1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
#include "content.hpp"
#include "user.hpp"
#include "strusCms.hpp"
#include <cppcms/url_dispatcher.h>
#include <cppcms/url_mapper.h>
#include <cppdb/frontend.h>
#include <cppcms/session_interface.h>
#include <booster/posix_time.h>
namespace apps {
user::user( strusCms &cms )
: master( cms )
{
cms.dispatcher( ).assign( "/login", &user::login, this );
cms.mapper( ).assign( "login" );
cms.dispatcher( ).assign( "/logout", &user::logout, this );
cms.mapper( ).assign( "logout" );
}
void user::login( )
{
content::user c( cms );
ini( c );
if( request( ).request_method( ) == "POST" && session( ).is_set( "prelogin" ) ) {
c.login.load( context( ) );
if( c.login.validate( ) ) {
session( ).reset_session( );
session( ).erase( "prelogin" );
session( )["username"] = c.login.username.value( );
session( ).expose( "username" );
response( ).set_redirect_header( cms.root( ) );
}
}
session( ).set( "prelogin", "" );
render( "login", c );
}
void user::logout( )
{
content::user c( cms );
session( ).clear( );
ini( c );
render( "logout", c );
}
// TODO: make this a salted hash
bool user::check_login( std::string user, std::string password )
{
if( user.empty( ) || password.empty( ) ) {
return false;
}
cppdb::session sql( cms.conn );
cppdb::result r;
r = sql << "SELECT id, password FROM user WHERE username=?" << user << cppdb::row;
if( r.empty( ) ) {
return false;
}
int id;
r >> id;
std::string pass;
r >> pass;
if( password != pass ) {
return false;
}
std::time_t now_time = std::time( 0 );
std::tm now = *std::localtime( &now_time );
cppdb::statement stmt;
stmt = sql << "INSERT INTO login(user_id, last_login) VALUES(?, ?)"
<< id << now;
stmt.exec( );
return true;
}
} // namespace apps
namespace content {
login_form::login_form( apps::strusCms &cms )
: cppcms::form( ),
cms( cms )
{
username.message( "Your login" );
username.error_message( "The login is illegal" );
password.message( "Your password" );
password.error_message( "Your password is illegal" );
submit.value( "Log in" );
add( username );
add( password );
add( submit );
username.non_empty( );
password.non_empty( );
}
bool login_form::validate( )
{
if( !form::validate( ) ) {
return false;
}
if( !cms.user.check_login( username.value( ), password.value( ) ) ) {
username.valid( false );
password.valid( false );
booster::ptime::sleep( booster::ptime( 5, 0 ) );
return false;
}
return true;
}
user::user( apps::strusCms &cms )
: login( cms )
{
}
} // namespace content
|