/******************************************************************************* * Copyright (c) 2025, Jan Koester jan.koester@gmx.net * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * Neither the name of the nor the * names of its contributors may be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *******************************************************************************/ #include #include #include #include #include #include #include #include #include #include #include "backend.h" #include "authdb.h" #include "user.h" #include "types.h" namespace authdb { bool initalized=true; class AuthDB : public libhttppp::HttpEvent{ public: AuthDB(authdb::AuthBackend &backend,netplus::socket *ssock) : HttpEvent(ssock), _Backend(backend){ _Indexpage.loadFile(_IndexElement,"../data/index.html"); }; void listUsers(libhttppp::HttpRequest *curreq, const int tid, ULONG_PTR args){ _Backend.lock(); size_t rd=sizeof(authdb::AuthHeader),end=_Backend.end(); _Backend.setPos(rd); libhtmlpp::HtmlString userlist,out; libhtmlpp::HtmlElement root=_IndexElement; libhtmlpp::HtmlElement *content=root.getElementbyID("content"); User user; class UserData udat; userlist <<"

UserList:

"; while(rddata = new char[cur->datasize]; _Backend.read((unsigned char*)cur->data,cur->datasize); rd=_Backend.getPos(); uuid_t uid; uuid_parse(cur->uuid,uid); if(strcmp(cur->fieldname,"username")==0){ try { size_t upos=sizeof(authdb::AuthHeader); user.info(_Backend,uid,udat,upos); userlist << "" << ""; }catch(AuthBackendError &e){ std::cerr << e.what() << std::endl; } } delete[] cur->data; delete cur; } _Backend.unlock(); userlist << "
"; std::copy(cur->data,cur->data+cur->datasize,std::back_inserter(userlist)); userlist << "
uuid << ".jpg\" alt=\"avatar\">" << "
  • " << "uid: " << cur->uuid << "
    • " << "
  • Username:" << udat.getUsername() << "
    • " << "
  • Firstname:" << udat.getFirstname() << "
    • " << "
  • Lastname:" << udat.getLastename() << "
    • " << "
  • Email:" << udat.getMail() << "
    • " << "
"; content->insertChild(userlist.parse()); libhtmlpp::print(&root,out,true); libhttppp::HttpResponse rep; rep.setContentType("text/html"); rep.send(curreq,out.c_str(),out.size()); } void createUser(libhttppp::HttpRequest *curreq, const int tid, ULONG_PTR args){ libhttppp::HttpResponse rep; libhttppp::HttpForm curform; curform.parse(curreq); if (curform.getBoundary()) { uuid_t uid; uuid_generate(uid); class UserData udat(uid); for (libhttppp::HttpForm::MultipartForm::Data* curformdat = curform.MultipartFormData.getFormData(); curformdat; curformdat = curformdat->nextData()) { for(libhttppp::HttpForm::MultipartForm::Data::ContentDisposition *curdispo=curformdat->getDisposition(); curdispo; curdispo=curdispo->nextContentDisposition() ){ if(curformdat->Value.empty() || !curdispo->getValue()) continue; std::vector tmp; if(strcmp(curdispo->getValue(),"avatar")!=0){ std::copy(curformdat->Value.begin(),curformdat->Value.end(),std::back_inserter(tmp)); tmp.push_back('\0'); } if(strcmp(curdispo->getValue(),"username")==0){ udat.setUserName(tmp.data()); }else if(strcmp(curdispo->getValue(),"firstname")==0){ udat.setFirstName(tmp.data()); }else if(strcmp(curdispo->getValue(),"lastname")==0){ udat.setLastName(tmp.data()); }else if(strcmp(curdispo->getValue(),"mail")==0){ udat.setMail(tmp.data()); }else if(strcmp(curdispo->getValue(),"avatar")==0 && !curformdat->Value.empty()){ udat.setAvatar(curformdat->Value); } } } _Backend.lock(); User user; user.create(_Backend,&udat); _Backend.unlock(); std::cout << "user created!" << std::endl; } libhtmlpp::HtmlPage page; libhtmlpp::HtmlString form,out; form << "
" << "" << "" << "" << "" << "" << "" << "" << "" << "" << "" << "" << "" << "
" << "insertChild(form.parse()); libhtmlpp::print(&root,out,true); rep.setContentType("text/html"); rep.setContentLength(out.size()); rep.send(curreq,out.c_str(),out.size()); } void removeuser(libhttppp::HttpRequest *curreq, const int tid, ULONG_PTR args){ char uid[255]; sscanf(curreq->getRequestURL(),"/admin/removeuser/%s",uid); User user; uuid_t uuid; uuid_parse(uid,uuid); _Backend.lock(); user.remove(_Backend,uuid); _Backend.unlock(); libhttppp::HttpResponse rep; rep.setState(HTTP307); rep.setVersion(HTTPVERSION(1.1)); rep.setHeaderData("Location")->push_back("/admin/listusers"); rep.setContentType("text/html"); rep.send(curreq,nullptr,0); } void getAvatar(libhttppp::HttpRequest *curreq, const int tid, ULONG_PTR args){ libhttppp::HttpResponse rep; char uid[255],ext[16]; sscanf(curreq->getRequestURL(),"/admin/getavatar/%[^.].%s",uid,ext); _Backend.lock(); authdb::AuthData *cur; size_t rd=sizeof(authdb::AuthHeader),end=_Backend.end(); while(rddata=nullptr; _Backend.ReadAuthData(cur,rd); rd=_Backend.getPos()+cur->datasize; if(cur && strcmp(cur->uuid,uid)==0 && strcmp(cur->fieldname,"avatar")==0){ cur->data = new char[cur->datasize]; _Backend.read((unsigned char*)cur->data,cur->datasize); char ctype[255]; snprintf(ctype,255,"image/%s",ext); rep.setContentType(ctype); rep.send(curreq,cur->data,cur->datasize); end=0; delete[] cur->data; } delete cur; } if(end!=0){ rep.setState(HTTP404); rep.send(curreq,nullptr,0); } _Backend.unlock(); }; void editUser(libhttppp::HttpRequest *curreq, const int tid, ULONG_PTR args){ _Backend.lock(); size_t rd=sizeof(authdb::AuthHeader),end=_Backend.end(); char cuid[255]; sscanf(curreq->getRequestURL(),"/admin/edituser/%s",cuid); AuthDataRecord editrec,*curec=&editrec; bool data = false; libhttppp::HttpForm curform; curform.parse(curreq); for (libhttppp::HttpForm::MultipartForm::Data* curformdat = curform.MultipartFormData.getFormData(); curformdat; curformdat = curformdat->nextData()) { for(libhttppp::HttpForm::MultipartForm::Data::ContentDisposition *curdispo=curformdat->getDisposition(); curdispo; curdispo=curdispo->nextContentDisposition() ){ if(curformdat->Value.empty() || !curdispo->getValue()) continue; data = true; strcpy(curec->Data->uuid,cuid); curec->Data->type=UserData; curec->Data->storage=TextStorage; for(libhttppp::HttpForm::MultipartForm::Data::ContentDisposition *curdispo=curformdat->getDisposition(); curdispo; curdispo=curdispo->nextContentDisposition() ){ std::string key; if(curdispo->getKey()) key=curdispo->getKey(); std::transform(key.begin(), key.end(), key.begin(), [](unsigned char c){ return std::tolower(c); }); if(key=="name"){ strcpy(curec->Data->fieldname,curdispo->getValue()); }else if(key=="content-type" && strncmp(curdispo->getValue(),"text/",5) != 0){ curec->Data->storage=BinaryStorage; } } curec->Data->datasize=curformdat->Value.size(); curec->Data->data=new char[curec->Data->datasize]; memcpy(curec->Data->data,curformdat->Value.data(),curformdat->Value.size()); } if(curformdat->nextData()){ curec->_next=new AuthDataRecord; curec=curec->_next; } } uuid_t uid; uuid_parse(cuid,uid); if(data){ editRecord(_Backend,&editrec,uid,UserData); _Backend.unlock(); libhttppp::HttpResponse rep; rep.setState(HTTP307); rep.setVersion(HTTPVERSION(1.1)); rep.setHeaderData("Location")->push_back("/admin/listusers"); rep.setContentType("text/html"); rep.send(curreq,nullptr,0); return; } libhtmlpp::HtmlPage page; libhtmlpp::HtmlString form,out; form << "" << ""; while(rddata = new char[cur->datasize]; _Backend.read((unsigned char*)cur->data,cur->datasize); rd=_Backend.getPos(); if(strcmp(cur->uuid,cuid)==0 && cur->type==UserData && cur->storage==TextStorage){ try { form << "" << ""; }catch(AuthBackendError &e){ std::cerr << e.what() << std::endl; } } delete[] cur->data; delete cur; } _Backend.unlock(); form << "" << "" << "" << "
fieldname << "\" value=\"" << cur->data <<"\">
" << "insertChild(form.parse()); libhtmlpp::print(&root,out,true); libhttppp::HttpResponse rep; rep.setContentType("text/html"); rep.setContentLength(out.size()); rep.send(curreq,out.c_str(),out.size()); } void AdminController(libhttppp::HttpRequest *curreq, const int tid, ULONG_PTR args){ if(strncmp(curreq->getRequestURL(),"/admin/listusers",16)==0){ listUsers(curreq,tid,args); }else if(strncmp(curreq->getRequestURL(),"/admin/createuser",17)==0){ createUser(curreq,tid,args); }else if(strncmp(curreq->getRequestURL(),"/admin/removeuser",17)==0){ removeuser(curreq,tid,args); }else if(strncmp(curreq->getRequestURL(),"/admin/edituser",15)==0){ editUser(curreq,tid,args); }else if(strncmp(curreq->getRequestURL(),"/admin/getavatar/",17)==0){ getAvatar(curreq,tid,args); }else{ libhtmlpp::HtmlElement root=_IndexElement; libhtmlpp::HtmlString out; libhtmlpp::print(&root,out,true); libhttppp::HttpResponse rep; rep.setContentType("text/html"); rep.setContentLength(out.size()); rep.send(curreq,out.c_str(),out.size()); } } void RequestEvent(libhttppp::HttpRequest *curreq, const int tid, ULONG_PTR args){ if(strncmp(curreq->getRequestURL(),"/admin",6)==0){ AdminController(curreq,tid,args); }else if(strncmp(curreq->getRequestURL(),"/api",4)==0){ }else{ libhttppp::HttpResponse rep; rep.setState(HTTP307); rep.setVersion(HTTPVERSION(1.1)); rep.setHeaderData("Location")->push_back("/admin"); rep.setContentType("text/html"); rep.send(curreq,nullptr,0); } }; private: authdb::AuthBackend _Backend; libhtmlpp::HtmlElement _IndexElement; libhtmlpp::HtmlPage _Indexpage; }; int searchValue(authdb::AuthBackend &backend,const char*fieldname,const char *value){ authdb::AuthData *user=new AuthData; int rd=sizeof(authdb::AuthHeader),brd=rd; while(rd>backend.end()){ backend.ReadAuthData(user,rd); rd=backend.getPos(); if(strcmp(user->fieldname,fieldname) == 0){ user->data = new char[user->datasize]; backend.read((unsigned char*)user->data,user->datasize); if(strcmp(user->data,value) == 0){ delete[] user->data; goto VALUEFOUND; } delete[] user->data; } brd=rd; } VALUEFOUND: delete user; return brd; } AuthDataRecord::AuthDataRecord(){ Data = new AuthData; memset((void*)Data,0,sizeof(AuthData)); Data->start=0xFE; Data->end=0xFF; _next=nullptr; } AuthDataRecord::AuthDataRecord(const AuthDataRecord &src){ Data = new AuthData; memcpy(&Data,&src.Data,sizeof(src.Data)); memcpy(Data->data,src.Data->data,src.Data->datasize); _next=nullptr; } AuthDataRecord::~AuthDataRecord(){ delete Data; } AuthDataRecord *AuthDataRecord::next(){ return _next; }; bool getRecord(authdb::AuthBackend &backend,AuthDataRecord *dest,const uuid_t id,int type){ bool found=false; AuthData *cur=new AuthData; int rd=sizeof(authdb::AuthHeader),end=backend.end(); char plainid[255]; uuid_unparse(id,plainid); AuthDataRecord *curec=dest; while(rddatasize; if(strcmp(cur->uuid,plainid) == 0 && cur->type == type){ memcpy(curec->Data,cur,sizeof(AuthHeader)); curec->Data->data=new char[cur->datasize]; backend.read((unsigned char*)curec->Data->data,cur->datasize); if(rd_next=new AuthDataRecord; curec=curec->_next; } found=true; } } delete cur; return found; } bool editRecord(AuthBackend &backend,const AuthDataRecord *rec,const uuid_t uid,int type){ AuthDataRecord old; std::vector changemap; //use fieldname; std::vector newmap; getRecord(backend,&old,uid,type); for(const AuthDataRecord *curdat=rec; curdat; curdat=curdat->_next){ bool newentry=true; for(const AuthDataRecord *olddat=&old; olddat; olddat=olddat->_next){ if(strcmp(olddat->Data->uuid,curdat->Data->uuid)==0 && strcmp(olddat->Data->fieldname,curdat->Data->fieldname)==0 ){ size_t end = olddat->Data->datasize; if(end!=curdat->Data->datasize){ changemap.push_back(curdat->Data); }else{ for(size_t i=0; iData->data[i]!=curdat->Data->data[i]){ changemap.push_back(curdat->Data); break; } } } newentry=false; } } if(newentry){ newmap.push_back(curdat->Data); } } for(auto newel : newmap){ backend.WriteAuthData(newel,backend.end()); backend.setPos(backend.end()); backend.write((const unsigned char*)newel->data,newel->datasize); } char cuid[255]; const unsigned char zero = 0; uuid_unparse(uid,cuid); for(auto chel : changemap){ size_t rd=sizeof(authdb::AuthHeader),end=backend.end(); while(rduuid,cuid)==0 && strcmp(rdrec->fieldname,chel->fieldname)==0){ backend.WriteAuthData(chel,backend.end()); backend.write((const unsigned char*)chel->data,chel->datasize); size_t dsize=rdrec->datasize; memset(rdrec,0,sizeof(AuthData)); rdrec->start=0xFE; rdrec->datasize=dsize; rdrec->end=0xFF; backend.WriteAuthData(rdrec,rd); for(size_t i =0; idatasize; ++i){ backend.write(&zero,1); } rd=backend.getPos(); }else{ rd=backend.getPos()+rdrec->datasize; } delete rdrec; } } if(!changemap.empty() || !newmap.empty()) return true; return false; } void delRecord(AuthBackend &backend,const uuid_t uid){ size_t end=backend.end(),rd=sizeof(AuthHeader); char cuid[255]; if(!uid) throw AuthBackendError("user info uid required!"); uuid_unparse(uid,cuid); while(rddatasize; if(strlen(cur->uuid) >0 && strncmp(cuid,cur->uuid,strlen(cur->uuid)) == 0){ // std::cout << cur->uuid << std::endl; size_t dsize=cur->datasize; memset(cur,0,sizeof(AuthData)); cur->datasize=dsize; backend.WriteAuthData(cur,wr); const unsigned char zero=0; for(size_t i=0; igetValue()); authdb::AuthBackend backend(authdb::AuthBackendType::File, config.getValue(config.getKey("/AUTHDB/ADMINDB/PATH"),0), "admin.local" ); try { if(backend.end()<=sizeof(authdb::AuthHeader)){ authdb::initalized=false; } libhttppp::HttpD httpd( config.getValue(config.getKey("/AUTHDB/BIND"),0), config.getIntValue(config.getKey("/AUTHDB/PORT"),0), config.getIntValue(config.getKey("/AUTHDB/MAXCONN"),0), nullptr, nullptr ); authdb::AuthDB authdb(backend,httpd.getServerSocket()); authdb.runEventloop(); }catch(authdb::AuthBackendError &e){ std::cerr << e.what() << std::endl; } }