scottk/wlan-cloud-ucentralsec
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git synced 2025-10-29 01:42:30 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

Typos and security verification.

Browse Source
This commit is contained in:
stephb9959
2021-07-10 23:14:31 -07:00
parent 9566d191b2
commit ca52d03091
14 changed files with 152 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/AuthService.cpp
View File

@@ -280,22 +280,29 @@ namespace uCentral {
return uCentral::Utils::ToHex(SHA2_.digest());
}
bool AuthService::SendEmailToUser(const std::string &Email, EMAIL_REASON Reason) {
switch(Reason) {
case FORGOT_PASSWORD: {
MessageAttributes Attrs;
bool AuthService::SendEmailToUser(std::string &Email, EMAIL_REASON Reason) {
SecurityObjects::UserInfo UInfo;
if(Storage()->GetUserByEmail(Email,UInfo)) {
switch (Reason) {
case FORGOT_PASSWORD: {
MessageAttributes Attrs;
Attrs[RECIPIENT_EMAIL] = "stephane.bourque@gmail.com";
Attrs[LOGO] = "logo.jpg";
Attrs[RECIPIENT_EMAIL] = "stephane.bourque@gmail.com";
Attrs[LOGO] = "logo.jpg";
Attrs[SUBJECT] = "Password reset link";
Attrs[ACTION_LINK] =
Daemon()->GetPublicAPIEndPoint() + "/actionLink?action=reset_password&id=" + UInfo.Id ;
SMTPMailerService()->SendMessage("stephane.bourque@gmail.com", Attrs); }
break;
SMTPMailerService()->SendMessage("stephane.bourque@gmail.com", "password_reset.txt", Attrs);
}
break;
case EMAIL_VERIFICATION:
break;
case EMAIL_VERIFICATION:
break;
default:
break;
default:
break;
}
}
return false;
}

2
src/AuthService.h
View File

@@ -80,7 +80,7 @@ namespace uCentral{
[[nodiscard]] bool UpdatePassword(const std::string &Admin, const std::string &UserName, const std::string & OldPassword, const std::string &NewPassword);
[[nodiscard]] std::string ResetPassword(const std::string &Admin, const std::string &UserName);
bool SendEmailToUser(const std::string &Email, EMAIL_REASON Reason);
bool SendEmailToUser(std::string &Email, EMAIL_REASON Reason);
private:
static AuthService *instance_;

1
src/MicroService.cpp
View File

@@ -194,6 +194,7 @@ namespace uCentral {
DebugMode_ = ConfigGetBool("ucentral.system.debug",false);
MyPrivateEndPoint_ = ConfigGetString("ucentral.system.uri.private");
MyPublicEndPoint_ = ConfigGetString("ucentral.system.uri.public");
UIURI_ = ConfigGetString("ucentral.system.uri.ui");
MyHash_ = CreateHash(MyPublicEndPoint_);
InitializeSubSystemServers();
ServerApplication::initialize(self);

3
src/MicroService.h
View File

@@ -132,6 +132,8 @@ namespace uCentral {
void SavePID();
inline uint64_t GetPID() { return Poco::Process::id(); };
[[nodiscard]] inline const std::string GetPublicAPIEndPoint() const { return MyPublicEndPoint_ + "/api/v1"; };
[[nodiscard]] inline const std::string & GetUIURI() const { return UIURI_;};
private:
bool HelpRequested_ = false;
@@ -150,6 +152,7 @@ namespace uCentral {
std::string MyHash_;
std::string MyPrivateEndPoint_;
std::string MyPublicEndPoint_;
std::string UIURI_;
std::string Version_;
BusEventManager BusEventManager_;
SubMutex InfraMutex_;

7
src/RESTAPI_action_links.cpp
View File

@@ -10,6 +10,7 @@
#include "Poco/JSON/Parser.h"
#include "Poco/Net/HTMLForm.h"
#include "RESTAPI_server.h"
#include "Daemon.h"
namespace uCentral {
void RESTAPI_action_links::handleRequest(Poco::Net::HTTPServerRequest &Request,
@@ -84,7 +85,8 @@ namespace uCentral {
Storage()->UpdateUserInfo(UInfo.email,Id,UInfo);
Poco::File FormFile{ RESTAPI_Server()->AssetDir() + "/reset_password_success.html"};
Types::StringPairVec FormVars{ {"UUID", Id},
{"USERNAME", UInfo.email}};
{"USERNAME", UInfo.email},
{"ACTION_LINK",Daemon()->GetUIURI()}};
SendHTMLFileBack(FormFile,Request, Response, FormVars);
}
} else {
@@ -112,7 +114,8 @@ namespace uCentral {
UInfo.validationDate = std::time(nullptr);
Storage()->UpdateUserInfo(UInfo.email, Id, UInfo);
Types::StringPairVec FormVars{{"UUID", Id},
{"USERNAME", UInfo.email}};
{"USERNAME", UInfo.email},
{"ACTION_LINK",Daemon()->GetUIURI()}};
Poco::File FormFile{RESTAPI_Server()->AssetDir() + "/email_verification_success.html"};
SendHTMLFileBack(FormFile, Request, Response, FormVars);
return;

39
src/SMTPMailerService.cpp
View File

@@ -41,7 +41,7 @@ namespace uCentral {
SenderThr_.join();
}
bool SMTPMailerService::SendMessage(const std::string &Recipient, const MessageAttributes &Attrs) {
bool SMTPMailerService::SendMessage(const std::string &Recipient, const std::string &Name, const MessageAttributes &Attrs) {
SubMutexGuard G(Mutex_);
uint64_t Now = std::time(nullptr);
@@ -56,6 +56,8 @@ namespace uCentral {
Messages_.push_back(MessageEvent{.Posted=(uint64_t )std::time(nullptr),
.LastTry=0,
.Sent=0,
.File=Poco::File(TemplateDir_ + "/" +Name),
.Attrs=Attrs});
return false;
@@ -74,7 +76,7 @@ namespace uCentral {
for(auto &i:Messages_) {
if(i.Sent==0 && (i.LastTry==0 || (Now-i.LastTry)>120)) {
if (SendIt(i.Attrs)) {
if (SendIt(i)) {
i.LastTry = i.Sent = std::time(nullptr);
} else
i.LastTry = std::time(nullptr);
@@ -87,26 +89,34 @@ namespace uCentral {
}
}
bool SMTPMailerService::SendIt(const MessageAttributes & Attrs) {
void FillVariables(const MessageAttributes &Attrs, Types::StringPairVec &R) {
for(const auto &[Variable,Value]:Attrs) {
R.push_back(std::make_pair(MessageAttributeToVar(Variable),Value));
}
}
bool SMTPMailerService::SendIt(const MessageEvent &Msg) {
try
{
Poco::SharedPtr<Poco::Net::InvalidCertificateHandler> ptrHandler = new Poco::Net::AcceptCertificateHandler(false);
Poco::Net::MailMessage Message;
std::string Recipient = Attrs.find(RECIPIENT_EMAIL)->second;
std::string Recipient = Msg.Attrs.find(RECIPIENT_EMAIL)->second;
Message.setSender(Sender_);
Message.addRecipient(Poco::Net::MailRecipient(Poco::Net::MailRecipient::PRIMARY_RECIPIENT, Recipient));
Message.setSubject("Hello from the POCO C++ Libraries");
Message.setSubject(Msg.Attrs.find(SUBJECT)->second);
std::string content;
std::string Content = Utils::LoadFile(Msg.File);
Types::StringPairVec Variables;
FillVariables(Msg.Attrs, Variables);
Utils::ReplaceVariables(Content, Variables);
Message.addContent(new Poco::Net::StringPartSource(Content));
content += "Hello ";
content += Recipient;
content += ",\r\n\r\n";
content += "This is a greeting from the POCO C++ Libraries.\r\n\r\n";
Message.addContent(new Poco::Net::StringPartSource(content));
auto Logo = Attrs.find(LOGO);
if(Logo!=Attrs.end()) {
std::cout << Content << std::endl;
auto Logo = Msg.Attrs.find(LOGO);
if(Logo!=Msg.Attrs.end()) {
Poco::File LogoFile(TemplateDir_ + "/" + Logo->second);
std::ifstream IF(LogoFile.path());
std::ostringstream OS;
@@ -114,18 +124,15 @@ namespace uCentral {
Message.addAttachment("logo", new Poco::Net::StringPartSource(OS.str(), "image/jpeg"));
}
Poco::Net::SecureSMTPClientSession session(MailHost_,MailHostPort_);
Poco::Net::Context::Params P;
auto ptrContext = Poco::AutoPtr<Poco::Net::Context>
(new Poco::Net::Context(Poco::Net::Context::CLIENT_USE, "", "", "",
Poco::Net::Context::VERIFY_RELAXED, 9, true,
"ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"));
Poco::Net::SSLManager::instance().initializeClient(nullptr,
ptrHandler,
ptrContext);
session.login();
session.startTLS(ptrContext);
session.login(MailHost_,

7
src/SMTPMailerService.h
View File

@@ -7,6 +7,8 @@
#include "SubSystemServer.h"
#include "Poco/File.h"
namespace uCentral {
enum MESSAGE_ATTRIBUTES {
@@ -58,6 +60,7 @@ namespace uCentral {
uint64_t Posted=0;
uint64_t LastTry=0;
uint64_t Sent=0;
Poco::File File;
MessageAttributes Attrs;
};
@@ -70,8 +73,8 @@ namespace uCentral {
int Start() override;
void Stop() override;
bool SendMessage(const std::string &Recipient, const MessageAttributes &Attrs);
bool SendIt(const MessageAttributes &Attrs);
bool SendMessage(const std::string &Recipient, const std::string &Name, const MessageAttributes &Attrs);
bool SendIt(const MessageEvent &Msg);
private:
static SMTPMailerService * instance_;

2
src/Utils.cpp
View File

@@ -466,4 +466,6 @@ namespace uCentral::Utils {
return Result;
}
}

9
templates/password_reset.txt
View File

@@ -0,0 +1,9 @@
Dear ${RECIPIENT_EMAIL},
You have requested us to reset your password. Please click on the link below
${ACTION_LINK}
And follow the instructions.
Thank you!

8
ucentralsec.properties
View File

@@ -15,6 +15,7 @@ ucentral.restapi.host.0.port = 16001
ucentral.restapi.host.0.cert = $UCENTRALSEC_ROOT/certs/restapi-cert.pem
ucentral.restapi.host.0.key = $UCENTRALSEC_ROOT/certs/restapi-key.pem
ucentral.restapi.host.0.key.password = mypassword
ucentral.restapi.wwwassets = $UCENTRALSEC_ROOT/wwwassets
ucentral.internal.restapi.host.0.backlog = 100
ucentral.internal.restapi.host.0.security = relaxed
@@ -31,12 +32,10 @@ ucentral.internal.restapi.host.0.key.password = mypassword
authentication.enabled = true
authentication.default.username = tip@ucentral.com
authentication.default.password = 13268b7daa751240369d125e79c873bd8dd3bef7981bdfd38ea03dbb1fbe7dcf
authentication.default.access = master
authentication.service.type = internal
ucentral.system.data = $UCENTRALSEC_ROOT/data
ucentral.system.debug = true
ucentral.system.uri.private = https://localhost:17001
ucentral.system.uri.public = https://local.dpaas.arilia.com:16001
ucentral.system.uri.ui = https://ucentral-ui.arilia.com
ucentral.system.commandchannel = /tmp/app.ucentralsec
ucentral.service.key = $UCENTRALSEC_ROOT/certs/restapi-key.pem
@@ -45,9 +44,10 @@ ucentral.service.key = $UCENTRALSEC_ROOT/certs/restapi-key.pem
#
mailer.hostname = smtp.gmail.com
mailer.username = no-reply@arilia.com
mailer.password = **************************
mailer.password = pink-elephants-play-hockey
mailer.loginmethod = login
mailer.port = 587
mailer.templates = $UCENTRALSEC_ROOT/templates
#############################

1
ucentralsec.properties.aws
View File

@@ -35,6 +35,7 @@ authentication.default.password = 13268b7daa751240369d125e79c873bd8dd3bef7981bdf
ucentral.system.data = $UCENTRALSEC_ROOT/data
ucentral.system.uri.private = https://localhost:17001
ucentral.system.uri.public = https://ucentral.dpaas.arilia.com:16001
ucentral.system.uri.ui = https://ucentral-ui.arilia.com
ucentral.system.commandchannel = /tmp/app.ucentralsec
ucentral.service.key = $UCENTRALSEC_ROOT/certs/restapi-key.pem

4
ucentralsec.properties.priv
View File

@@ -34,6 +34,7 @@ authentication.default.password = 13268b7daa751240369d125e79c873bd8dd3bef7981bdf
ucentral.system.data = $UCENTRALSEC_ROOT/data
ucentral.system.uri.private = https://localhost:17001
ucentral.system.uri.public = https://local.dpaas.arilia.com:16001
ucentral.system.uri.ui = https://ucentral-ui.arilia.com
ucentral.system.commandchannel = /tmp/app.ucentralsec
ucentral.service.key = $UCENTRALSEC_ROOT/certs/restapi-key.pem
@@ -42,9 +43,10 @@ ucentral.service.key = $UCENTRALSEC_ROOT/certs/restapi-key.pem
#
mailer.hostname = smtp.gmail.com
mailer.username = no-reply@arilia.com
mailer.password = **************************
mailer.password = pink-elephants-play-hockey
mailer.loginmethod = login
mailer.port = 587
mailer.templates = $UCENTRALSEC_ROOT/templates
#############################

11
wwwassets/reset_password.html
View File

@@ -79,6 +79,17 @@
<button type="submit">Reset Password</button>
</div>
<div>
<p>Password rules:</p>
<ul>
<li>Must be at least 8 characters long.</li>
<li>Must contain 1 uppercase letter</li>
<li>Must contain 1 lowercase letter</li>
<li>Must contain 1 digit</li>
<li>Must contain 1 special character</li>
</ul>
</div>
</form>
<script>

72
wwwassets/reset_password_success.html
View File

@@ -1,17 +1,75 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Password was successfully reset</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<style>
body {font-family: Arial, Helvetica, sans-serif;}
form {border: 3px solid #f1f1f1;}
input[type=text], input[type=password] {
width: 100%;
padding: 12px 20px;
margin: 8px 0;
display: inline-block;
border: 1px solid #ccc;
box-sizing: border-box;
}
button {
background-color: #04AA6D;
color: white;
padding: 14px 20px;
margin: 8px 0;
border: none;
cursor: pointer;
width: 100%;
}
button:hover {
opacity: 0.8;
}
.imgcontainer {
text-align: center;
margin: 24px 0 12px 0;
}
img.avatar {
width: 40%;
border-radius: 50%;
}
.container {
padding: 16px;
}
span.password1 {
float: right;
padding-top: 16px;
}
/* Change styles for span and cancel button on extra small screens */
@media screen and (max-width: 300px) {
span.password1 {
display: block;
float: none;
}
.cancelbtn {
width: 100%;
}
}
</style>
</head>
<body>
<h1>Password was successfully reset</h1>
<div>
<h3>ID</h3>
<b>${UUID}</b>
</div>
<div class="imgcontainer">
<img src="/wwwassets/avatar.jpg" alt="Avatar" class="avatar">
</div>
<h1>Password was successfully reset</h1>
<div>
<h3>Thank you ${USERNAME} for resetting your password.</h3>
</div>
<div>
<a href="${ACTION_LINK}">Click here to access the system.</a>
</div>
</body>
</html>