VladislavOstapov/terminal-web-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

работающая авторизация

Browse Source
This commit is contained in:
Vladislav Ostapov 2024-11-05 10:33:52 +03:00
parent b561dedb2b
commit 0eacd76810
10 changed files with 150 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/auth/jwt.cpp
View File

@ -74,7 +74,7 @@ std::string http::auth::jwt::Jwt::getUsername() {
std::string http::auth::jwt::Jwt::asCookie() { std::string http::auth::jwt::Jwt::asCookie() {
signature = utils::sha256(this->payload + secretKey); signature = utils::sha256(this->payload + secretKey);
auto val = utils::b64Encode(payload) + "." + signature; auto val = utils::b64Encode(payload) + "." + signature;
return val + ";Path=/; Max-Age=86400; HttpOnly; SameSite=Lax"; return "auth=" + val + ";Path=/; Max-Age=86400; HttpOnly; SameSite=Lax";
} }
http::auth::jwt::Jwt::~Jwt() = default; http::auth::jwt::Jwt::~Jwt() = default;

10
src/auth/resources.cpp
View File

@ -5,7 +5,8 @@
#include "utils.h" #include "utils.h"
http::auth::User::User(const std::string &username, const std::string &passwordHash): username(username), passwordHash(passwordHash) {} http::auth::User::User(const std::string &username, const std::string &passwordHash): username(username),
passwordHash(passwordHash.empty() ? utils::sha256(username) : passwordHash) {}
bool http::auth::User::checkPassword(const std::string &pass) const { bool http::auth::User::checkPassword(const std::string &pass) const {
return utils::sha256(pass) == passwordHash; return utils::sha256(pass) == passwordHash;
@ -57,9 +58,7 @@ std::shared_ptr<http::auth::User> http::auth::AuthProvider::doAuth(const std::st
} }
std::shared_ptr<http::auth::User> http::auth::AuthProvider::getSession(const server::Request &req) { std::shared_ptr<http::auth::User> http::auth::AuthProvider::getSession(const server::Request &req) {
for (const auto& header: req.headers) { auto t = jwt::Jwt::fromCookies(req.getHeaderValue("cookie"));
if (boost::iequals(header.name, "cookie")) {
auto t = jwt::Jwt::fromCookies(header.value);
if (t.isValid()) { if (t.isValid()) {
const auto name = t.getUsername(); const auto name = t.getUsername();
// токен валидный, ищем юзера // токен валидный, ищем юзера
@ -68,11 +67,8 @@ std::shared_ptr<http::auth::User> http::auth::AuthProvider::getSession(const ser
return u; return u;
} }
} }
BOOST_LOG_TRIVIAL(warning) << "http::auth::AuthProvider::getSession(): Found valid session for a non-existent user " << name; BOOST_LOG_TRIVIAL(warning) << "http::auth::AuthProvider::getSession(): Found valid session for a non-existent user " << name;
} }
}
}
return nullptr; return nullptr;
} }

101
src/auth/utils.cpp
View File

@ -1,11 +1,13 @@
#include "utils.h" #include "utils.h"
#include <cassert>
#include <openssl/sha.h> #include <openssl/sha.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/bio.h>
#include <openssl/buffer.h> #include <openssl/buffer.h>
#include <string> #include <string>
#include <iomanip> #include <iomanip>
std::string http::utils::sha256(const std::string &payload) { std::string http::utils::sha256(const std::string &payload) {
// Вычисляем SHA256 хеш // Вычисляем SHA256 хеш
unsigned char hash[SHA256_DIGEST_LENGTH]; unsigned char hash[SHA256_DIGEST_LENGTH];
@ -19,37 +21,82 @@ std::string http::utils::sha256(const std::string &payload) {
return ss.str(); return ss.str();
} }
std::string http::utils::b64Encode(const std::string &payload) { inline std::string sha256AsB64(const std::string &payload) {
BIO *bio_mem = BIO_new(BIO_s_mem()); // Вычисляем SHA256 хеш
BIO *bio_b64 = BIO_new(BIO_f_base64()); unsigned char hash[SHA256_DIGEST_LENGTH];
bio_b64 = BIO_push(bio_b64, bio_mem); SHA256(reinterpret_cast<const unsigned char *>(payload.c_str()), payload.length(), hash);
return http::utils::b64Encode(reinterpret_cast<const char *>(hash), SHA256_DIGEST_LENGTH);
BIO_write(bio_b64, payload.c_str(), payload.length());
BIO_flush(bio_b64);
BUF_MEM *bptr = nullptr;
BIO_get_mem_data(bio_mem, &bptr);
std::string result(bptr->data, bptr->length);
BIO_free_all(bio_b64);
return result;
} }
std::string http::utils::b64Decode(const std::string &payload) { static const char b64_table[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
BIO *bio_mem = BIO_new(BIO_s_mem());
BIO *bio_b64 = BIO_new(BIO_f_base64());
bio_b64 = BIO_push(bio_b64, bio_mem);
BIO_write(bio_b64, payload.c_str(), static_cast<int>(payload.size())); std::string http::utils::b64Encode(const char* data, size_t size) {
BIO_flush(bio_b64); using ::std::string;
const int len = BIO_get_mem_data(bio_mem, NULL); // Use = signs so the end is properly padded.
char buffer[static_cast<size_t>(len)]; string retval((((size + 2) / 3) * 4), '=');
BIO_read(bio_mem, buffer, len); ::std::size_t outpos = 0;
int bits_collected = 0;
unsigned int accumulator = 0;
std::string result(buffer, static_cast<unsigned int>(len)); for (size_t index = 0; index < size; index++) {
BIO_free_all(bio_b64); const char i = *(data + index);
return result; accumulator = (accumulator << 8) | (i & 0xff);
bits_collected += 8;
while (bits_collected >= 6) {
bits_collected -= 6;
retval[outpos++] = b64_table[(accumulator >> bits_collected) & 0x3fu];
}
}
if (bits_collected > 0) {
// Any trailing bits that are missing.
assert(bits_collected < 6);
accumulator <<= 6 - bits_collected;
retval[outpos++] = b64_table[accumulator & 0x3fu];
}
assert(outpos >= (retval.size() - 2));
assert(outpos <= retval.size());
return retval;
}
std::string http::utils::b64Encode(const std::string &payload) {
return b64Encode(payload.c_str(), payload.size());
}
std::string http::utils::b64Decode(const std::string &ascdata) {
static const unsigned char reverse_table[128] = {
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 62, 64, 64, 64, 63,
52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 64, 64, 64, 64, 64, 64,
64, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 64, 64, 64, 64, 64,
64, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 64, 64, 64, 64, 64
};
using ::std::string;
string retval;
int bits_collected = 0;
unsigned int accumulator = 0;
for (const auto cd: ascdata) {
const auto c = static_cast<int>(cd);
if (::std::isspace(c) || c == '=') {
// Skip whitespace and padding. Be liberal in what you accept.
continue;
}
if ((c > 127) || (c < 0) || (reverse_table[c] > 63)) {
throw ::std::invalid_argument("This contains characters not legal in a base64 encoded string.");
}
accumulator = (accumulator << 6) | reverse_table[c];
bits_collected += 6;
if (bits_collected >= 8) {
bits_collected -= 8;
retval += static_cast<char>((accumulator >> bits_collected) & 0xffu);
}
}
return retval;
} }
std::map<std::string, std::string> http::utils::parseCookies(const std::string& cookieString) { std::map<std::string, std::string> http::utils::parseCookies(const std::string& cookieString) {

1
src/auth/utils.h
View File

@ -8,6 +8,7 @@ namespace http::utils {
std::string sha256(const std::string& payload); std::string sha256(const std::string& payload);
std::string sha256AsB64(const std::string& payload); std::string sha256AsB64(const std::string& payload);
std::string b64Encode(const char* data, size_t size);
std::string b64Encode(const std::string& payload); std::string b64Encode(const std::string& payload);
std::string b64Decode(const std::string& payload); std::string b64Decode(const std::string& payload);

7
src/main.cpp
View File

@ -134,17 +134,18 @@ public:
rep.headers.clear(); rep.headers.clear();
rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)}); rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)});
try { try {
std::istringstream is(req.body); std::istringstream is(std::string(req.payload.data(), req.payload.size()));
boost::property_tree::ptree pt; boost::property_tree::ptree pt;
boost::property_tree::read_json(is, pt); read_json(is, pt);
auto u = auth.doAuth(req); auto u = auth.doAuth(pt.get<std::string>("username"), pt.get<std::string>("password"), rep);
if (u == nullptr) { if (u == nullptr) {
throw std::runtime_error("invalid session"); throw std::runtime_error("invalid session");
} }
std::string result = R"({"redirect":"/"})"; std::string result = R"({"redirect":"/"})";
rep.content.insert(rep.content.end(), result.c_str(), result.c_str() + result.size()); rep.content.insert(rep.content.end(), result.c_str(), result.c_str() + result.size());
} catch (std::exception &e) { } catch (std::exception &e) {
BOOST_LOG_TRIVIAL(error) << e.what() << std::endl;
std::string result = R"({"error":"Неверный логин или пароль"})"; std::string result = R"({"error":"Неверный логин или пароль"})";
rep.content.insert(rep.content.end(), result.c_str(), result.c_str() + result.size()); rep.content.insert(rep.content.end(), result.c_str(), result.c_str() + result.size());
} }

11
src/server/connection.cpp
View File

@ -24,12 +24,7 @@ namespace http::server {
void Connection::doRead() { void Connection::doRead() {
request_parser_.reset(); request_parser_.reset();
request_.headers.clear(); request_.reset();
request_.method.clear();
request_.queryUri.clear();
if (request_.url != nullptr) {
request_.url.reset(nullptr);
}
auto self(shared_from_this()); auto self(shared_from_this());
socket_.async_read_some(boost::asio::buffer(buffer_), [this, self](boost::system::error_code ec, std::size_t bytes_transferred) { socket_.async_read_some(boost::asio::buffer(buffer_), [this, self](boost::system::error_code ec, std::size_t bytes_transferred) {
@ -98,9 +93,7 @@ namespace http::server {
get_lowest_layer(stream_).expires_after(std::chrono::seconds(30)); get_lowest_layer(stream_).expires_after(std::chrono::seconds(30));
request_parser_.reset(); request_parser_.reset();
request_.headers.clear(); request_.reset();
request_.method.clear();
request_.queryUri.clear();
auto self(shared_from_this()); auto self(shared_from_this());
stream_.async_read_some(boost::asio::buffer(buffer_), [this, self](boost::system::error_code ec, std::size_t bytes_transferred) { stream_.async_read_some(boost::asio::buffer(buffer_), [this, self](boost::system::error_code ec, std::size_t bytes_transferred) {

1
src/server/reply.cpp
View File

@ -221,7 +221,6 @@ namespace http::server {
void httpRedirect(Reply &rep, const std::string &location) { void httpRedirect(Reply &rep, const std::string &location) {
rep.status = see_other_redirect; rep.status = see_other_redirect;
rep.content.clear(); rep.content.clear();
rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::text_html)});
rep.headers.push_back({.name = "Location", .value = location}); rep.headers.push_back({.name = "Location", .value = location});
} }
} // namespace http::server } // namespace http::server

17
src/server/request.hpp
View File

@ -19,14 +19,23 @@ namespace http::server {
}; };
/// A request received from a client. /// A request received from a client.
struct Request { class Request {
public:
Request();
void reset();
std::string getHeaderValue(const std::string& headerName) const;
std::string method; std::string method;
std::string queryUri; std::string queryUri;
std::unique_ptr<Url> url; std::unique_ptr<Url> url;
bool is_keep_alive; bool is_keep_alive{};
int http_version_major; int http_version_major{};
int http_version_minor; int http_version_minor{};
std::vector<header> headers; std::vector<header> headers;
std::vector<char> payload;
~Request();
}; };
} // namespace http::Server } // namespace http::Server

40
src/server/request_parser.cpp
View File

@ -32,6 +32,32 @@ namespace http::server {
Url::~Url() = default; Url::~Url() = default;
Request::Request() = default;
void Request::reset() {
method = "";
queryUri = "";
if (url != nullptr) {
url.reset(nullptr);
}
is_keep_alive = false;
http_version_major = 0;
http_version_minor = 0;
headers.clear();
payload.clear();
}
std::string Request::getHeaderValue(const std::string &headerName) const {
for (const auto& header: headers) {
if (boost::iequals(header.name, headerName)) {
return header.value;
}
}
return "";
}
Request::~Request() = default;
RequestParser::RequestParser() RequestParser::RequestParser()
: state_(method_start) { : state_(method_start) {
@ -39,6 +65,7 @@ namespace http::server {
void RequestParser::reset() { void RequestParser::reset() {
state_ = method_start; state_ = method_start;
contentLenghtHeader = 0;
} }
RequestParser::result_type RequestParser::consume(Request &req, char input) { RequestParser::result_type RequestParser::consume(Request &req, char input) {
@ -216,9 +243,22 @@ namespace http::server {
case expecting_newline_3: case expecting_newline_3:
if (input == '\n') { if (input == '\n') {
req.url = std::make_unique<Url>(req.queryUri); req.url = std::make_unique<Url>(req.queryUri);
auto content_len = req.getHeaderValue("content-length");
if (content_len.empty()) {
return good; return good;
} }
contentLenghtHeader = std::stol(content_len);
state_ = expecting_payload;
return indeterminate;
}
return bad; return bad;
case expecting_payload:
req.payload.push_back(input);
if (req.payload.size() <= contentLenghtHeader - 1) {
return indeterminate;
}
return good;
default: default:
return bad; return bad;
} }

5
src/server/request_parser.hpp
View File

@ -73,8 +73,11 @@ namespace http::server {
space_before_header_value, space_before_header_value,
header_value, header_value,
expecting_newline_2, expecting_newline_2,
expecting_newline_3 expecting_newline_3,
expecting_payload
} state_; } state_;
size_t contentLenghtHeader = 0;
}; };
} // namespace http::Server } // namespace http::Server