diff options
Diffstat (limited to 'src/user.cpp')
-rw-r--r-- | src/user.cpp | 54 |
1 files changed, 51 insertions, 3 deletions
diff --git a/src/user.cpp b/src/user.cpp index cc2af65..36ad821 100644 --- a/src/user.cpp +++ b/src/user.cpp @@ -4,6 +4,7 @@ #include <cppcms/url_dispatcher.h> #include <cppcms/url_mapper.h> +#include <cppdb/frontend.h> namespace apps { @@ -16,24 +17,51 @@ user::user( strusCms &cms ) void user::login( ) { - content::user c; + content::user c( cms ); c.title = "strusCms"; if( request( ).request_method( ) == "POST" ) { c.login.load( context( ) ); if( c.login.validate( ) ) { + response( ).set_redirect_header( cms.root( ) ); } } render( "login", c ); } +// TODO: make this a salted hash +bool user::check_login( std::string user, std::string password ) +{ + if( user.empty( ) || password.empty( ) ) { + return false; + } + + cppdb::session sql( cms.conn ); + cppdb::result r; + r = sql << "SELECT password FROM users WHERE username=?" << user << cppdb::row; + if( r.empty( ) ) { + return false; + } + + std::string pass; + r >> pass; + + if( password != pass ) { + return false; + } + + return true; } +} // namespace apps + namespace content { -login_form::login_form( ) : cppcms::form( ) +login_form::login_form( apps::strusCms &cms ) + : cppcms::form( ), + cms( cms ) { username.message( "Your login" ); - username.error_message( "The login name can't be empty" ); + username.error_message( "The login is illegal" ); password.message( "Your password" ); password.error_message( "Your password is illegal" ); submit.value( "Log in" ); @@ -46,4 +74,24 @@ login_form::login_form( ) : cppcms::form( ) password.non_empty( ); } +bool login_form::validate( ) +{ + if( !form::validate( ) ) { + return false; + } + + if( !cms.user.check_login( username.value( ), password.value( ) ) ) { + username.valid( false ); + password.valid( false ); + return false; + } + + return true; } + +user::user( apps::strusCms &cms ) + : login( cms ) +{ +} + +} // namespace content |