add: front verification

diff --git a/cmd/engine/main.c b/cmd/engine/main.c
index 2b0846a293c373f35a731934aa3102b672509b61..ab682b33403a92c53cd9abc1d41ca9606424ef33 100644 (file)
--- a/cmd/engine/main.c
+++ b/cmd/engine/main.c
@@ -19,11 +19,18 @@ int main(){
   pthread_t front_tid;
 
   if (pthread_mutex_init(&G_MTX, NULL) != 0) { 
-      printf("mutex init has failed\n"); 
-      return -1; 
+    printf("mutex init has failed\n"); 
+    return -1; 
   } 
 
+  int result = load_config();
 
+  if(result < 0){
+
+    printf("failed to load config\n");
+
+    return -1;
+  }
   pthread_create(&front_tid, NULL, (void*)front_listen_and_serve, NULL);
 
   sleepms(500);

diff --git a/include/socialize/core.h b/include/socialize/core.h
index b5297d28341c27718ff6cf9b79a89d82c65063c1..83d1e9e3f00a7bd8f75f5c5cf66f8328ab507226 100644 (file)
--- a/include/socialize/core.h
+++ b/include/socialize/core.h
@@ -125,6 +125,7 @@
 #define HTTPS_URL "https://0.0.0.0:3443"
 #endif
 
+#define FRONT_WEB_ROOT "public"
 
 #define IS_BIG_ENDIAN (!*(unsigned char *)&(uint16_t){1})
 
@@ -177,6 +178,9 @@
 struct user {
     char name[MAX_USER_NAME];
     char pass[MAX_USER_PASS];
+    int auth;
+    uint8_t token[MAX_PW_LEN];
+    int cid;
 };
 
 
@@ -247,6 +251,7 @@ extern char *s_json_header;
 
 extern struct mg_mgr mgr;
 
+extern struct user USER;
 
 extern struct CHANNEL_CONTEXT CHAN_CTX[MAX_CONN];
 

diff --git a/include/socialize/ctl.h b/include/socialize/ctl.h
index 7d3bebf34a4e871a7ed8a82769f4dc3bf3ff44e3..1696bfbd4bdac2aacd755dfd5173fce826b76973 100644 (file)
--- a/include/socialize/ctl.h
+++ b/include/socialize/ctl.h
@@ -14,7 +14,7 @@ int sig_verify(const char* cert_pem, const char* intermediate_pem);
 
 int extract_common_name(uint8_t* common_name, const char* cert);
 
-int idpw_verify(char* idpw);
+int idpw_verify(char* idpw, char* newid, uint8_t* newtoken);
 
 int update_chanctx_from_userinfo(char* id, char* pw);
 

diff --git a/include/socialize/front/front.h b/include/socialize/front/front.h
index dd8f02912fb6286db4a5dc511f36a13341748b27..9b576f251b94767ff1f809968325d82544b5f7db 100644 (file)
--- a/include/socialize/front/front.h
+++ b/include/socialize/front/front.h
@@ -11,6 +11,8 @@
 void* front_listen_and_serve(void* varg);
 
 
+int load_config();
+
 void sntp_fn(struct mg_connection *c, int ev, void *ev_data);
 
 void timer_sntp_fn(void *param);
@@ -24,9 +26,9 @@ void front_handler(struct mg_connection *c, struct mg_ws_message *wm);
 void handle_healtiness_probe(struct mg_connection *c, struct mg_http_message *hm);
 
 
-int front_authenticate(struct mg_connection* c, struct mg_ws_message *wm, int* initial, char* command, char* data);
+int front_access(struct mg_connection* c, struct mg_ws_message *wm, char* command, char* data);
 
-void front_communicate(int chan_idx, char* command, char* data);
+void front_communicate(struct mg_connection* c, struct mg_ws_message *wm, char* command, char* data);
 
 
 

diff --git a/include/socialize/utils.h b/include/socialize/utils.h
index 01b03c0cd557d6a67b046071001cd4bc10857d72..2f604795b985e41de156a635126dfd2abc624bc7 100644 (file)
--- a/include/socialize/utils.h
+++ b/include/socialize/utils.h
@@ -18,8 +18,6 @@ int gen_random_bytestream(uint8_t* bytes, size_t num_bytes);
 int bin2hex(uint8_t* hexarray, int arrlen, uint8_t* bytearray);
 
 
-
-
 int get_host_port(char* hostname, int* port, char* addr);
 
 

diff --git a/public/css/common.css b/public/css/common.css
new file mode 100644 (file)
index 0000000..f724ced
--- /dev/null
+++ b/public/css/common.css
@@ -0,0 +1,28 @@
+body {
+    display: flex;
+    min-height: 100vh;
+    flex-direction: column;
+}
+
+main {
+    flex: 1 0 auto;
+}
+
+body {
+    background: #fff;
+}
+
+.input-field input[type=date]:focus + label,
+.input-field input[type=text]:focus + label,
+.input-field input[type=email]:focus + label,
+.input-field input[type=password]:focus + label {
+    color: #e91e63;
+}
+
+.input-field input[type=date]:focus,
+.input-field input[type=text]:focus,
+.input-field input[type=email]:focus,
+.input-field input[type=password]:focus {
+    border-bottom: 2px solid #e91e63;
+    box-shadow: none;
+}
\ No newline at end of file

diff --git a/public/index.html b/public/index.html
new file mode 100644 (file)
index 0000000..a33dedb
--- /dev/null
+++ b/public/index.html
@@ -0,0 +1,64 @@
+<html>
+
+<head>
+    <link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
+    <link rel="stylesheet" type="text/css"
+          href="https://cdnjs.cloudflare.com/ajax/libs/materialize/0.97.5/css/materialize.min.css">
+    <link rel="stylesheet" type="text/css"
+          href="/public/css/common.css">
+
+</head>
+
+<body>
+<div class="section"></div>
+<main>
+    <center>
+        <div class="section"></div>
+        <div class="container">
+            <div class="z-depth-1 grey lighten-4 row"
+                 style="display: inline-block; padding: 32px 48px 0px 48px; border: 1px solid #EEE;">
+
+                <form class="col s12" method="post" action="#">
+                    <div class='row'>
+                        <div class='col s12'>
+                        </div>
+                    </div>
+
+                    <div class='row'>
+                        <div class='input-field col s12'>
+                            <input class='validate' type='email' name='email' id='email'/>
+                            <label for='email'>Enter your email</label>
+                        </div>
+                    </div>
+
+                    <div class='row'>
+                        <div class='input-field col s12'>
+                            <input class='validate' type='password' name='password' id='password'/>
+                            <label for='password'>Enter your password</label>
+                        </div>
+                    </div>
+
+                    <br/>
+                    <div class='row'>
+                        <button type='submit' name='btn_login' class='col s12 btn btn-large waves-effect indigo'>
+                            Login
+                        </button>
+                    </div>
+                </form>
+
+
+            </div>
+        </div>
+    </center>
+
+    <div class="section"></div>
+    <div class="section"></div>
+</main>
+
+<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js"></script>
+<script type="text/javascript"
+        src="https://cdnjs.cloudflare.com/ajax/libs/materialize/0.97.5/js/materialize.min.js"></script>
+<script type="text/javascript" src="/public/js/common.js"></script>
+</body>
+
+</html>
\ No newline at end of file

diff --git a/public/js/common.js b/public/js/common.js
new file mode 100644 (file)
index 0000000..e69de29

diff --git a/src/ctl.c b/src/ctl.c
index 93db0f25679fc6629cb9be86789f862ece5b199f..678e3626f8cd4ba1e1e51b5fb2d6dccac9c836dd 100644 (file)
--- a/src/ctl.c
+++ b/src/ctl.c
@@ -1,5 +1,5 @@
 #include "socialize/ctl.h"
-
+#include "socialize/utils.h"
 
 struct CHANNEL_CONTEXT CHAN_CTX[MAX_CONN];
 
@@ -129,17 +129,46 @@ int extract_common_name(uint8_t* common_name, const char* cert) {
 }
 
 
-int idpw_verify(char* idpw){
+int idpw_verify(char* idpw, char *newid, uint8_t* newtoken){
 
-    int verify = -1;
 
     char* token;
 
     char* delim = ":";
 
+    int idpwlen = strlen(idpw);
+
+    if(idpwlen > MAX_PW_LEN){
+        return -1;
+    }
+
     uint8_t id[MAX_ID_LEN] = {0};
     uint8_t pw[MAX_PW_LEN] = {0};
 
+    int istoken = 1;
+
+    for(int i = 0; i < idpwlen; i++){
+
+        if(idpw[i] == ':'){
+            istoken = 0;
+            break;
+        }
+
+    }
+
+    if(istoken == 1){
+
+        if(strncmp(USER.token, idpw, idpwlen) != 0){
+
+            return -2;
+        } else {
+
+            return 1;
+        }
+
+
+    }
+
     token = strtok(idpw, delim);
     
     int idx = 0;
@@ -169,24 +198,24 @@ int idpw_verify(char* idpw){
         return -1;
     }
 
-    int chan_idx = get_chanctx_by_id(id);
 
-    if(chan_idx < 0){
+    if(strncmp(USER.pass, pw, MAX_PW_LEN) != 0){
 
-        return -2;
+        return -3;
 
     }
 
-    if(strncmp(CHAN_CTX[chan_idx].pw, pw, MAX_PW_LEN) != 0){
+    memset(idpw, 0, idpwlen);
 
-        return -3;
+    int idlen = strlen(id);
 
-    }
+    strncpy(newid, id, idlen);
 
-    int verified_idx = chan_idx;
+    int arrlen = gen_random_bytestream(newtoken, 64);
 
+    bin2hex(newtoken, arrlen, newtoken);
 
-    return verified_idx;
+    return 0;
 
 }
 

diff --git a/src/front/front.c b/src/front/front.c
index 62ab1972b426275fab1fd6de24b4ab752fc516ec..a3ac3a2ac8050ff543b792b1a4013259e2366e03 100644 (file)
--- a/src/front/front.c
+++ b/src/front/front.c
@@ -3,6 +3,8 @@
 #include   "socialize/utils.h"
 
 
+struct user USER;
+
 struct settings s_settings = {true, 1, 57, NULL};
 
 uint64_t s_boot_timestamp = 0; 
@@ -37,6 +39,67 @@ void timer_sntp_fn(void *param) {  // SNTP timer function. Sync up time
 
 
 
+int load_config(){
+
+    char confbuff[MAX_BUFF] = {0};
+
+    int conflen = read_file_to_buffer(confbuff, MAX_BUFF, "config.json");
+
+    if(conflen < 0){
+  
+      printf("read config.json failed\n");
+  
+      return -1;
+    }
+
+    cJSON *conf_json_root = cJSON_Parse(confbuff);
+
+    if (conf_json_root == NULL){
+
+        printf("error parsing config.json\n");
+
+        return -1;
+
+    }
+
+    cJSON *conf_json = cJSON_GetObjectItemCaseSensitive(conf_json_root, "users");
+
+    if(conf_json == NULL){
+
+        printf("no users\n");
+
+        return -2;
+    }
+
+    int ulen = cJSON_GetArraySize(conf_json);
+    
+    if(ulen < 1){
+
+        printf("ulen < 1\n");
+
+        return -3;
+    }
+
+    for(int i = 0; i < ulen; i++){
+
+        cJSON* user = cJSON_GetArrayItem(conf_json, i);
+
+        cJSON* id = cJSON_GetObjectItemCaseSensitive(user, "id");
+
+        cJSON* pw = cJSON_GetObjectItemCaseSensitive(user, "pw");
+
+        
+        strcpy(USER.name, id->valuestring);
+
+        strcpy(USER.pass, pw->valuestring);
+
+        printf("loaded user: %s\n", USER.name);
+    }
+
+    return 0;
+
+}
+
 
 
 void handle_healtiness_probe(struct mg_connection *c, struct mg_http_message *hm){
@@ -87,11 +150,20 @@ void route(struct mg_connection *c, int ev, void *ev_data) {
 
         handle_healtiness_probe(c, hm);
 
-    } 
-    
-    printf("WS UPGRADE!!!!!\n");
+    } else if (mg_match(hm->uri, mg_str("/front"), NULL)) {
+
+        printf("WS UPGRADE!!!!!\n");
+
+        mg_ws_upgrade(c, hm, NULL);
+
+    } else {
+
+        struct mg_http_serve_opts opts = {.root_dir = FRONT_WEB_ROOT};
 
-    mg_ws_upgrade(c, hm, NULL);
+        mg_http_serve_dir(c, ev_data, &opts);
+
+    }
+    
     
     if(DEBUG_THIS == 1){
 
@@ -103,9 +175,15 @@ void route(struct mg_connection *c, int ev, void *ev_data) {
 
   } else if (ev == MG_EV_WS_MSG) {
 
+    struct mg_http_message *hm = (struct mg_http_message *) ev_data;
+
     struct mg_ws_message *wm = (struct mg_ws_message *) ev_data;
     
-    front_handler(c, wm);
+    if (mg_match(hm->uri, mg_str("/front"), NULL)) {
+
+        front_handler(c, wm);
+
+    } 
 
   }
 }
@@ -141,45 +219,36 @@ void front_handler(struct mg_connection *c, struct mg_ws_message *wm){
 
     char ws_data[WS_MAX_COMMAND_DATA_LEN] = {0};
 
-    cJSON* response = cJSON_CreateObject();
-
-    pthread_mutex_lock(&G_MTX);
-
     int datalen = 0;
 
-    int initial = 0;
-
+    int code = front_access(c, wm, ws_command, ws_data);
 
-    int auth_chan_idx = front_authenticate(c, wm, &initial, ws_command, ws_data);
+    if (code < 0){
 
-    if (auth_chan_idx < 0){
-
-        pthread_mutex_unlock(&G_MTX);
+        printf("front auth failed\n");
 
         return;
 
-    } 
-    
-    
-    if (initial == 1) {
-
-        fmt_logln(LOGFP, "connection authenticated");
+    } else if (code < 2){
 
-        pthread_mutex_unlock(&G_MTX);
+        printf("front auth success\n");
 
         return;
 
     }
 
-    front_communicate(auth_chan_idx, ws_command, ws_data);
+    front_communicate(c, wm, ws_command, ws_data);
 
-    pthread_mutex_unlock(&G_MTX);
     
 }
 
 
 
-int front_authenticate(struct mg_connection* c, struct mg_ws_message *wm, int* initial, char* command, char* data){
+int front_access(struct mg_connection* c, struct mg_ws_message *wm, char* command, char* data){
+
+
+    char id[MAX_ID_LEN] = {0};
+    uint8_t token[MAX_PW_LEN] = {0};
 
 
     char ws_buff[MAX_WS_BUFF] = {0};
@@ -191,7 +260,7 @@ int front_authenticate(struct mg_connection* c, struct mg_ws_message *wm, int* i
     if(wm->data.len > MAX_WS_BUFF){
 
         printf("failed handle ws: data too big\n");
-        cJSON_AddItemToObject(response, "status", cJSON_CreateString("fail"));
+        cJSON_AddItemToObject(response, "status", cJSON_CreateString("failed"));
         cJSON_AddItemToObject(response, "data", cJSON_CreateString("null"));
         
         strcpy(ws_buff, cJSON_Print(response));
@@ -211,7 +280,7 @@ int front_authenticate(struct mg_connection* c, struct mg_ws_message *wm, int* i
         printf("failed handle ws: data invalid\n");
 
 
-        cJSON_AddItemToObject(response, "status", cJSON_CreateString("fail"));
+        cJSON_AddItemToObject(response, "status", cJSON_CreateString("failed"));
         cJSON_AddItemToObject(response, "data", cJSON_CreateString("null"));
         
         strcpy(ws_buff, cJSON_Print(response));
@@ -230,7 +299,7 @@ int front_authenticate(struct mg_connection* c, struct mg_ws_message *wm, int* i
 
         printf("failed handle ws: data invalid\n");
 
-        cJSON_AddItemToObject(response, "status", cJSON_CreateString("fail"));
+        cJSON_AddItemToObject(response, "status", cJSON_CreateString("failed"));
         cJSON_AddItemToObject(response, "data", cJSON_CreateString("null"));
         
         strcpy(ws_buff, cJSON_Print(response));
@@ -244,7 +313,6 @@ int front_authenticate(struct mg_connection* c, struct mg_ws_message *wm, int* i
     }
 
 
-
     printf("command: %s\n", ws_command->valuestring);
 
     datalen = strlen(ws_command->valuestring);
@@ -253,7 +321,7 @@ int front_authenticate(struct mg_connection* c, struct mg_ws_message *wm, int* i
 
         printf("failed handle ws: command too long\n");
 
-        cJSON_AddItemToObject(response, "status", cJSON_CreateString("fail"));
+        cJSON_AddItemToObject(response, "status", cJSON_CreateString("failed"));
         cJSON_AddItemToObject(response, "data", cJSON_CreateString("null"));
         
         strcpy(ws_buff, cJSON_Print(response));
@@ -272,7 +340,7 @@ int front_authenticate(struct mg_connection* c, struct mg_ws_message *wm, int* i
 
         printf("failed handle ws: no data field\n");
 
-        cJSON_AddItemToObject(response, "status", cJSON_CreateString("fail"));
+        cJSON_AddItemToObject(response, "status", cJSON_CreateString("failed"));
         cJSON_AddItemToObject(response, "data", cJSON_CreateString("null"));
         
         strcpy(ws_buff, cJSON_Print(response));
@@ -291,7 +359,7 @@ int front_authenticate(struct mg_connection* c, struct mg_ws_message *wm, int* i
 
         printf("failed handle ws: data len too long\n");
 
-        cJSON_AddItemToObject(response, "status", cJSON_CreateString("fail"));
+        cJSON_AddItemToObject(response, "status", cJSON_CreateString("failed"));
         cJSON_AddItemToObject(response, "data", cJSON_CreateString("null"));
         
         strcpy(ws_buff, cJSON_Print(response));
@@ -304,73 +372,83 @@ int front_authenticate(struct mg_connection* c, struct mg_ws_message *wm, int* i
 
     }
 
-    int frontid = (int)c->id;
+    int cid = (int)c->id;
+
+    if(USER.cid == cid){
+
+        strcpy(command, ws_command->valuestring);
+
+        strcpy(data, ws_data->valuestring);
+
+        return 2;
+    }
+
+    int v = idpw_verify(ws_data->valuestring, id, token);
 
-    char user_id[MAX_ID_LEN] = {0};
+    if(v < 0){
 
+        fmt_logln(LOGFP,"invalid idpw"); 
+        printf("failed handle ws: invalid idpw\n");
+        cJSON_AddItemToObject(response, "status", cJSON_CreateString("failed"));
+        cJSON_AddItemToObject(response, "data", cJSON_CreateString("invalid idpw"));
+        
+        strcpy(ws_buff, cJSON_Print(response));
 
-    // TODO:
-    //  simple check
+        datalen = strlen(ws_buff);
 
-    int chan_idx = 0;
+        mg_ws_send(c, ws_buff, datalen, WEBSOCKET_OP_TEXT);
 
-    if (chan_idx < 0){
+        return -10;
 
-        fmt_logln(LOGFP,"not registered to chan ctx, auth"); 
+    } else {
 
-        int v = idpw_verify(ws_data->valuestring);
+        if(v == 0){
 
-        if(v < 0){
+            fmt_logln(LOGFP, "initial auth success");
 
-            fmt_logln(LOGFP,"invalid idpw"); 
-            printf("failed handle ws: invalid idpw\n");
-            cJSON_AddItemToObject(response, "status", cJSON_CreateString("fail"));
-            cJSON_AddItemToObject(response, "data", cJSON_CreateString("invalid idpw"));
+            printf("handle ws: initial auth success\n");
+            cJSON_AddItemToObject(response, "status", cJSON_CreateString("success"));
+            cJSON_AddItemToObject(response, "data", cJSON_CreateString((char*)token));
             
             strcpy(ws_buff, cJSON_Print(response));
-
+    
             datalen = strlen(ws_buff);
-
+    
             mg_ws_send(c, ws_buff, datalen, WEBSOCKET_OP_TEXT);
 
-            return -10;
+            return 0;
 
         } else {
 
-            fmt_logln(LOGFP, "auth success");
+            fmt_logln(LOGFP, "full auth success");
 
-
-            fmt_logln(LOGFP, "initial auth success");
-
-            printf("handle ws: initial auth success\n");
+            printf("handle ws: full auth success\n");
             cJSON_AddItemToObject(response, "status", cJSON_CreateString("success"));
-            cJSON_AddItemToObject(response, "data", cJSON_CreateString("accepted"));
+            cJSON_AddItemToObject(response, "data", cJSON_CreateString("auth success"));
             
             strcpy(ws_buff, cJSON_Print(response));
-
+    
             datalen = strlen(ws_buff);
 
-            mg_ws_send(c, ws_buff, datalen, WEBSOCKET_OP_TEXT);
+            int cid = (int)c->id;
 
-            *initial = 1;
+            USER.cid = cid;
+            
+            mg_ws_send(c, ws_buff, datalen, WEBSOCKET_OP_TEXT);
 
+            return 1;
         }
 
     }
 
-    strcpy(command, ws_command->valuestring);
-
-    strcpy(data, ws_data->valuestring);
 
-    fmt_logln(LOGFP, "auth success");
-
-    return chan_idx;
+    return -100;
 
 
 }
 
 
-void front_communicate(int chan_idx, char* command, char* data){
+void front_communicate(struct mg_connection* c, struct mg_ws_message *wm, char* command, char* data){
 
     char ws_buff[MAX_WS_BUFF] = {0};
 
@@ -378,70 +456,17 @@ void front_communicate(int chan_idx, char* command, char* data){
 
     int datalen = 0;
 
-    fmt_logln(LOGFP, "incoming front communication to sock");
-
-    int sockfd = CHAN_CTX[chan_idx].sockfd;
+    fmt_logln(LOGFP, "incoming front communication");
 
-    if(sockfd == 0){
-
-
-        fmt_logln(LOGFP, "no sock exists for communication");
-
-
-        return;
-
-    }
-
-
-    fmt_logln(LOGFP, "sock exists");
-
-    struct HUB_PACKET hp;
-
-    
     if (strcmp(command, WS_COMMAND_ROUNDTRIP) == 0) {
 
         fmt_logln(LOGFP, "roundtrip");
 
 
-        memset(hp.header, 0, HUB_HEADER_BYTELEN);
-
-        memset(hp.wbuff, 0, MAX_BUFF);
-
-        hp.ctx_type = CHAN_ISSOCK;
-
-        strcpy(hp.id, CHAN_CTX[chan_idx].id);
-
-        strcpy(hp.header, HUB_HEADER_SENDSOCK);
-
-        datalen = strlen(data);
-
-        hp.body_len = datalen;
-
-        strncpy(hp.wbuff, data, datalen);
-
-        hp.flag = 0;
-
-        ctx_write_packet(&hp);
-
-        if(hp.flag <= 0){
-
-            fmt_logln(LOGFP, "failed to send to sock");
-
-
-
-            return;
-        } 
-
-        fmt_logln(LOGFP, "send to sock");
-
-
     } else {
 
         printf("failed handle ws: no such command\n");
 
-        
-        return;
-
     }
 
     return;

diff --git a/src/utils.c b/src/utils.c
index 7ced14062716ae714feb9aec9150827e9ae54f95..88b781fc5468f1180611329cbc37eab40fb7b987 100644 (file)
--- a/src/utils.c
+++ b/src/utils.c
@@ -59,6 +59,7 @@ int gen_random_bytestream(uint8_t* bytes, size_t num_bytes){
 int bin2hex(uint8_t* hexarray, int arrlen, uint8_t* bytearray){
 
     int hexlen = 2;
+    
 
     int outstrlen = hexlen * arrlen + 1;
 
@@ -67,20 +68,27 @@ int bin2hex(uint8_t* hexarray, int arrlen, uint8_t* bytearray){
         return -1;
     }
 
-    memset(hexarray, 0, outstrlen * sizeof(char));
+    uint8_t* tmparr = (uint8_t*)malloc(outstrlen * sizeof(uint8_t));
 
-    unsigned char* ptr = hexarray;
+    memset(tmparr, 0, outstrlen * sizeof(uint8_t));
+
+    unsigned char* ptr = tmparr;
 
     for(int i = 0 ; i < arrlen; i++){
 
         sprintf(ptr + 2 * i, "%02X", bytearray[i]);
     }
 
+    memset(hexarray, 0, outstrlen * sizeof(char));
+
+    memcpy(hexarray, tmparr, outstrlen);
+
+    free(tmparr);
+
     return 0;
     
 }
 
-
 int get_host_port(char* hostname, int* port, char* addr){
 
     char addr_cp[MAX_ID_LEN]  = {0};