Commit 713879a5 authored by jan.koester's avatar jan.koester
Browse files

test

parent 066facae
Loading
Loading
Loading
Loading
+58 −0
Original line number Diff line number Diff line
@@ -231,3 +231,61 @@ bool blogi::Auth::isLoggedIn(const int tid,libhttppp::HttpRequest &curreq,const
            return false;
        }
}

int blogi::Auth::getAuthorId(const int tid, const uuid::uuid &authid) {
    bool ok=false;
    int authorId = 0;
    
    for(size_t i=0; i<_config.getAuthSourceCount(); ++i) {
        const AuthSource &src = _config.getAuthSource(i);
        try {
            authdb::client::ClientConnection authcon(&src.url);
            
            authdb::client::Client clt(&authcon);
            
            authdb::client::SessionData sdat;
            uuid::uuid auid;
            
            if(!clt.getSession(authid.toString().c_str(), sdat)){
                   continue;
            }            
            
            sdat.getUid(auid);

            authdb::client::UserData udat(auid);
            if(!clt.getUser(udat))
                    continue;
            
            std::string username;
            
            for(authdb::client::UserData::Data *dat=udat.find("username"); dat; dat=dat->next()) {
                if(dat->type==authdb::UserData::typeEmpty)
                    continue;
                username=dat->data;
            }

            dbpp::SQL usql;
            dbpp::DBResult ures;
            std::vector<char> esc;
            usql << "SELECT id FROM users WHERE sid='" << dbpp::SQL::escaped(esc, auid.toString().c_str()) << "' LIMIT 1;";
            if(_db[tid]->exec(&usql, ures)>0) {
                 authorId=atoi(ures.front()[0]);
            } else {
                 dbpp::SQL isql;
                 dbpp::DBResult ires;
                 isql << "INSERT INTO users (sid, username) VALUES ('"
                      << dbpp::SQL::escaped(esc, auid.toString().c_str()) << "','"
                      << dbpp::SQL::escaped(esc, username.c_str()) << "') RETURNING id;";
                 _db[tid]->exec(&isql, ires);
                 authorId=atoi(ires.front()[0]);
            }
            ok=true;
            break;
        }catch(...){
        }
    }
    
    if(!ok)
        throw authdb::client::ClientException("author_id could not be resolved");
    return authorId;
}
+2 −1
Original line number Diff line number Diff line
@@ -48,7 +48,8 @@ namespace blogi {
        void login(const int tid,const char *username,const char *password,uuid::uuid &authid,const std::string &ssid,const std::string &domain="");
        void Apilogin(const int tid,const char *username,const char *password,uuid::uuid &authid,const std::string &domain="");
        bool isLoggedIn(const int tid,const uuid::uuid &authid);
        bool isLoggedIn(const int tid,libhttppp::HttpRequest &curreq,const std::string &ssid);
        bool isLoggedIn(const int tid,libhttppp::HttpRequest bool isLoggedIn(const int tid,libhttppp::HttpRequest &curreq,const std::string &ssid);curreq,const std::string bool isLoggedIn(const int tid,libhttppp::HttpRequest &curreq,const std::string &ssid);ssid);
        int getAuthorId(const int tid, const uuid::uuid &authid);
    private:
        void _doLogin(const AuthSource &src, const char *username, const char *password,
                      uuid::uuid &authid, const int tid, const std::string *ssid);
+6 −0
Original line number Diff line number Diff line
@@ -403,6 +403,12 @@ void blogi::Blogi::api(libhttppp::HttpRequest& curreq, const int tid){
                } else {
                    json_object *params = nullptr;
                    json_object_object_get_ex(single_request, "params", &params);
                        if (params) {
                            try {
                                int authorId = PlgArgs->auth->getAuthorId(tid, authid);
                                json_object_object_add(params, "author_id", json_object_new_int(authorId));
                            } catch (...) {}
                        }

                    bool found = false;
                    for (const Plugin::PluginData *curplg = BlogiPlg->getFirstPlugin(); curplg; curplg = curplg->getNextPlg()) {

test_auth.patch

0 → 100644
+73 −0
Original line number Diff line number Diff line
--- src/auth.h
+++ src/auth.h
@@ -43,6 +43,7 @@
         void Apilogin(const int tid,const char *username,const char *password,uuid::uuid &authid,const std::string &domain="");
         bool isLoggedIn(const int tid,const uuid::uuid &authid);
         bool isLoggedIn(const int tid,libhttppp::HttpRequest &curreq,const std::string &ssid);
+        int getAuthorId(const int tid, const uuid::uuid &authid);
     private:
         void _doLogin(const AuthSource &src, const char *username, const char *password,
--- src/auth.cpp
+++ src/auth.cpp
@@ -148,6 +148,62 @@
         }
         return false;
     }

+int blogi::Auth::getAuthorId(const int tid, const uuid::uuid &authid) {
+    for (size_t si = 0; si < _config.getAuthSourceCount(); ++si) {
+        const AuthSource &src = _config.getAuthSource(si);
+        try {
+            authdb::client::ClientConnection authcon;
+            authcon.setUrl(src.url);
+            authcon.setClientName(src.clientName);
+            authcon.setClientSecret(src.clientSecret);
+            authcon.setSessionID(authid);
+
+            authdb::client::Client clt(authcon);
+            if (!clt.ClientAuth()) continue;
+
+            authdb::SessionData sdat;
+            clt.SessionInfo(sdat);
+            uuid::uuid uid;
+            sdat.getUid(uid);
+            authdb::UserData ud(uid);
+            clt.UserInfo(ud);
+            
+            std::string username = ud.getUsername();
+            std::string displayname = ud.getFirstname() + " " + ud.getLastname();
+            std::string email = ud.getMail();
+
+            std::vector<char> sbuf;
+            dbpp::SQL asql;
+            dbpp::DBResult ares;
+            asql << "SELECT id FROM users WHERE sid='" << dbpp::SQL::escaped(sbuf, uid.c_str()) << "' LIMIT 1;";
+            int ucount = _dbconn[tid]->exec(asql, ares);
+            if (ucount > 0) {
+                int authorId = atoi(ares[0][0]);
+                // Update displayname in case it changed
+                dbpp::SQL usql;
+                dbpp::DBResult ures;
+                usql << "UPDATE users SET displayname='" << dbpp::SQL::escaped(sbuf, displayname.c_str())
+                     << "', username='" << dbpp::SQL::escaped(sbuf, username.c_str())
+                     << "', email='" << dbpp::SQL::escaped(sbuf, email.c_str())
+                     << "' WHERE id=" << authorId << ";";
+                try { _dbconn[tid]->exec(usql, ures); } catch (...) {}
+                return authorId;
+            } else {
+                dbpp::SQL isql;
+                dbpp::DBResult ires;
+                isql << "INSERT INTO users (sid,username,email,displayname) VALUES ('"
+                     << dbpp::SQL::escaped(sbuf, uid.c_str()) << "','"
+                     << dbpp::SQL::escaped(sbuf, username.c_str()) << "','"
+                     << dbpp::SQL::escaped(sbuf, email.c_str()) << "','"
+                     << dbpp::SQL::escaped(sbuf, displayname.c_str()) << "') RETURNING id;";
+                _dbconn[tid]->exec(isql, ires);
+                return atoi(ires[0][0]);
+            }
+        } catch (...) {
+            continue;
+        }
+    }
+    return 0;
+}