::Net::HTTPRequest::HTTP_OPTIONS}) {} Poco::Net::HTTPRequest::HTTP_OPTIONS},
Internal) {}
void handleRequest(Poco::Net::HTTPServerRequest &request, void handleRequest(Poco::Net::HTTPServerRequest &request,
Poco::Net::HTTPServerResponse &response) override; Poco::Net::HTTPServerResponse &response) override;
static const std::list<const char *> PathName() { return std::list<const char *>{"/api/v1/oauth2/{token}","/api/v1/oauth2"}; }; static const std::list<const char *> PathName() { return std::list<const char *>{"/api/v1/oauth2/{token}","/api/v1/oauth2"}; };

5
src/RESTAPI_systemEndpoints_handler.h
View File

@@ -9,10 +9,11 @@
namespace uCentral { namespace uCentral {
class RESTAPI_systemEndpoints_handler : public RESTAPIHandler { class RESTAPI_systemEndpoints_handler : public RESTAPIHandler {
public: public:
RESTAPI_systemEndpoints_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L) RESTAPI_systemEndpoints_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_GET, std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_OPTIONS}) {} Poco::Net::HTTPRequest::HTTP_OPTIONS},
Internal) {}
void handleRequest(Poco::Net::HTTPServerRequest &request, void handleRequest(Poco::Net::HTTPServerRequest &request,
Poco::Net::HTTPServerResponse &response) override; Poco::Net::HTTPServerResponse &response) override;
static const std::list<const char *> PathName() { return std::list<const char *>{"/api/v1/systemEndpoints"}; }; static const std::list<const char *> PathName() { return std::list<const char *>{"/api/v1/systemEndpoints"}; };

5
src/RESTAPI_system_command.h
View File

@@ -14,10 +14,11 @@
namespace uCentral { namespace uCentral {
class RESTAPI_system_command : public RESTAPIHandler { class RESTAPI_system_command : public RESTAPIHandler {
public: public:
RESTAPI_system_command(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L) RESTAPI_system_command(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_POST, std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_POST,
Poco::Net::HTTPRequest::HTTP_OPTIONS}) {} Poco::Net::HTTPRequest::HTTP_OPTIONS},
Internal) {}
void handleRequest(Poco::Net::HTTPServerRequest &request, void handleRequest(Poco::Net::HTTPServerRequest &request,
Poco::Net::HTTPServerResponse &response) override; Poco::Net::HTTPServerResponse &response) override;
static const std::list<const char *> PathName() { return std::list<const char *>{"/api/v1/system"}; }; static const std::list<const char *> PathName() { return std::list<const char *>{"/api/v1/system"}; };

5
src/RESTAPI_user_handler.h
View File

@@ -10,14 +10,15 @@
namespace uCentral { namespace uCentral {
class RESTAPI_user_handler : public RESTAPIHandler { class RESTAPI_user_handler : public RESTAPIHandler {
public: public:
RESTAPI_user_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L) RESTAPI_user_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string> std::vector<std::string>
{Poco::Net::HTTPRequest::HTTP_POST, {Poco::Net::HTTPRequest::HTTP_POST,
Poco::Net::HTTPRequest::HTTP_GET, Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_PUT, Poco::Net::HTTPRequest::HTTP_PUT,
Poco::Net::HTTPRequest::HTTP_DELETE, Poco::Net::HTTPRequest::HTTP_DELETE,
Poco::Net::HTTPRequest::HTTP_OPTIONS}) {} Poco::Net::HTTPRequest::HTTP_OPTIONS},
Internal) {}
void handleRequest(Poco::Net::HTTPServerRequest &Request, Poco::Net::HTTPServerResponse &Response) override; void handleRequest(Poco::Net::HTTPServerRequest &Request, Poco::Net::HTTPServerResponse &Response) override;
static const std::list<const char *> PathName() { return std::list<const char *>{"/api/v1/user/{id}"}; }; static const std::list<const char *> PathName() { return std::list<const char *>{"/api/v1/user/{id}"}; };
void DoGet(Poco::Net::HTTPServerRequest &Request, Poco::Net::HTTPServerResponse &Response); void DoGet(Poco::Net::HTTPServerRequest &Request, Poco::Net::HTTPServerResponse &Response);

5
src/RESTAPI_users_handler.h
View File

@@ -10,11 +10,12 @@
namespace uCentral { namespace uCentral {
class RESTAPI_users_handler : public RESTAPIHandler { class RESTAPI_users_handler : public RESTAPIHandler {
public: public:
RESTAPI_users_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L) RESTAPI_users_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string> std::vector<std::string>
{Poco::Net::HTTPRequest::HTTP_GET, {Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_OPTIONS}) {} Poco::Net::HTTPRequest::HTTP_OPTIONS},
Internal) {}
void handleRequest(Poco::Net::HTTPServerRequest &Request, Poco::Net::HTTPServerResponse &Response) override; void handleRequest(Poco::Net::HTTPServerRequest &Request, Poco::Net::HTTPServerResponse &Response) override;
static const std::list<const char *> PathName() { return std::list<const char *>{"/api/v1/users"}; }; static const std::list<const char *> PathName() { return std::list<const char *>{"/api/v1/users"}; };
void DoGet(Poco::Net::HTTPServerRequest &Request, Poco::Net::HTTPServerResponse &Response); void DoGet(Poco::Net::HTTPServerRequest &Request, Poco::Net::HTTPServerResponse &Response);

2
src/RESTAPI_validateToken_handler.cpp
View File

@@ -14,7 +14,7 @@ namespace uCentral {
if (!ContinueProcessing(Request, Response)) if (!ContinueProcessing(Request, Response))
return; return;
if (!Daemon()->IsValidAPIKEY(Request)) if (!IsAuthorized(Request, Response))
return; return;
try { try {

5
src/RESTAPI_validateToken_handler.h
View File

@@ -10,11 +10,12 @@
namespace uCentral { namespace uCentral {
class RESTAPI_validateToken_handler : public RESTAPIHandler { class RESTAPI_validateToken_handler : public RESTAPIHandler {
public: public:
RESTAPI_validateToken_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L) RESTAPI_validateToken_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string> std::vector<std::string>
{Poco::Net::HTTPRequest::HTTP_GET, {Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_OPTIONS}) {}; Poco::Net::HTTPRequest::HTTP_OPTIONS},
Internal) {};
void handleRequest(Poco::Net::HTTPServerRequest &Request, Poco::Net::HTTPServerResponse &Response) override; void handleRequest(Poco::Net::HTTPServerRequest &Request, Poco::Net::HTTPServerResponse &Response) override;
static const std::list<const char *> PathName() { return std::list<const char *>{"/api/v1/validateToken"}; }; static const std::list<const char *> PathName() { return std::list<const char *>{"/api/v1/validateToken"}; };

11
src/Utils.cpp
View File

@@ -471,6 +471,17 @@ namespace uCentral::Utils {
return Result; return Result;
} }
std::string SecondsToNiceText(uint64_t Seconds) {
std::string Result;
int Days = Seconds / (24*60*60);
Seconds -= Days * (24*60*60);
int Hours= Seconds / (60*60);
Seconds -= Hours * (60*60);
int Minutes = Seconds / 60;
Seconds -= Minutes * 60;
Result = std::to_string(Days) +" days, " + std::to_string(Hours) + ":" + std::to_string(Minutes) + ":" + std::to_string(Seconds);
return Result;
}
} }

2
src/Utils.h
View File

@@ -68,5 +68,7 @@ namespace uCentral::Utils {
[[nodiscard]] MediaTypeEncoding FindMediaType(const Poco::File &F); [[nodiscard]] MediaTypeEncoding FindMediaType(const Poco::File &F);
[[nodiscard]] std::string BinaryFileToHexString( const Poco::File &F); [[nodiscard]] std::string BinaryFileToHexString( const Poco::File &F);
[[nodiscard]] std::string SecondsToNiceText(uint64_t Seconds);
} }
#endif // UCENTRALGW_UTILS_H #endif // UCENTRALGW_UTILS_H

81
wwwassets/password_reset.html
View File

@@ -7,7 +7,7 @@
form {border: 3px solid #f1f1f1;} form {border: 3px solid #f1f1f1;}
input[type=text], input[type=password] { input[type=text], input[type=password] {
width: 100%; width: 90%;
padding: 12px 20px; padding: 12px 20px;
margin: 8px 0; margin: 8px 0;
display: inline-block; display: inline-block;
@@ -22,7 +22,8 @@
margin: 8px 0; margin: 8px 0;
border: none; border: none;
cursor: pointer; cursor: pointer;
width: 100%; width: 40%;
font-size: medium;
} }
button:hover { button:hover {
@@ -31,7 +32,14 @@
.imgcontainer { .imgcontainer {
text-align: center; text-align: center;
margin: 24px 0 12px 0; margin: 5px 0 5px 0;
grid-column-start: 2;
grid-column-end: 2;
}
.passwordlabel {
grid-column-start: 2;
grid-column-end: 2;
} }
img.avatar { img.avatar {
@@ -39,8 +47,39 @@
border-radius: 50%; border-radius: 50%;
} }
.container { .grid-container {
padding: 16px; display: grid;
grid-template-columns: 15% 70% 15%;
background-color: #f3db21;
grid-column-gap: 5px;
padding: 10px;
}
.grid-container > div {
background-color: rgba(255, 255, 255, 0.8);
text-align: center;
padding: 20px 0;
font-size: 30px;
}
.passwordtext {
float: left;
margin-left: 5%;
}
.rulestext {
display: inline-block;
text-align: left;
text-justify: none;
margin: 5px 0 5px 0;
grid-column-start: 2;
grid-column-end: 2;
}
ul {
display: inline-block;
text-align: left;
font-size: small;
} }
span.password1 { span.password1 {
@@ -63,33 +102,35 @@
<body> <body>
<form action="/api/v1/actionLink?action=password_reset" method="post" onsubmit="return validatePassword()"> <form action="/api/v1/actionLink?action=password_reset" method="post" onsubmit="return validatePassword()">
<input type="hidden" id="custId" name="id" value="${UUID}">
<div class="grid-container">
<div class="imgcontainer"> <div class="imgcontainer">
<img src="/wwwassets/open-wifi.svg" alt="Avatar" class="avatar"> <img src="/wwwassets/open-wifi.svg" alt="Logo" class="logo">
</div> </div>
<div>
<h1>Password Reset</h1> <div class="passwordlabel">
</div> <label class="passwordtext" for="password1" ><b>New Password</b></label>
<div class="container">
<label for="password1"><b>New Password</b></label>
<input id="password1" type="password" placeholder="New Password" name="password1" pattern="${PASSWORD_VALIDATION}" required> <input id="password1" type="password" placeholder="New Password" name="password1" pattern="${PASSWORD_VALIDATION}" required>
<label for="password2"><b>Retype Password</b></label> </div>
<input id="password2" type="password" placeholder="New Password" name="password2" pattern="${PASSWORD_VALIDATION}" required> <div class="passwordlabel">
<input type="hidden" id="custId" name="id" value="${UUID}"> <label class="passwordtext" for="password2"><b>Retype Password</b></label>
<input id="password2" type="password" placeholder="Retype Password" name="password2" pattern="${PASSWORD_VALIDATION}" required>
</div>
<div class="passwordlabel">
<button type="submit">Reset Password</button> <button type="submit">Reset Password</button>
</div> </div>
<div> <div class="rulestext">
<p>Password rules:</p>
<ul> <ul>
<li>Must be at least 8 characters long.</li> <li>Must be at least 8 characters long</li>
<li>Must contain 1 uppercase letter</li> <li>Must contain 1 uppercase letter</li>
<li>Must contain 1 lowercase letter</li> <li>Must contain 1 lowercase letter</li>
<li>Must contain 1 digit</li> <li>Must contain 1 digit</li>
<li>Must contain 1 special character</li> <li>Must contain 1 special character</li>
</ul> </ul>
</div> </div>
</div>
</form> </form>
<script> <script>