From 01892d2766caf0cc50da220b9fb7f617def997a2 Mon Sep 17 00:00:00 2001 From: Tomasz Sowa Date: Sat, 7 Jun 2014 11:20:44 +0000 Subject: [PATCH] added: flag has_pass to User structure if false that means the user has not set a password yet (this can be used by a plugins to create a new account without a password set) in order to login the user first has to set a new password (this can be done from a some kind of activation link send via email etc) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@954 e52654a7-88a9-db11-a3e9-0013d4bc506e --- Makefile | 11 +++++++---- core/config.h | 38 +++++++++++++++++++++++++------------- core/user.cpp | 1 + core/user.h | 8 ++++++-- core/version.h | 2 +- db/db.cpp | 14 +++++++++----- functions/adduser.cpp | 1 + functions/login.cpp | 10 +++++++++- functions/passwd.cpp | 1 + 9 files changed, 60 insertions(+), 26 deletions(-) diff --git a/Makefile b/Makefile index d98ac9c..6ad1282 100755 --- a/Makefile +++ b/Makefile @@ -3,10 +3,13 @@ include Makefile.dep -#ifndef CXX -# temporarily workaround: forcing using clang (CXX is defined by the OS and is equal to g++) -CXX = g++-4.8 -#endif +ifeq ($(OSTYPE), FreeBSD) + CXX = clang++ +else + CXX = g++-4.8 +endif + + ifndef CXXFLAGS CXXFLAGS = -Wall -O0 -g -fPIC -pthread -std=c++11 -I/usr/local/include -I/usr/include/postgresql -DEZC_USE_WINIX_LOGGER -DEZC_HAS_SPECIAL_STREAM diff --git a/core/config.h b/core/config.h index 92c126a..99dcb41 100755 --- a/core/config.h +++ b/core/config.h @@ -34,11 +34,11 @@ public: // default: true bool demonize; - // system user name (to which drop privileges) + // system user's name to whom winix should drop privileges // used only if winix is started as the root std::string user; - // system group name (to which drop privileges) + // system group's name to which drop privileges // used only if winix is started as the root std::string group; @@ -51,21 +51,23 @@ public: // log file name, log file name for notifications (sending emails, etc) std::string log_file, log_notify_file; + // the log level (how much info should be inserted to logs) // 1 - minimum // 2 - (default) // 3 - maximum - all logs int log_level; // logging to stdout too - // only if demonize is 'false' + // this option is valid only if 'demonize' option is set to 'false' // default: false bool log_stdout; // how many requests should be saved in the same time + // if you have a very busy server you can incrase this value // default: 1 int log_request; - // whether to save each line of the config (use it for debug purposes) + // whether to save each line of the config (used for debugging purposes) // default: false bool log_save_each_line; @@ -80,6 +82,7 @@ public: bool log_server_answer; // logging db queries + // warning: use it only on a developer's server as it logs the hashes of passwords too // default: false bool log_db_query; @@ -89,7 +92,7 @@ public: // how many characters in values should be logged from POST parameters // default: 80 - // set to 0 to turn off + // set to 0 to turn it off size_t log_post_value_size; // request delimiter in the log file, default "---------" @@ -132,39 +135,46 @@ public: // default: index.html std::wstring templates_index; - // if true then only root can use 'template' function + // if true then only root can use 'template' winix function // default: false bool template_only_root_use_template_fun; + // the database name, user name and a password for the PostgreSQL database std::string db_database; std::string db_user; std::string db_pass; + // the name of the cookie which has the session identifier std::wstring http_session_id_name; // string used in a place where is a user (or group) selected + // !! IMPROVE ME should be moved to locales std::wstring priv_no_user; std::wstring priv_no_group; - // time in seconds when the user will be automatically logged out (iddle time) + // time in seconds when a user will be automatically logged out (iddle time) + // default: 10800 = 3 hours int session_max_idle; - // time in seconds when the user will be automatically logged out (when he selected 'remember me' option) + // time in seconds when a user will be automatically logged out + // when he has selected the 'remember me' option when logging in // this time is usually greater than session_max_idle + // default: 16070400 = 3 months int session_remember_max_idle; - // this file is used when the program is starting and ending + // a file to which winix stores sessions info + // it is used when winix starts (boots) and quits std::string session_file; // how many sessions can be (zero turn off this checking) // default: 1000000 (one milion) size_t session_max; - // allow the html output to be compressed + // allow the winix output to be compressed // default: true bool compression; - // if the output is shorter than this value then it will not be compressed + // compress only if the output is greater or equal to this value // default: 512 bytes size_t compression_page_min_size; @@ -191,12 +201,12 @@ public: bool html_filter_trim_white; // when long words should be broken (a space will be inserted) - // default: after 60 non white characters will be put a space + // default: after 60 non white characters there will be put a space // set zero to turn off size_t html_filter_break_word; // when long lines should be broken (a new line character will be inserted) - // default: 80 + // default: 110 // set zero to turn off size_t html_filter_wrap_line; @@ -215,9 +225,11 @@ public: HTMLFilter::OrphanMode html_filter_orphans_mode; // the url of a new empty item (if there is not the subject too) + // !! IMPROVE ME should be moved to locale std::wstring item_url_empty; // maximum length of a file send by post multipart form + // default: 8388608 - 8MB // 0 - not used size_t post_file_max; diff --git a/core/user.cpp b/core/user.cpp index 6ed696b..b3b8972 100755 --- a/core/user.cpp +++ b/core/user.cpp @@ -37,6 +37,7 @@ void User::Clear() } + bool User::IsMemberOf(long group) { std::vector::iterator i; diff --git a/core/user.h b/core/user.h index 81dba63..21d5932 100755 --- a/core/user.h +++ b/core/user.h @@ -32,6 +32,7 @@ namespace Winix #define WINIX_ACCOUNT_NOT_ACTIVATED 1 // 2 - a user clicked on the link in the mail and now can normally use his account +// (if has a password set too) #define WINIX_ACCOUNT_READY 2 // 3 - account was suspended @@ -41,6 +42,9 @@ namespace Winix #define WINIX_ACCOUNT_BLOCKED 4 + + + /* a user can login only to an account which status is equal to WINIX_ACCOUNT_READY @@ -62,6 +66,8 @@ namespace Winix */ struct UserPass { + bool has_pass; // true if the user has a password set + // if false the user cannot login int pass_type; // the kind of hash (WINIX_CRYPT_HASH_* see crypt.h) std::wstring pass; // password hashed or plain text if pass_type==0 std::string pass_encrypted; // password encrypted @@ -79,7 +85,6 @@ struct User std::wstring email; int notify; - // environment variables which can be set by this user // use 'env' winix function PT::Space env; @@ -99,7 +104,6 @@ struct User // time zone identifier size_t time_zone_id; - User(); void Clear(); diff --git a/core/version.h b/core/version.h index d176e6e..f6a0b32 100755 --- a/core/version.h +++ b/core/version.h @@ -17,7 +17,7 @@ namespace Winix #define WINIX_VER_MAJOR 0 #define WINIX_VER_MINOR 6 -#define WINIX_VER_REVISION 0 +#define WINIX_VER_REVISION 1 diff --git a/db/db.cpp b/db/db.cpp index a10ec16..72a7c6c 100755 --- a/db/db.cpp +++ b/db/db.cpp @@ -27,7 +27,7 @@ bool Db::GetUserPass(const std::wstring & login, long & user_id, UserPass & up) try { query.Clear(); - query << R("select id, password, pass_encrypted, pass_type, pass_hash_salted from core.user where login=") + query << R("select id, has_pass, password, pass_encrypted, pass_type, pass_hash_salted from core.user where login=") << login << R(";"); @@ -46,6 +46,7 @@ bool Db::GetUserPass(const std::wstring & login, long & user_id, UserPass & up) } int cuser_id = AssertColumn(r, "id"); + int chas_pass = AssertColumn(r, "has_pass"); int cpass_type = AssertColumn(r, "pass_type"); int csalted = AssertColumn(r, "pass_hash_salted"); int cpassword = AssertColumn(r, "password"); @@ -53,6 +54,7 @@ bool Db::GetUserPass(const std::wstring & login, long & user_id, UserPass & up) user_ok = true; user_id = AssertValueLong(r, 0, cuser_id); + up.has_pass = AssertValueBool(r, 0, chas_pass); up.pass_type = AssertValueInt(r, 0, cpass_type); up.pass_hash_salted = AssertValueBool(r, 0, csalted); AssertValueWide(r, 0, cpassword, up.pass); @@ -79,9 +81,10 @@ Error Db::AddUser(User & user, const UserPass & up) try { query.Clear(); - query << R("insert into core.user (login, password, pass_encrypted, super_user, email," + query << R("insert into core.user (login, has_pass, password, pass_encrypted, super_user, email," "notify, pass_type, pass_hash_salted, env, aenv, status, locale_id, time_zone_id) values (") - << user.name; + << user.name + << up.has_pass; // for safety we put up.pass only if there is not an encrypted version // someone could have forgotten to clear up.pass @@ -125,8 +128,9 @@ return status; Error Db::ChangeUserPass(long user_id, const UserPass & up) { query.Clear(); - query << R("update core.user set(password, pass_encrypted," - "pass_type, pass_hash_salted) = ("); + query << R("update core.user set(has_pass, password, pass_encrypted," + "pass_type, pass_hash_salted) = (") + << up.has_pass; // for safety if( up.pass_encrypted.empty() ) diff --git a/functions/adduser.cpp b/functions/adduser.cpp index 32a5e98..a226308 100755 --- a/functions/adduser.cpp +++ b/functions/adduser.cpp @@ -139,6 +139,7 @@ return true; */ bool AddUser::AddNewUser(User & user, const std::wstring & pass) { + up.has_pass = true; up.pass = pass; system->crypt.PassHashCrypt(up); diff --git a/functions/login.cpp b/functions/login.cpp index 393aeae..829b015 100755 --- a/functions/login.cpp +++ b/functions/login.cpp @@ -91,7 +91,15 @@ bool result; if( db->GetUserPass(login, user_id, up) ) { - result = CheckPasswords(password); + if( up.has_pass ) + { + result = CheckPasswords(password); + } + else + { + log << log2 << "Login: this account has not a password set yet" << logend; + result = false; + } } else { diff --git a/functions/passwd.cpp b/functions/passwd.cpp index ed3dc5e..53ac00e 100755 --- a/functions/passwd.cpp +++ b/functions/passwd.cpp @@ -85,6 +85,7 @@ bool result = false; if( puser ) { + up.has_pass = true; up.pass = new_password; system->crypt.PassHashCrypt(up); result = (db->ChangeUserPass(user_id, up) == WINIX_ERR_OK);