VladislavOstapov/terminal-web-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

фича: автообновление сессии

Browse Source
This commit is contained in:
Vladislav Ostapov 2025-01-17 19:09:44 +03:00
parent a4214fd007
commit 3537965393
16 changed files with 170 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
CMakeLists.txt
View File

@ -25,7 +25,26 @@ else()
message(FATAL_ERROR "You must set `MODEM_TYPE` \"SCPC\" or \"TDMA\"!") message(FATAL_ERROR "You must set `MODEM_TYPE` \"SCPC\" or \"TDMA\"!")
endif() endif()
add_compile_options(-Wall -Wextra -Wsign-conversion) SET(PROJECT_GIT_REVISION "0")
FIND_PACKAGE(Git)
IF (GIT_FOUND)
EXECUTE_PROCESS (
COMMAND ${GIT_EXECUTABLE} rev-parse HEAD
WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}
OUTPUT_VARIABLE GIT_HEAD
# ERROR_VARIABLE ERROR_RESULT
# RESULT_VARIABLE INFO_RESULT
ERROR_QUIET
OUTPUT_STRIP_TRAILING_WHITESPACE
)
IF ( ${GIT_HEAD} MATCHES "^.+$" )
STRING ( SUBSTRING ${GIT_HEAD} 0 8 VERSION_REVISION )
SET ( PROJECT_GIT_REVISION ${VERSION_REVISION} )
ENDIF()
ENDIF()
add_compile_options(-Wall -Wextra -Wsign-conversion -DPROJECT_GIT_REVISION="${PROJECT_GIT_REVISION}")
# максимальный размер тела запроса 200mb # максимальный размер тела запроса 200mb
add_definitions(-DHTTP_MAX_PAYLOAD=200000000) add_definitions(-DHTTP_MAX_PAYLOAD=200000000)

2
front-generator/render-params.json
View File

@ -213,7 +213,7 @@
"values": [{"label": "РРУ", "value": "false"}, {"label": "АРУ", "value": "true"}] "values": [{"label": "РРУ", "value": "false"}, {"label": "АРУ", "value": "true"}]
}, },
{"widget": "number", "label": "Усиление, дБ", "name": "rxManualGain", "min": -40, "step": 0.01, "max": 40, "v_show": "paramRxtx.rxAgcEn === false"}, {"widget": "number", "label": "Усиление, дБ", "name": "rxManualGain", "min": -40, "step": 0.01, "max": 40, "v_show": "paramRxtx.rxAgcEn === false"},
{"widget": "watch", "label": "Текущее усиление", "model": "rxManualGain", "v_show": "paramRxtx.rxAgcEn === true"}, {"widget": "watch", "label": "Текущее усиление", "model": "paramRxtx.rxManualGain", "v_show": "paramRxtx.rxAgcEn === true"},
{"widget": "checkbox", "label": "Инверсия спектра", "name": "rxSpectrumInversion"}, {"widget": "checkbox", "label": "Инверсия спектра", "name": "rxSpectrumInversion"},
{"widget": "number", "label": "Центральная частота, КГц", "name": "rxCentralFreq", "min": 900000, "step": 0.01}, {"widget": "number", "label": "Центральная частота, КГц", "name": "rxCentralFreq", "min": 900000, "step": 0.01},
{"widget": "number", "label": "Символьная скорость, Бод", "name": "rxBaudrate", "min": 0, "step": 1}, {"widget": "number", "label": "Символьная скорость, Бод", "name": "rxBaudrate", "min": 0, "step": 1},

2
front-generator/template/common/all-params-methods.js.j2
View File

@ -12,7 +12,7 @@
} }
this.submitStatus.{{ g['group'] }} = true this.submitStatus.{{ g['group'] }} = true
fetch('/api/set/{{ g["group"] }}', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query) }) fetch('/api/set/{{ g["group"] }}', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query), credentials: 'same-origin' })
.then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.update{{ g['group'] | title }}Settings(vals) }) .then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.update{{ g['group'] | title }}Settings(vals) })
.catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) }) .catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) })
.finally(() => { this.submitStatus.{{ g['group'] }} = false }) .finally(() => { this.submitStatus.{{ g['group'] }} = false })

2
front-generator/template/common/monitoring-methods.js.j2
View File

@ -93,7 +93,7 @@
resetPacketsStatistics() { resetPacketsStatistics() {
fetch('/api/resetPacketStatistics', { fetch('/api/resetPacketStatistics', {
method: 'POST' method: 'POST', credentials: 'same-origin'
}).then(() => { }).then(() => {
this.statRx.packetsOk = 0 this.statRx.packetsOk = 0
this.statRx.packetsBad = 0 this.statRx.packetsBad = 0

2
front-generator/template/common/qos-methods.js.j2
View File

@ -60,7 +60,7 @@
headers: { headers: {
'Content-Type': 'application/json' 'Content-Type': 'application/json'
}, },
body: JSON.stringify(query) body: JSON.stringify(query), credentials: 'same-origin'
}).then(async (resp) => { }).then(async (resp) => {
this.submitStatusQos = false this.submitStatusQos = false
if (resp['error']) { throw new Error(resp['error']) } if (resp['error']) { throw new Error(resp['error']) }

2
front-generator/template/main.html
View File

@ -191,7 +191,7 @@
} }
} else { } else {
try { try {
let d = await fetch("/api/get/statistics") let d = await fetch("/api/get/statistics", { credentials: 'same-origin' })
this.updateStatistics(await d.json()) this.updateStatistics(await d.json())
} catch (e) { } catch (e) {
this.initState = "Ошибка обновления статистики" this.initState = "Ошибка обновления статистики"

106
src/auth/jwt.cpp
View File

@ -1,8 +1,15 @@
#include "jwt.h" #include "jwt.h"
#include <random> #include <random>
#include "utils.h" #include "utils.h"
#include <sys/time.h>
static int64_t milliseconds() {
timeval tv{};
gettimeofday(&tv,nullptr);
return ((tv.tv_sec * 1000000l) + tv.tv_usec) / 1000;
}
std::string http::auth::jwt::secretKey; std::string http::auth::jwt::secretKey;
void http::auth::jwt::generateSecretKey() { void http::auth::jwt::generateSecretKey() {
@ -16,37 +23,45 @@ void http::auth::jwt::generateSecretKey() {
} }
} }
// payload, signature
static std::pair<std::string, std::string> parseJwtFromCookie(const std::string& input) {
std::string val1, val2;
size_t dotPos = input.find('.');
// Если точка найдена
if (dotPos != std::string::npos) {
val1 = input.substr(0, dotPos);
// Если в val1 есть еще точки, нужно найти последнюю точку
size_t lastDotPos = val1.find_last_of('.');
if (lastDotPos != std::string::npos) {
val1 = val1.substr(0, lastDotPos + 1);
}
val2 = input.substr(dotPos + 1);
} else {
// Точка не найдена, val1 - вся строка
val1 = input;
}
return std::make_pair(http::utils::b64Decode(val1), val2);
}
http::auth::jwt::Jwt http::auth::jwt::Jwt::fromCookies(const std::string &cookie) { http::auth::jwt::Jwt http::auth::jwt::Jwt::fromCookies(const std::string &cookie) {
auto pc = utils::parseCookies(cookie); auto pc = utils::parseCookies(cookie);
Jwt t; Jwt t;
if (pc.find("auth") != pc.end()) { if (pc.find("auth") != pc.end()) {
auto tmp = parseJwtFromCookie(pc.at("auth")); const auto auth = pc.at("auth");
t.payload = tmp.first; int firstDot = -1;
t.signature = tmp.second; int secondDot = -1;
for (size_t i = 0; i < auth.size(); i++) {
if (auth[i] == '.') {
if (firstDot < 0) { firstDot = static_cast<int>(i); }
else if (secondDot < 0) { secondDot = static_cast<int>(i); }
else {
// так быть не должно
return t;
}
}
}
if (firstDot < 0 || secondDot < 0 || secondDot - firstDot == 0) {
// так тоже быть не должно
return t;
}
try {
t.payload = auth.substr(0, firstDot);
t.signature = auth.substr(secondDot + 1);
t.lastUpdate = std::stol(auth.substr(firstDot + 1, secondDot - firstDot - 1));
// теперь проверим, что сигнатура верная, только тогда декодируем строку юзера
auto realSignature = utils::sha256(t.payload + std::to_string(t.lastUpdate) + secretKey);
if (t.signature != realSignature) {
t.payload.clear();
} else {
t.payload = utils::b64Decode(t.payload);
}
} catch (std::exception& e) {
t.payload.clear();
t.lastUpdate = 0;
t.signature.clear();
}
} }
return t; return t;
@ -55,6 +70,7 @@ http::auth::jwt::Jwt http::auth::jwt::Jwt::fromCookies(const std::string &cookie
http::auth::jwt::Jwt http::auth::jwt::Jwt::fromUser(const std::string &user) { http::auth::jwt::Jwt http::auth::jwt::Jwt::fromUser(const std::string &user) {
Jwt t; Jwt t;
t.payload = user; t.payload = user;
t.lastUpdate = milliseconds();
return t; return t;
} }
@ -63,18 +79,40 @@ bool http::auth::jwt::Jwt::isValid() {
return false; return false;
} }
auto realSignature = utils::sha256(this->payload + secretKey); // проверка сигнатуры не нужна, она была на стадии парсинга куки
return signature == realSignature; // auto realSignature = utils::sha256(utils::b64Encode(this->payload) + std::to_string(this->lastUpdate) + secretKey);
// if (signature != realSignature) {
// return false;
// }
const auto currTime = milliseconds();
return currTime <= lastUpdate + SESSION_LIVE_MS && currTime >= lastUpdate;
} }
std::string http::auth::jwt::Jwt::getUsername() { std::string http::auth::jwt::Jwt::getUsername() {
return payload; return payload;
} }
std::string http::auth::jwt::Jwt::asCookie() { std::string http::auth::jwt::Jwt::asCookie(bool isSecure) {
signature = utils::sha256(this->payload + secretKey); this->lastUpdate = milliseconds();
auto val = utils::b64Encode(payload) + "." + signature; const auto uTime = std::to_string(this->lastUpdate);
return "auth=" + val + ";Path=/; Max-Age=86400; HttpOnly; SameSite=Lax"; const auto encodedPayload = utils::b64Encode(payload);
signature = utils::sha256(encodedPayload + uTime + secretKey);
const auto val = encodedPayload + "." + uTime + "." + signature;
std::string cookie = "auth=";
cookie += val;
cookie += ";Path=/; Max-Age=";
cookie += std::to_string(SESSION_LIVE_MS / 1000);
if (isSecure) {
cookie += "; Secure";
}
cookie += "; HttpOnly; SameSite=Lax";
return cookie;
}
bool http::auth::jwt::Jwt::needUpdate() const {
return milliseconds() >= lastUpdate + SESSION_UPDATE_THRESHOLD;
} }
http::auth::jwt::Jwt::~Jwt() = default; http::auth::jwt::Jwt::~Jwt() = default;

10
src/auth/jwt.h
View File

@ -6,7 +6,10 @@
namespace http::auth::jwt { namespace http::auth::jwt {
extern std::string secretKey; extern std::string secretKey;
constexpr const char* EMPTY_AUTH_COOKIE = "auth=;Path=/; Max-Age=86400; HttpOnly; SameSite=Lax";; constexpr const char* EMPTY_AUTH_COOKIE = "auth=;Path=/; Max-Age=86400; HttpOnly; SameSite=Lax";
constexpr int64_t SESSION_LIVE_MS = 24 * 60 * 60 * 1000; // 24 часа
constexpr int64_t SESSION_UPDATE_THRESHOLD = 10 * 60 * 1000; // 10 минут
void generateSecretKey(); void generateSecretKey();
@ -17,6 +20,7 @@ namespace http::auth::jwt {
*/ */
class Jwt { class Jwt {
std::string payload; std::string payload;
int64_t lastUpdate = 0;
std::string signature; std::string signature;
public: public:
static Jwt fromCookies(const std::string& cookie); static Jwt fromCookies(const std::string& cookie);
@ -26,7 +30,9 @@ namespace http::auth::jwt {
std::string getUsername(); std::string getUsername();
std::string asCookie(); std::string asCookie(bool isSecure = false);
bool needUpdate() const;
~Jwt(); ~Jwt();
}; };

12
src/auth/resources.cpp
View File

@ -44,12 +44,12 @@ http::auth::User::~User() = default;
http::auth::AuthProvider::AuthProvider() = default; http::auth::AuthProvider::AuthProvider() = default;
std::shared_ptr<http::auth::User> http::auth::AuthProvider::doAuth(const std::string &username, const std::string &password, server::Reply &rep) { std::shared_ptr<http::auth::User> http::auth::AuthProvider::doAuth(const std::string &username, const std::string &password, const server::Request &req, server::Reply &rep) {
for (const auto& u: users) { for (const auto& u: users) {
if (u->username == username) { if (u->username == username) {
if (u->checkPassword(password)) { if (u->checkPassword(password)) {
auto t = jwt::Jwt::fromUser(u->username); auto t = jwt::Jwt::fromUser(u->username);
rep.headers.push_back({.name = "Set-Cookie", .value = t.asCookie()}); rep.headers.push_back({.name = "Set-Cookie", .value = t.asCookie(req.isSecure)});
return u; return u;
} }
BOOST_LOG_TRIVIAL(warning) << "http::auth::AuthProvider::doAuth(): Failed to login " << username << ", password: " << password << " (incorrect password)"; BOOST_LOG_TRIVIAL(warning) << "http::auth::AuthProvider::doAuth(): Failed to login " << username << ", password: " << password << " (incorrect password)";
@ -60,13 +60,17 @@ std::shared_ptr<http::auth::User> http::auth::AuthProvider::doAuth(const std::st
return nullptr; return nullptr;
} }
std::shared_ptr<http::auth::User> http::auth::AuthProvider::getSession(const server::Request &req) { std::shared_ptr<http::auth::User> http::auth::AuthProvider::getSession(const server::Request &req, server::Reply &rep) {
auto t = jwt::Jwt::fromCookies(req.getHeaderValue("cookie")); auto t = jwt::Jwt::fromCookies(req.getHeaderValue("cookie"));
if (t.isValid()) { if (t.isValid()) {
const auto name = t.getUsername(); const auto name = t.getUsername();
// токен валидный, ищем юзера // токен валидный, ищем юзера
for (auto& u: users) { for (auto& u: users) {
if (u->username == name) { if (u->username == name) {
// на всякий случай тут проверяем, что токен пора обновлять
if (t.needUpdate()) {
rep.headers.push_back({.name = "Set-Cookie", .value = t.asCookie(req.isSecure)});
}
return u; return u;
} }
} }
@ -84,7 +88,7 @@ http::auth::AuthRequiredResource::AuthRequiredResource(const std::string &path,
BasicResource(path), provider_(provider), generator_(std::move(generator)), perms(perms) {} BasicResource(path), provider_(provider), generator_(std::move(generator)), perms(perms) {}
void http::auth::AuthRequiredResource::handle(const server::Request &req, server::Reply &rep) { void http::auth::AuthRequiredResource::handle(const server::Request &req, server::Reply &rep) {
if (auto user = this->provider_.getSession(req)) { if (auto user = this->provider_.getSession(req, rep)) {
if (user->checkPremisions(this->perms)) { if (user->checkPremisions(this->perms)) {
this->generator_(req, rep); this->generator_(req, rep);
return; return;

7
src/auth/resources.h
View File

@ -70,20 +70,23 @@ namespace http::auth {
* @note Класс устанавливает заголовок 'Set-Cookie' в ответе, и этот заголовок должен дойти до пользователя! * @note Класс устанавливает заголовок 'Set-Cookie' в ответе, и этот заголовок должен дойти до пользователя!
*/ */
class AuthProvider { class AuthProvider {
void updateSessionHook();
public: public:
AuthProvider(); AuthProvider();
/** /**
* Авторизовать пользователя. * Авторизовать пользователя.
* *
* @param req
* @param rep * @param rep
* @return true, в случае успешной авторизации * @return true, в случае успешной авторизации
*/ */
std::shared_ptr<http::auth::User> doAuth(const std::string &username, const std::string &password, server::Reply &rep); std::shared_ptr<http::auth::User> doAuth(const std::string &username, const std::string &password, const server::Request &req, server::Reply &rep);
std::vector<std::shared_ptr<User>> users; std::vector<std::shared_ptr<User>> users;
std::shared_ptr<User> getSession(const server::Request &req); std::shared_ptr<User> getSession(const server::Request &req, server::Reply &rep);
~AuthProvider(); ~AuthProvider();
}; };

29
src/main.cpp
View File

@ -147,7 +147,7 @@ public:
void registerResources(http::server::Server& s) { void registerResources(http::server::Server& s) {
s.resources.emplace_back(std::make_unique<http::resource::GenericResource>("/", [this](const auto& req, auto& rep) { s.resources.emplace_back(std::make_unique<http::resource::GenericResource>("/", [this](const auto& req, auto& rep) {
auto user = auth.getSession(req); auto user = auth.getSession(req, rep);
if (user == nullptr) { if (user == nullptr) {
http::server::httpRedirect(rep, "/login"); http::server::httpRedirect(rep, "/login");
} else { } else {
@ -157,7 +157,7 @@ public:
s.resources.emplace_back(std::make_unique<http::resource::GenericResource>("/login", [this](const auto& req, auto& rep) { s.resources.emplace_back(std::make_unique<http::resource::GenericResource>("/login", [this](const auto& req, auto& rep) {
if (req.method == "GET") { if (req.method == "GET") {
auto user = auth.getSession(req); auto user = auth.getSession(req, rep);
if (user == nullptr) { if (user == nullptr) {
sf->serve(LOGIN_HTML, rep); sf->serve(LOGIN_HTML, rep);
} else { } else {
@ -172,7 +172,7 @@ public:
boost::property_tree::ptree pt; boost::property_tree::ptree pt;
read_json(is, pt); read_json(is, pt);
auto u = auth.doAuth(pt.get<std::string>("username"), pt.get<std::string>("password"), rep); auto u = auth.doAuth(pt.get<std::string>("username"), pt.get<std::string>("password"), req, rep);
if (u == nullptr) { if (u == nullptr) {
throw std::runtime_error("invalid session"); throw std::runtime_error("invalid session");
} }
@ -206,10 +206,10 @@ public:
s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/get/statistics", this->auth, http::auth::User::WATCH_STATISTICS, [this](const auto& req, auto& rep) { s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/get/statistics", this->auth, http::auth::User::WATCH_STATISTICS, [this](const auto& req, auto& rep) {
if (req.method != "GET") { if (req.method != "GET") {
http::server::stockReply(http::server::bad_request, rep); http::server::stockReply(http::server::bad_request, rep);
return;
} }
rep.status = http::server::ok; rep.status = http::server::ok;
rep.headers.clear();
rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)}); rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)});
std::string result = R"({"mainState":)"; std::string result = R"({"mainState":)";
result += api->loadTerminalState(); result += api->loadTerminalState();
@ -222,10 +222,10 @@ public:
s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/get/settings", this->auth, http::auth::User::WATCH_SETTINGS, [this](const auto& req, auto& rep) { s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/get/settings", this->auth, http::auth::User::WATCH_SETTINGS, [this](const auto& req, auto& rep) {
if (req.method != "GET") { if (req.method != "GET") {
http::server::stockReply(http::server::bad_request, rep); http::server::stockReply(http::server::bad_request, rep);
return;
} }
rep.status = http::server::ok; rep.status = http::server::ok;
rep.headers.clear();
rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)}); rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)});
std::string result = R"({"settings":)"; std::string result = R"({"settings":)";
result += api->loadSettings(); result += api->loadSettings();
@ -236,10 +236,10 @@ public:
s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/get/aboutFirmware", this->auth, 0, [this](const auto& req, auto& rep) { s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/get/aboutFirmware", this->auth, 0, [this](const auto& req, auto& rep) {
if (req.method != "GET") { if (req.method != "GET") {
http::server::stockReply(http::server::bad_request, rep); http::server::stockReply(http::server::bad_request, rep);
return;
} }
rep.status = http::server::ok; rep.status = http::server::ok;
rep.headers.clear();
rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)}); rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)});
const auto result = api->loadFirmwareVersion(); const auto result = api->loadFirmwareVersion();
rep.content.insert(rep.content.end(), result.c_str(), result.c_str() + result.size()); rep.content.insert(rep.content.end(), result.c_str(), result.c_str() + result.size());
@ -248,11 +248,11 @@ public:
s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/resetPacketStatistics", this->auth, http::auth::User::RESET_PACKET_STATISTICS, [this](const auto& req, auto& rep) { s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/resetPacketStatistics", this->auth, http::auth::User::RESET_PACKET_STATISTICS, [this](const auto& req, auto& rep) {
if (req.method != "POST") { if (req.method != "POST") {
http::server::stockReply(http::server::bad_request, rep); http::server::stockReply(http::server::bad_request, rep);
return;
} }
api->resetPacketStatistics(); api->resetPacketStatistics();
rep.status = http::server::ok; rep.status = http::server::ok;
rep.headers.clear();
rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)}); rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)});
const std::string result = R"({"status":"ok")"; const std::string result = R"({"status":"ok")";
rep.content.insert(rep.content.end(), result.c_str(), result.c_str() + result.size()); rep.content.insert(rep.content.end(), result.c_str(), result.c_str() + result.size());
@ -261,10 +261,10 @@ public:
s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/set/qos", this->auth, http::auth::User::SETUP_QOS, [this](const auto& req, auto& rep) { s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/set/qos", this->auth, http::auth::User::SETUP_QOS, [this](const auto& req, auto& rep) {
if (req.method != "POST") { if (req.method != "POST") {
http::server::stockReply(http::server::bad_request, rep); http::server::stockReply(http::server::bad_request, rep);
return;
} }
rep.status = http::server::ok; rep.status = http::server::ok;
rep.headers.clear();
rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)}); rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)});
try { try {
@ -289,10 +289,10 @@ public:
s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/set/buclnb", this->auth, http::auth::User::SUPERUSER, [this](const auto& req, auto& rep) { s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/set/buclnb", this->auth, http::auth::User::SUPERUSER, [this](const auto& req, auto& rep) {
if (req.method != "POST") { if (req.method != "POST") {
http::server::stockReply(http::server::bad_request, rep); http::server::stockReply(http::server::bad_request, rep);
return;
} }
rep.status = http::server::ok; rep.status = http::server::ok;
rep.headers.clear();
rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)}); rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)});
try { try {
@ -317,10 +317,10 @@ public:
s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/set/cinc", this->auth, http::auth::User::EDIT_SETTINGS, [this](const auto& req, auto& rep) { s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/set/cinc", this->auth, http::auth::User::EDIT_SETTINGS, [this](const auto& req, auto& rep) {
if (req.method != "POST") { if (req.method != "POST") {
http::server::stockReply(http::server::bad_request, rep); http::server::stockReply(http::server::bad_request, rep);
return;
} }
rep.status = http::server::ok; rep.status = http::server::ok;
rep.headers.clear();
rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)}); rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)});
try { try {
@ -345,10 +345,10 @@ public:
s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/set/rxtx", this->auth, http::auth::User::EDIT_SETTINGS, [this](const auto& req, auto& rep) { s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/set/rxtx", this->auth, http::auth::User::EDIT_SETTINGS, [this](const auto& req, auto& rep) {
if (req.method != "POST") { if (req.method != "POST") {
http::server::stockReply(http::server::bad_request, rep); http::server::stockReply(http::server::bad_request, rep);
return;
} }
rep.status = http::server::ok; rep.status = http::server::ok;
rep.headers.clear();
rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)}); rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)});
try { try {
@ -373,10 +373,10 @@ public:
s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/set/network", this->auth, http::auth::User::EDIT_SETTINGS, [this](const auto& req, auto& rep) { s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/set/network", this->auth, http::auth::User::EDIT_SETTINGS, [this](const auto& req, auto& rep) {
if (req.method != "POST") { if (req.method != "POST") {
http::server::stockReply(http::server::bad_request, rep); http::server::stockReply(http::server::bad_request, rep);
return;
} }
rep.status = http::server::ok; rep.status = http::server::ok;
rep.headers.clear();
rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)}); rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)});
try { try {
@ -401,9 +401,9 @@ public:
s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/reboot", this->auth, 0, [this](const auto& req, auto& rep) { s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/reboot", this->auth, 0, [this](const auto& req, auto& rep) {
if (req.method != "POST") { if (req.method != "POST") {
http::server::stockReply(http::server::bad_request, rep); http::server::stockReply(http::server::bad_request, rep);
return;
} }
rep.status = http::server::ok; rep.status = http::server::ok;
rep.headers.clear();
rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)}); rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)});
const std::string result = R"({"status":"ok"})"; const std::string result = R"({"status":"ok"})";
rep.content.insert(rep.content.end(), result.c_str(), result.c_str() + result.size()); rep.content.insert(rep.content.end(), result.c_str(), result.c_str() + result.size());
@ -413,9 +413,9 @@ public:
s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/resetSettings", this->auth, http::auth::User::SUPERUSER, [this](const auto& req, auto& rep) { s.resources.emplace_back(std::make_unique<http::auth::AuthRequiredResource>("/api/resetSettings", this->auth, http::auth::User::SUPERUSER, [this](const auto& req, auto& rep) {
if (req.method != "POST") { if (req.method != "POST") {
http::server::stockReply(http::server::bad_request, rep); http::server::stockReply(http::server::bad_request, rep);
return;
} }
rep.status = http::server::ok; rep.status = http::server::ok;
rep.headers.clear();
rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)}); rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)});
const std::string result = R"({"status":"ok"})"; const std::string result = R"({"status":"ok"})";
rep.content.insert(rep.content.end(), result.c_str(), result.c_str() + result.size()); rep.content.insert(rep.content.end(), result.c_str(), result.c_str() + result.size());
@ -431,7 +431,6 @@ public:
onUploadFirmware(req); onUploadFirmware(req);
rep.status = http::server::ok; rep.status = http::server::ok;
rep.headers.clear();
rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)}); rep.headers.push_back({.name = "Content-Type", .value = toString(mime_types::json)});
std::string result = R"({"status":"ok","fwsize":)"; std::string result = R"({"status":"ok","fwsize":)";
result += std::to_string(req.payload.size()); result += std::to_string(req.payload.size());

14
src/server/connection.cpp
View File

@ -6,10 +6,14 @@
namespace http::server { namespace http::server {
const char* SERVER_HEADER_VALUE = "TerminalWebServer v0.1"; const char* SERVER_HEADER_VALUE = "TerminalWebServer"
#ifdef PROJECT_GIT_REVISION
" " PROJECT_GIT_REVISION
#endif
;
Connection::Connection(boost::asio::ip::tcp::socket socket, ConnectionManager &manager, request_handler handler) Connection::Connection(boost::asio::ip::tcp::socket socket, ConnectionManager &manager, request_handler handler)
: socket_(std::move(socket)), connection_manager_(manager), request_handler_(std::move(handler)), request_(), reply_() { : socket_(std::move(socket)), connection_manager_(manager), request_handler_(std::move(handler)), request_(false), reply_() {
} }
void Connection::start() { void Connection::start() {
@ -51,7 +55,7 @@ namespace http::server {
void Connection::doWrite() { void Connection::doWrite() {
reply_.headers.push_back({.name = "Server", .value = SERVER_HEADER_VALUE}); reply_.headers.push_back({.name = "Server", .value = SERVER_HEADER_VALUE});
reply_.headers.push_back({.name = "Content-Length", .value = std::to_string(reply_.content.size())}); reply_.headers.push_back({.name = "Content-Length", .value = std::to_string(reply_.content.size())});
if (request_.http_version_major == 1) { if (request_.httpVersionMajor == 1) {
reply_.headers.push_back({.name = "Connection", .value = "keep-alive"}); reply_.headers.push_back({.name = "Connection", .value = "keep-alive"});
} }
@ -71,7 +75,7 @@ namespace http::server {
} }
SslConnection::SslConnection(boost::asio::ip::tcp::socket socket, ConnectionManager &manager, request_handler handler, const std::shared_ptr<boost::asio::ssl::context>& ctx): SslConnection::SslConnection(boost::asio::ip::tcp::socket socket, ConnectionManager &manager, request_handler handler, const std::shared_ptr<boost::asio::ssl::context>& ctx):
stream_(std::move(socket), *ctx), connection_manager_(manager), request_handler_(std::move(handler)), request_(), reply_() { stream_(std::move(socket), *ctx), connection_manager_(manager), request_handler_(std::move(handler)), request_(true), reply_() {
} }
void SslConnection::start() { void SslConnection::start() {
@ -125,7 +129,7 @@ namespace http::server {
void SslConnection::doWrite() { void SslConnection::doWrite() {
reply_.headers.push_back({.name = "Server", .value = SERVER_HEADER_VALUE}); reply_.headers.push_back({.name = "Server", .value = SERVER_HEADER_VALUE});
reply_.headers.push_back({.name = "Content-Length", .value = std::to_string(reply_.content.size())}); reply_.headers.push_back({.name = "Content-Length", .value = std::to_string(reply_.content.size())});
if (request_.http_version_major == 1) { if (request_.httpVersionMajor == 1) {
reply_.headers.push_back({.name = "Connection", .value = "keep-alive"}); reply_.headers.push_back({.name = "Connection", .value = "keep-alive"});
} }

9
src/server/request.hpp
View File

@ -21,7 +21,7 @@ namespace http::server {
/// A request received from a client. /// A request received from a client.
class Request { class Request {
public: public:
Request(); Request(bool secure);
void reset(); void reset();
std::string getHeaderValue(const std::string& headerName) const; std::string getHeaderValue(const std::string& headerName) const;
@ -29,9 +29,10 @@ namespace http::server {
std::string method; std::string method;
std::string queryUri; std::string queryUri;
std::unique_ptr<Url> url; std::unique_ptr<Url> url;
bool is_keep_alive{}; bool isKeepAlive{};
int http_version_major{}; const bool isSecure;
int http_version_minor{}; int httpVersionMajor{};
int httpVersionMinor{};
std::vector<header> headers; std::vector<header> headers;
std::vector<char> payload; std::vector<char> payload;

20
src/server/request_parser.cpp
View File

@ -51,7 +51,7 @@ namespace http::server {
Url::~Url() = default; Url::~Url() = default;
Request::Request() = default; Request::Request(bool secure): isSecure(secure) {}
void Request::reset() { void Request::reset() {
method = ""; method = "";
@ -59,9 +59,9 @@ namespace http::server {
if (url != nullptr) { if (url != nullptr) {
url.reset(nullptr); url.reset(nullptr);
} }
is_keep_alive = false; isKeepAlive = false;
http_version_major = 0; httpVersionMajor = 0;
http_version_minor = 0; httpVersionMinor = 0;
headers.clear(); headers.clear();
payload.clear(); payload.clear();
} }
@ -151,8 +151,8 @@ namespace http::server {
} }
case http_version_slash: case http_version_slash:
if (input == '/') { if (input == '/') {
req.http_version_major = 0; req.httpVersionMajor = 0;
req.http_version_minor = 0; req.httpVersionMinor = 0;
state_ = http_version_major_start; state_ = http_version_major_start;
return indeterminate; return indeterminate;
} else { } else {
@ -160,7 +160,7 @@ namespace http::server {
} }
case http_version_major_start: case http_version_major_start:
if (is_digit(input)) { if (is_digit(input)) {
req.http_version_major = req.http_version_major * 10 + input - '0'; req.httpVersionMajor = req.httpVersionMajor * 10 + input - '0';
state_ = http_version_major; state_ = http_version_major;
return indeterminate; return indeterminate;
} else { } else {
@ -171,14 +171,14 @@ namespace http::server {
state_ = http_version_minor_start; state_ = http_version_minor_start;
return indeterminate; return indeterminate;
} else if (is_digit(input)) { } else if (is_digit(input)) {
req.http_version_major = req.http_version_major * 10 + input - '0'; req.httpVersionMajor = req.httpVersionMajor * 10 + input - '0';
return indeterminate; return indeterminate;
} else { } else {
return bad; return bad;
} }
case http_version_minor_start: case http_version_minor_start:
if (is_digit(input)) { if (is_digit(input)) {
req.http_version_minor = req.http_version_minor * 10 + input - '0'; req.httpVersionMinor = req.httpVersionMinor * 10 + input - '0';
state_ = http_version_minor; state_ = http_version_minor;
return indeterminate; return indeterminate;
} else { } else {
@ -189,7 +189,7 @@ namespace http::server {
state_ = expecting_newline_1; state_ = expecting_newline_1;
return indeterminate; return indeterminate;
} else if (is_digit(input)) { } else if (is_digit(input)) {
req.http_version_minor = req.http_version_minor * 10 + input - '0'; req.httpVersionMinor = req.httpVersionMinor * 10 + input - '0';
return indeterminate; return indeterminate;
} else { } else {
return bad; return bad;

18
static/main-scpc.html
View File

@ -269,7 +269,7 @@
</select> </select>
</label> </label>
<label v-show="paramRxtx.rxAgcEn === false"><span>Усиление, дБ</span><input type="number" v-model="paramRxtx.rxManualGain" min="-40" max="40" step="0.01"/></label> <label v-show="paramRxtx.rxAgcEn === false"><span>Усиление, дБ</span><input type="number" v-model="paramRxtx.rxManualGain" min="-40" max="40" step="0.01"/></label>
<label v-show="paramRxtx.rxAgcEn === true"><span>Текущее усиление</span><input type="text" readonly v-model="rxManualGain"/></label> <label v-show="paramRxtx.rxAgcEn === true"><span>Текущее усиление</span><input type="text" readonly v-model="paramRxtx.rxManualGain"/></label>
<label> <label>
<span>Инверсия спектра</span> <span>Инверсия спектра</span>
<span class="toggle-input"><input type="checkbox" v-model="paramRxtx.rxSpectrumInversion" /><span class="slider"></span></span> <span class="toggle-input"><input type="checkbox" v-model="paramRxtx.rxSpectrumInversion" /><span class="slider"></span></span>
@ -774,7 +774,7 @@
} }
this.submitStatus.rxtx = true this.submitStatus.rxtx = true
fetch('/api/set/rxtx', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query) }) fetch('/api/set/rxtx', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query), credentials: 'same-origin' })
.then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateRxtxSettings(vals) }) .then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateRxtxSettings(vals) })
.catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) }) .catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) })
.finally(() => { this.submitStatus.rxtx = false }) .finally(() => { this.submitStatus.rxtx = false })
@ -793,7 +793,7 @@
} }
this.submitStatus.cinc = true this.submitStatus.cinc = true
fetch('/api/set/cinc', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query) }) fetch('/api/set/cinc', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query), credentials: 'same-origin' })
.then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateCincSettings(vals) }) .then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateCincSettings(vals) })
.catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) }) .catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) })
.finally(() => { this.submitStatus.cinc = false }) .finally(() => { this.submitStatus.cinc = false })
@ -812,7 +812,7 @@
} }
this.submitStatus.buclnb = true this.submitStatus.buclnb = true
fetch('/api/set/buclnb', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query) }) fetch('/api/set/buclnb', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query), credentials: 'same-origin' })
.then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateBuclnbSettings(vals) }) .then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateBuclnbSettings(vals) })
.catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) }) .catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) })
.finally(() => { this.submitStatus.buclnb = false }) .finally(() => { this.submitStatus.buclnb = false })
@ -826,7 +826,7 @@
} }
this.submitStatus.tcpaccel = true this.submitStatus.tcpaccel = true
fetch('/api/set/tcpaccel', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query) }) fetch('/api/set/tcpaccel', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query), credentials: 'same-origin' })
.then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateTcpaccelSettings(vals) }) .then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateTcpaccelSettings(vals) })
.catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) }) .catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) })
.finally(() => { this.submitStatus.tcpaccel = false }) .finally(() => { this.submitStatus.tcpaccel = false })
@ -843,7 +843,7 @@
} }
this.submitStatus.network = true this.submitStatus.network = true
fetch('/api/set/network', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query) }) fetch('/api/set/network', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query), credentials: 'same-origin' })
.then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateNetworkSettings(vals) }) .then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateNetworkSettings(vals) })
.catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) }) .catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) })
.finally(() => { this.submitStatus.network = false }) .finally(() => { this.submitStatus.network = false })
@ -1001,7 +1001,7 @@
resetPacketsStatistics() { resetPacketsStatistics() {
fetch('/api/resetPacketStatistics', { fetch('/api/resetPacketStatistics', {
method: 'POST' method: 'POST', credentials: 'same-origin'
}).then(() => { }).then(() => {
this.statRx.packetsOk = 0 this.statRx.packetsOk = 0
this.statRx.packetsBad = 0 this.statRx.packetsBad = 0
@ -1075,7 +1075,7 @@
headers: { headers: {
'Content-Type': 'application/json' 'Content-Type': 'application/json'
}, },
body: JSON.stringify(query) body: JSON.stringify(query), credentials: 'same-origin'
}).then(async (resp) => { }).then(async (resp) => {
this.submitStatusQos = false this.submitStatusQos = false
if (resp['error']) { throw new Error(resp['error']) } if (resp['error']) { throw new Error(resp['error']) }
@ -1327,7 +1327,7 @@
} }
} else { } else {
try { try {
let d = await fetch("/api/get/statistics") let d = await fetch("/api/get/statistics", { credentials: 'same-origin' })
this.updateStatistics(await d.json()) this.updateStatistics(await d.json())
} catch (e) { } catch (e) {
this.initState = "Ошибка обновления статистики" this.initState = "Ошибка обновления статистики"

10
static/main-tdma.html
View File

@ -435,7 +435,7 @@
} }
this.submitStatus.rxtx = true this.submitStatus.rxtx = true
fetch('/api/set/rxtx', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query) }) fetch('/api/set/rxtx', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query), credentials: 'same-origin' })
.then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateRxtxSettings(vals) }) .then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateRxtxSettings(vals) })
.catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) }) .catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) })
.finally(() => { this.submitStatus.rxtx = false }) .finally(() => { this.submitStatus.rxtx = false })
@ -454,7 +454,7 @@
} }
this.submitStatus.buclnb = true this.submitStatus.buclnb = true
fetch('/api/set/buclnb', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query) }) fetch('/api/set/buclnb', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query), credentials: 'same-origin' })
.then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateBuclnbSettings(vals) }) .then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateBuclnbSettings(vals) })
.catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) }) .catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) })
.finally(() => { this.submitStatus.buclnb = false }) .finally(() => { this.submitStatus.buclnb = false })
@ -471,7 +471,7 @@
} }
this.submitStatus.network = true this.submitStatus.network = true
fetch('/api/set/network', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query) }) fetch('/api/set/network', {method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify(query), credentials: 'same-origin' })
.then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateNetworkSettings(vals) }) .then(async (resp) => { let vals = await resp.json(); if (vals['status'] !== 'ok') { throw new Error(vals['error'] ? vals['error'] : "Server returns undefined error") } this.updateNetworkSettings(vals) })
.catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) }) .catch((reason) => { alert(`Ошибка при применении настроек: ${reason}`) })
.finally(() => { this.submitStatus.network = false }) .finally(() => { this.submitStatus.network = false })
@ -585,7 +585,7 @@
resetPacketsStatistics() { resetPacketsStatistics() {
fetch('/api/resetPacketStatistics', { fetch('/api/resetPacketStatistics', {
method: 'POST' method: 'POST', credentials: 'same-origin'
}).then(() => { }).then(() => {
this.statRx.packetsOk = 0 this.statRx.packetsOk = 0
this.statRx.packetsBad = 0 this.statRx.packetsBad = 0
@ -684,7 +684,7 @@
} }
} else { } else {
try { try {
let d = await fetch("/api/get/statistics") let d = await fetch("/api/get/statistics", { credentials: 'same-origin' })
this.updateStatistics(await d.json()) this.updateStatistics(await d.json())
} catch (e) { } catch (e) {
this.initState = "Ошибка обновления статистики" this.initState = "Ошибка обновления статистики"