mirror of
https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git
synced 2025-11-01 19:27:59 +00:00
Completing sub support.
This commit is contained in:
stephb9959
@@ -85,6 +85,7 @@ add_executable( owsec
|
||||
src/RESTAPI/RESTAPI_suboauth2_handler.h src/RESTAPI/RESTAPI_suboauth2_handler.cpp
|
||||
src/RESTAPI/RESTAPI_subuser_handler.h src/RESTAPI/RESTAPI_subuser_handler.cpp
|
||||
src/RESTAPI/RESTAPI_subusers_handler.h src/RESTAPI/RESTAPI_subusers_handler.cpp
|
||||
src/RESTAPI/RESTAPI_validate_sub_token_handler.cpp src/RESTAPI/RESTAPI_validate_sub_token_handler.h
|
||||
src/APIServers.cpp
|
||||
src/Daemon.h src/Daemon.cpp
|
||||
src/AuthService.h src/AuthService.cpp
|
||||
|
||||
@@ -18,6 +18,7 @@
|
||||
#include "RESTAPI/RESTAPI_suboauth2_handler.h"
|
||||
#include "RESTAPI/RESTAPI_subuser_handler.h"
|
||||
#include "RESTAPI/RESTAPI_subusers_handler.h"
|
||||
#include "RESTAPI/RESTAPI_validate_sub_token_handler.h"
|
||||
|
||||
namespace OpenWifi {
|
||||
|
||||
@@ -49,6 +50,7 @@ namespace OpenWifi {
|
||||
RESTAPI_system_command,
|
||||
RESTAPI_action_links,
|
||||
RESTAPI_validate_token_handler,
|
||||
RESTAPI_validate_sub_token_handler,
|
||||
RESTAPI_sms_handler,
|
||||
RESTAPI_suboauth2_handler,
|
||||
RESTAPI_subuser_handler,
|
||||
|
||||
@@ -43,23 +43,52 @@ namespace OpenWifi {
|
||||
break;
|
||||
|
||||
SecurityObjects::UserInfo UInfo;
|
||||
if(!StorageService()->GetUserById(i.userId,UInfo)) {
|
||||
if((i.action==OpenWifi::SecurityObjects::LinkActions::FORGOT_PASSWORD ||
|
||||
i.action==OpenWifi::SecurityObjects::LinkActions::VERIFY_EMAIL) && !StorageService()->GetUserById(i.userId,UInfo)) {
|
||||
StorageService()->CancelAction(i.id);
|
||||
continue;
|
||||
} else if(( i.action==OpenWifi::SecurityObjects::LinkActions::SUB_FORGOT_PASSWORD ||
|
||||
i.action==OpenWifi::SecurityObjects::LinkActions::SUB_VERIFY_EMAIL) && !StorageService()->GetSubUserById(i.userId,UInfo)) {
|
||||
StorageService()->CancelAction(i.id);
|
||||
continue;
|
||||
}
|
||||
|
||||
if(i.action==OpenWifi::SecurityObjects::LinkActions::FORGOT_PASSWORD) {
|
||||
if(AuthService::SendEmailToUser(i.id, UInfo.email, AuthService::FORGOT_PASSWORD)) {
|
||||
Logger_.information(Poco::format("Send password reset link to %s",UInfo.email));
|
||||
switch(i.action) {
|
||||
case OpenWifi::SecurityObjects::LinkActions::FORGOT_PASSWORD: {
|
||||
if(AuthService::SendEmailToUser(i.id, UInfo.email, AuthService::FORGOT_PASSWORD)) {
|
||||
Logger_.information(Poco::format("Send password reset link to %s",UInfo.email));
|
||||
}
|
||||
StorageService()->SentAction(i.id);
|
||||
}
|
||||
break;
|
||||
|
||||
case OpenWifi::SecurityObjects::LinkActions::VERIFY_EMAIL: {
|
||||
if(AuthService::SendEmailToUser(i.id, UInfo.email, AuthService::EMAIL_VERIFICATION)) {
|
||||
Logger_.information(Poco::format("Send email verification link to %s",UInfo.email));
|
||||
}
|
||||
StorageService()->SentAction(i.id);
|
||||
}
|
||||
break;
|
||||
|
||||
case OpenWifi::SecurityObjects::LinkActions::SUB_FORGOT_PASSWORD: {
|
||||
if(AuthService::SendEmailToSubUser(i.id, UInfo.email, AuthService::FORGOT_PASSWORD)) {
|
||||
Logger_.information(Poco::format("Send subscriber password reset link to %s",UInfo.email));
|
||||
}
|
||||
StorageService()->SentAction(i.id);
|
||||
}
|
||||
break;
|
||||
|
||||
case OpenWifi::SecurityObjects::LinkActions::SUB_VERIFY_EMAIL: {
|
||||
if(AuthService::SendEmailToSubUser(i.id, UInfo.email, AuthService::EMAIL_VERIFICATION)) {
|
||||
Logger_.information(Poco::format("Send subscriber email verification link to %s",UInfo.email));
|
||||
}
|
||||
StorageService()->SentAction(i.id);
|
||||
}
|
||||
break;
|
||||
|
||||
default: {
|
||||
StorageService()->SentAction(i.id);
|
||||
}
|
||||
StorageService()->SentAction(i.id);
|
||||
} else if (i.action==OpenWifi::SecurityObjects::LinkActions::VERIFY_EMAIL) {
|
||||
if(AuthService::SendEmailToUser(i.id, UInfo.email, AuthService::EMAIL_VERIFICATION)) {
|
||||
Logger_.information(Poco::format("Send email verification link to %s",UInfo.email));
|
||||
}
|
||||
StorageService()->SentAction(i.id);
|
||||
} else {
|
||||
StorageService()->SentAction(i.id);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -12,11 +12,13 @@ namespace OpenWifi {
|
||||
class ActionLinkManager : public SubSystemServer, Poco::Runnable {
|
||||
public:
|
||||
|
||||
enum Actions {
|
||||
/* enum Actions {
|
||||
FORGOT_PASSWORD,
|
||||
VERIFY_EMAIL
|
||||
VERIFY_EMAIL,
|
||||
SUB_FORGOT_PASSWORD,
|
||||
SUB_VERIFY_EMAIL
|
||||
};
|
||||
|
||||
*/
|
||||
static ActionLinkManager * instance() {
|
||||
static auto * instance_ = new ActionLinkManager;
|
||||
return instance_;
|
||||
|
||||
@@ -46,10 +46,17 @@ namespace OpenWifi {
|
||||
Signer_.setRSAKey(MicroService::instance().Key());
|
||||
Signer_.addAllAlgorithms();
|
||||
Logger_.notice("Starting...");
|
||||
PasswordValidation_ = PasswordValidationStr_ = MicroService::instance().ConfigGetString("authentication.validation.expression","^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{8,}$");
|
||||
SubPasswordValidation_ = SubPasswordValidationStr_ = MicroService::instance().ConfigGetString("authentication.subvalidation.expression","^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{8,}$");
|
||||
TokenAging_ = (uint64_t) MicroService::instance().ConfigGetInt("authentication.token.ageing", 30 * 24 * 60 * 60);
|
||||
HowManyOldPassword_ = MicroService::instance().ConfigGetInt("authentication.oldpasswords", 5);
|
||||
|
||||
AccessPolicy_ = MicroService::instance().ConfigPath("openwifi.document.policy.access", "/wwwassets/access_policy.html");
|
||||
PasswordPolicy_ = MicroService::instance().ConfigPath("openwifi.document.policy.password", "/wwwassets/password_policy.html");
|
||||
PasswordValidation_ = PasswordValidationStr_ = MicroService::instance().ConfigGetString("authentication.validation.expression","^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{8,}$");
|
||||
|
||||
SubPasswordValidation_ = SubPasswordValidationStr_ = MicroService::instance().ConfigGetString("subscriber.validation.expression","^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{8,}$");
|
||||
SubAccessPolicy_ = MicroService::instance().ConfigPath("subscriber.policy.access", "/wwwassets/access_policy.html");
|
||||
SubPasswordPolicy_ = MicroService::instance().ConfigPath("subscriber.policy.password", "/wwwassets/password_policy.html");
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -601,7 +608,7 @@ namespace OpenWifi {
|
||||
bool AuthService::VerifySubEmail(SecurityObjects::UserInfo &UInfo) {
|
||||
SecurityObjects::ActionLink A;
|
||||
|
||||
A.action = OpenWifi::SecurityObjects::LinkActions::VERIFY_EMAIL;
|
||||
A.action = OpenWifi::SecurityObjects::LinkActions::SUB_VERIFY_EMAIL;
|
||||
A.userId = UInfo.email;
|
||||
A.id = MicroService::CreateUUID();
|
||||
A.created = std::time(nullptr);
|
||||
|
||||
@@ -104,6 +104,12 @@ namespace OpenWifi{
|
||||
return MicroService::instance().WWWAssetsDir() + "/the_logo.png";
|
||||
}
|
||||
|
||||
inline const std::string & GetPasswordPolicy() const { return PasswordPolicy_; }
|
||||
inline const std::string & GetAccessPolicy() const { return AccessPolicy_; }
|
||||
|
||||
inline const std::string & GetSubPasswordPolicy() const { return SubPasswordPolicy_; }
|
||||
inline const std::string & GetSubAccessPolicy() const { return SubAccessPolicy_; }
|
||||
|
||||
private:
|
||||
Poco::JWT::Signer Signer_;
|
||||
Poco::SHA2Engine SHA2_;
|
||||
@@ -111,6 +117,10 @@ namespace OpenWifi{
|
||||
Poco::ExpireLRUCache<std::string,SecurityObjects::UserInfoAndPolicy> UserCache_{256,1200000};
|
||||
Poco::ExpireLRUCache<std::string,SecurityObjects::UserInfoAndPolicy> SubUserCache_{4096,1200000};
|
||||
|
||||
std::string AccessPolicy_;
|
||||
std::string PasswordPolicy_;
|
||||
std::string SubAccessPolicy_;
|
||||
std::string SubPasswordPolicy_;
|
||||
std::string PasswordValidationStr_;
|
||||
std::string SubPasswordValidationStr_;
|
||||
std::regex PasswordValidation_;
|
||||
|
||||
@@ -56,8 +56,6 @@ namespace OpenWifi {
|
||||
|
||||
void Daemon::initialize() {
|
||||
AssetDir_ = MicroService::instance().ConfigPath("openwifi.restapi.wwwassets");
|
||||
AccessPolicy_ = MicroService::instance().ConfigPath("openwifi.document.policy.access", "/wwwassets/access_policy.html");
|
||||
PasswordPolicy_ = MicroService::instance().ConfigPath("openwifi.document.policy.password", "/wwwassets/password_policy.html");
|
||||
}
|
||||
|
||||
void MicroServicePostInitialization() {
|
||||
|
||||
@@ -43,13 +43,9 @@ namespace OpenWifi {
|
||||
void initialize();
|
||||
static Daemon *instance();
|
||||
inline const std::string & AssetDir() { return AssetDir_; }
|
||||
inline const std::string & GetPasswordPolicy() const { return PasswordPolicy_; }
|
||||
inline const std::string & GetAccessPolicy() const { return AccessPolicy_; }
|
||||
private:
|
||||
static Daemon *instance_;
|
||||
std::string AssetDir_;
|
||||
std::string PasswordPolicy_;
|
||||
std::string AccessPolicy_;
|
||||
};
|
||||
|
||||
inline Daemon * Daemon() { return Daemon::instance(); }
|
||||
|
||||
@@ -73,8 +73,8 @@ namespace OpenWifi {
|
||||
Logger_.information(Poco::format("POLICY-REQUEST(%s): Request.", Request->clientAddress().toString()));
|
||||
Poco::JSON::Object Answer;
|
||||
Answer.set(RESTAPI::Protocol::PASSWORDPATTERN, AuthService()->PasswordValidationExpression());
|
||||
Answer.set(RESTAPI::Protocol::ACCESSPOLICY, Daemon()->GetAccessPolicy());
|
||||
Answer.set(RESTAPI::Protocol::PASSWORDPOLICY, Daemon()->GetPasswordPolicy());
|
||||
Answer.set(RESTAPI::Protocol::ACCESSPOLICY, AuthService()->GetAccessPolicy());
|
||||
Answer.set(RESTAPI::Protocol::PASSWORDPOLICY, AuthService()->GetPasswordPolicy());
|
||||
return ReturnObject(Answer);
|
||||
}
|
||||
|
||||
|
||||
@@ -47,7 +47,7 @@ namespace OpenWifi {
|
||||
|
||||
auto Token = GetBinding(RESTAPI::Protocol::TOKEN, "...");
|
||||
if (Token == SessionToken_) {
|
||||
AuthService()->Logout(Token);
|
||||
AuthService()->SubLogout(Token);
|
||||
return ReturnStatus(Poco::Net::HTTPResponse::HTTP_NO_CONTENT, true);
|
||||
}
|
||||
|
||||
@@ -61,16 +61,14 @@ namespace OpenWifi {
|
||||
auto password = GetS(RESTAPI::Protocol::PASSWORD, Obj);
|
||||
auto newPassword = GetS(RESTAPI::Protocol::NEWPASSWORD, Obj);
|
||||
|
||||
Logger_.information("Doing post");
|
||||
|
||||
Poco::toLowerInPlace(userId);
|
||||
|
||||
if(GetBoolParameter(RESTAPI::Protocol::REQUIREMENTS, false)) {
|
||||
Logger_.information(Poco::format("POLICY-REQUEST(%s): Request.", Request->clientAddress().toString()));
|
||||
Poco::JSON::Object Answer;
|
||||
Answer.set(RESTAPI::Protocol::PASSWORDPATTERN, AuthService()->SubPasswordValidationExpression());
|
||||
Answer.set(RESTAPI::Protocol::ACCESSPOLICY, Daemon()->GetAccessPolicy());
|
||||
Answer.set(RESTAPI::Protocol::PASSWORDPOLICY, Daemon()->GetPasswordPolicy());
|
||||
Answer.set(RESTAPI::Protocol::ACCESSPOLICY, AuthService()->GetSubAccessPolicy());
|
||||
Answer.set(RESTAPI::Protocol::PASSWORDPOLICY, AuthService()->GetSubPasswordPolicy());
|
||||
return ReturnObject(Answer);
|
||||
}
|
||||
|
||||
@@ -81,7 +79,7 @@ namespace OpenWifi {
|
||||
Logger_.information(Poco::format("FORGOTTEN-PASSWORD(%s): Request for %s", Request->clientAddress().toString(), userId));
|
||||
SecurityObjects::ActionLink NewLink;
|
||||
|
||||
NewLink.action = OpenWifi::SecurityObjects::LinkActions::FORGOT_PASSWORD;
|
||||
NewLink.action = OpenWifi::SecurityObjects::LinkActions::SUB_FORGOT_PASSWORD;
|
||||
NewLink.id = MicroService::CreateUUID();
|
||||
NewLink.userId = UInfo1.Id;
|
||||
NewLink.created = std::time(nullptr);
|
||||
|
||||
@@ -6,8 +6,7 @@
|
||||
// Arilia Wireless Inc.
|
||||
//
|
||||
|
||||
#ifndef UCENTRAL_RESTAPI_SECURITYOBJECTS_H
|
||||
#define UCENTRAL_RESTAPI_SECURITYOBJECTS_H
|
||||
#pragma once
|
||||
|
||||
#include "framework/OpenWifiTypes.h"
|
||||
#include "Poco/JSON/Object.h"
|
||||
@@ -224,7 +223,9 @@ namespace OpenWifi::SecurityObjects {
|
||||
|
||||
enum LinkActions {
|
||||
FORGOT_PASSWORD=1,
|
||||
VERIFY_EMAIL
|
||||
VERIFY_EMAIL,
|
||||
SUB_FORGOT_PASSWORD,
|
||||
SUB_VERIFY_EMAIL
|
||||
};
|
||||
|
||||
struct ActionLink {
|
||||
@@ -253,5 +254,3 @@ namespace OpenWifi::SecurityObjects {
|
||||
bool from_json(Poco::JSON::Object::Ptr &Obj);
|
||||
};
|
||||
}
|
||||
|
||||
#endif //UCENTRAL_RESTAPI_SECURITYOBJECTS_H
|
||||
@@ -2,8 +2,7 @@
|
||||
// Created by stephane bourque on 2021-11-08.
|
||||
//
|
||||
|
||||
#ifndef OWSEC_STORAGE_ACTIONLINKS_H
|
||||
#define OWSEC_STORAGE_ACTIONLINKS_H
|
||||
#pragma once
|
||||
|
||||
#include <string>
|
||||
#include <vector>
|
||||
@@ -74,6 +73,3 @@ namespace OpenWifi {
|
||||
typedef std::vector <ActionLinkRecord> ActionLinkRecordList;
|
||||
|
||||
}
|
||||
|
||||
|
||||
#endif //OWSEC_STORAGE_ACTIONLINKS_H
|
||||
|
||||
@@ -2,8 +2,7 @@
|
||||
// Created by stephane bourque on 2021-07-15.
|
||||
//
|
||||
|
||||
#ifndef WLAN_CLOUD_UCENTRALSEC_STORAGE_AVATAR_H
|
||||
#define WLAN_CLOUD_UCENTRALSEC_STORAGE_AVATAR_H
|
||||
#pragma once
|
||||
|
||||
namespace OpenWifi {
|
||||
|
||||
@@ -37,6 +36,3 @@ namespace OpenWifi {
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
#endif //WLAN_CLOUD_UCENTRALSEC_STORAGE_AVATAR_H
|
||||
|
||||
@@ -2,8 +2,7 @@
|
||||
// Created by stephane bourque on 2021-11-16.
|
||||
//
|
||||
|
||||
#ifndef OWSEC_STORAGE_PREFERENCES_H
|
||||
#define OWSEC_STORAGE_PREFERENCES_H
|
||||
#pragma once
|
||||
|
||||
#include <string>
|
||||
#include <vector>
|
||||
@@ -35,5 +34,3 @@ namespace OpenWifi {
|
||||
typedef std::vector <PreferencesRecord> PreferencesRecordList;
|
||||
|
||||
}
|
||||
|
||||
#endif //OWSEC_STORAGE_PREFERENCES_H
|
||||
|
||||
@@ -2,8 +2,7 @@
|
||||
// Created by stephane bourque on 2021-11-08.
|
||||
//
|
||||
|
||||
#ifndef OWSEC_STORAGE_TOKENS_H
|
||||
#define OWSEC_STORAGE_TOKENS_H
|
||||
#pragma once
|
||||
|
||||
#include <string>
|
||||
#include <vector>
|
||||
@@ -26,5 +25,3 @@ namespace OpenWifi {
|
||||
|
||||
|
||||
}
|
||||
|
||||
#endif //OWSEC_STORAGE_TOKENS_H
|
||||
|
||||
Reference in New Issue
Block a user