From ed5dc629a2c44f0b086995bf91a0a2a749879bc9 Mon Sep 17 00:00:00 2001 From: Georg Hopp Date: Sun, 10 Nov 2013 02:49:08 +0000 Subject: [PATCH] add username to user class. This will contain the common name (cn) of an ldap authenticated user and the email address of an otherwise authenticated user. This is done to be able to have a good way to store an application user for ldap authenticated users. --- assets/js/session.js | 5 +- include/user.h | 16 ++- .../controller/_process_user_create_args.c | 1 + src/application/controller/currentuser/read.c | 4 +- src/application/login.c | 124 +++++++++++------- src/user/user.c | 49 ++++--- 6 files changed, 125 insertions(+), 74 deletions(-) diff --git a/assets/js/session.js b/assets/js/session.js index 4f4b09d..dfd1606 100644 --- a/assets/js/session.js +++ b/assets/js/session.js @@ -18,19 +18,20 @@ function Session(sInfo, sId, sUser) Session.prototype.loadUserJSON = function(data) { + this.username = data.username; this.email = data.email; this.firstname = data.firstname; this.surname = data.surname; name = ""; - if ('' == this.email) { + if ('' == this.username) { name = "not logged in"; $("li.signup").removeClass("hide"); $("li.login").removeClass("hide"); $("li.logout").addClass("hide"); } else { if ('' == this.firstname || '' == this.surname) { - name += this.email; + name += this.username; } else { name += this.firstname + " " + this.surname; } diff --git a/include/user.h b/include/user.h index 583ab22..c3c89c3 100644 --- a/include/user.h +++ b/include/user.h @@ -27,15 +27,27 @@ #include "class.h" #include "uuid.h" +#include "auth.h" #include "storage/storage.h" CLASS(User) { - unsigned long hash; - + unsigned long hash; + AuthModule auth_type; + + /** + * username holds the identifier of the user. + * For ldap users this is the common name. + * For registered users this is their email + * address. + * The UUID of the user is created from this + * username. + */ + char * username; char * email; char * firstname; char * surname; + size_t * nusername; size_t * nemail; size_t * nfirstname; size_t * nsurname; diff --git a/src/application/controller/_process_user_create_args.c b/src/application/controller/_process_user_create_args.c index a00faf6..f662207 100644 --- a/src/application/controller/_process_user_create_args.c +++ b/src/application/controller/_process_user_create_args.c @@ -66,6 +66,7 @@ _controllerProcessUserCreateArgs(Hash args, User * user, Credential * cred) (char *)(password->value), password->nvalue); *user = new(User, + (char *)(email->value), email->nvalue, (char *)(email->value), email->nvalue, (char *)(firstname->value), firstname->nvalue, (char *)(surname->value), surname->nvalue); diff --git a/src/application/controller/currentuser/read.c b/src/application/controller/currentuser/read.c index 90e676f..4a3796d 100644 --- a/src/application/controller/currentuser/read.c +++ b/src/application/controller/currentuser/read.c @@ -34,7 +34,7 @@ #define USER_JSON \ - "{\"email\":\"%s\",\"firstname\":\"%s\",\"surname\":\"%s\"}" + "{\"username\":\"%s\",\"email\":\"%s\",\"firstname\":\"%s\",\"surname\":\"%s\"}" char * controllerCurrentuserRead(Application app, Session sess, Hash args) @@ -43,11 +43,13 @@ controllerCurrentuserRead(Application app, Session sess, Hash args) size_t nbuffer; nbuffer = snprintf(NULL, 0, USER_JSON, + (NULL != sess->user)? sess->user->username : "", (NULL != sess->user)? sess->user->email : "", (NULL != sess->user)? sess->user->firstname : "", (NULL != sess->user)? sess->user->surname : ""); buffer = memMalloc(nbuffer); nbuffer = sprintf(buffer, USER_JSON, + (NULL != sess->user)? sess->user->username : "", (NULL != sess->user)? sess->user->email : "", (NULL != sess->user)? sess->user->firstname : "", (NULL != sess->user)? sess->user->surname : ""); diff --git a/src/application/login.c b/src/application/login.c index 039e15e..2168f50 100644 --- a/src/application/login.c +++ b/src/application/login.c @@ -44,64 +44,86 @@ applicationLogin( Credential credential, Session session) { - size_t i; - Uuid search; - int authenticated = 0; + Uuid search; + AuthModule auth_module; - User user = new(User, NULL); + User user = new(User, NULL); - user->email = CRED_PWD(credential).user; - user->nemail = &CRED_PWD(credential).nuser; + user->username = CRED_PWD(credential).user; + user->nusername = &CRED_PWD(credential).nuser; search = indexUuid(user, this->user_namespace); - for (i=0; inauth; i++) { - if (authenticate(this->auth[i], credential, search)) { - session->user = user; - - switch (credential->type) { - case CRED_PASSWORD: - { - char * user_serialized; - size_t nuser_serialized; - - storageGet( - this->users, - (char *)(search->uuid).value, - sizeof((search->uuid).value), - &user_serialized, - &nuser_serialized); - - if (NULL != user_serialized) { - unserialize( - session->user, - (unsigned char *)user_serialized, - nuser_serialized); - MEM_FREE(user_serialized); - } else { - // this is a user authenticated via another method - // than the password database and has not yet set - // additional user informations. - session->user = NULL; - delete(session->user); - session->user = new(User, - CRED_PWD(credential).user, - CRED_PWD(credential).nuser, - CSTRA(""), - CSTRA("")); - } - } - break; - - default: - break; - } - - authenticated = 1; - break; + auth_module = authenticate(this->auth, credential, search); + + if (0 != auth_module) { + char * user_serialized; + size_t nuser_serialized; + + session->user = user; + + switch (credential->type) { + case CRED_PASSWORD: + storageGet( + this->users, + (char *)(search->uuid).value, + sizeof((search->uuid).value), + &user_serialized, + &nuser_serialized); + + if (NULL != user_serialized) { + unserialize( + session->user, + (unsigned char *)user_serialized, + nuser_serialized); + MEM_FREE(user_serialized); + } else { + /** + * this is a user authenticated via another method + * than the password database and has not yet + * logged in. + * NOTE: first we have to remove the search user and + * as username is initialized with something that we + * will free later here we must set it to NULL so that + * the delete will not free it. + */ + session->user->username = NULL; + delete(session->user); + session->user = new(User, + CRED_PWD(credential).user, + CRED_PWD(credential).nuser, + CSTRA(""), + CSTRA(""), + CSTRA("")); + + serialize( + session->user, + (unsigned char **)&user_serialized, + &nuser_serialized); + /** + * \todo + * Handle error...if this fails we have most likely + * a collision. + */ + storagePut( + this->users, + (char *)(search->uuid).value, + sizeof((search->uuid).value), + user_serialized, + nuser_serialized); + MEM_FREE(user_serialized); + } + + session->user->auth_type = auth_module; + break; + + default: + break; } + + return TRUE; } - return authenticated; + return FALSE; } // vim: set ts=4 sw=4: diff --git a/src/user/user.c b/src/user/user.c index e7cdb10..5d2bdc3 100644 --- a/src/user/user.c +++ b/src/user/user.c @@ -34,10 +34,12 @@ static int userCtor(void * _this, va_list * params) { - User this = _this; - char * email = va_arg(* params, char *); + User this = _this; + char * username = va_arg(* params, char *); - if (NULL != email) { + if (NULL != username) { + size_t nusername = va_arg(* params, size_t); + char * email = va_arg(* params, char *); size_t nemail = va_arg(* params, size_t); char * firstname = va_arg(* params, char *); size_t nfirstname = va_arg(* params, size_t); @@ -45,12 +47,17 @@ userCtor(void * _this, va_list * params) size_t nsurname = va_arg(* params, size_t); size_t storage_size = + nusername + 1 + nemail + 1 + nfirstname + 1 + nsurname + 1 + - 3 * sizeof(size_t); + 4 * sizeof(size_t); - this->email = memMalloc(storage_size); + this->username = memMalloc(storage_size); + memcpy(this->username, username, nusername); + this->username[nusername] = '\0'; + + this->email = this->username + nusername + 1; memcpy(this->email, email, nemail); this->email[nemail] = '\0'; @@ -62,7 +69,10 @@ userCtor(void * _this, va_list * params) memcpy(this->surname, surname, nsurname); this->surname[nsurname] = '\0'; - this->nemail = (size_t *)(this->surname + nsurname + 1); + this->nusername = (size_t *)(this->surname + nsurname + 1); + *this->nusername = nusername; + + this->nemail = this->nusername + 1; *this->nemail = nemail; this->nfirstname = this->nemail + 1; @@ -81,8 +91,8 @@ userDtor(void * _this) { User this = _this; - if (NULL != this->email) { - MEM_FREE(this->email); + if (NULL != this->username) { + MEM_FREE(this->username); } } @@ -96,14 +106,15 @@ userSerialize( User this = _this; *nserialized = + *this->nusername + 1 + *this->nemail + 1 + *this->nfirstname + 1 + *this->nsurname + 1 + - 3 * sizeof(size_t); + 4 * sizeof(size_t); *serialized = memMalloc(*nserialized); - memcpy(*serialized, this->email, *nserialized); + memcpy(*serialized, this->username, *nserialized); } static @@ -116,16 +127,18 @@ userUnserialize( User this = _this; size_t * user_data_sizes; - this->email = memMalloc(nserialized); - memcpy(this->email, serialized, nserialized); + this->username = memMalloc(nserialized); + memcpy(this->username, serialized, nserialized); user_data_sizes = - (size_t *)(this->email + nserialized - 3 * sizeof(size_t)); + (size_t *)(this->username + nserialized - 4 * sizeof(size_t)); - this->nemail = user_data_sizes; - this->nfirstname = user_data_sizes + 1; - this->nsurname = user_data_sizes + 2; + this->nusername = user_data_sizes; + this->nemail = user_data_sizes + 1; + this->nfirstname = user_data_sizes + 2; + this->nsurname = user_data_sizes + 3; + this->email = this->username + *this->nusername + 1; this->firstname = this->email + *this->nemail + 1; this->surname = this->firstname + *this->nfirstname + 1; } @@ -137,8 +150,8 @@ userIndexUuid(void * _this, Uuid namespace) User this = _this; return uuidVersion3( - (unsigned char *)this->email, - *this->nemail, + (unsigned char *)this->username, + *this->nusername, namespace); }