tomasz.sowa
/
winix
1
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

added: need_ssl flag to FunctionBase 

// try to use SSL
       // if in the config 'use_ssl' is true and 'use_ssl_only_for_logged_users' is true
       // then ssl is used only for logged users but sometimes there is a need to use
       // SSL even if noone is logged (for example for such functions like 'login' or 'adduser')
       // default: false
       // (this option is ignored if 'use_ssl' in the config is false)
       bool need_ssl;




git-svn-id: svn://ttmath.org/publicrep/winix/trunk@892 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
Tomasz Sowa 2012-09-24 18:38:35 +00:00
parent 26e87b20b1
commit 14f997b844
5 changed files with 46 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
core/app.cpp
View File

@ -221,23 +221,34 @@ return true;
/* /*
if this method returns true then we make a redirect this method is called when the connection is through SSL
if this method returns true then we make a redirect to an ordinary http (without ssl)
*/ */
bool App::ShouldNotUseSSL() bool App::ShouldNotUseSSL()
{ {
if( cur.request->method == Request::post ) if( cur.request->method == Request::post )
{
// something comes via POST, don't do a redirect because you lose the date
return false; return false;
}
if( !config.use_ssl ) if( !config.use_ssl )
{
// we should not use SSL, we make a redirect
return true; return true;
}
// !! IMPROVE ME add a flag to functions to indicate if the function need SSL if( cur.request->function->need_ssl )
if( cur.request->function == &functions.fun_login || {
cur.request->function == &functions.fun_adduser ) // this winix function require SSL, so we don't make a redirect
return false; return false;
}
if( config.use_ssl_only_for_logged_users && !cur.session->puser ) if( config.use_ssl_only_for_logged_users && !cur.session->puser )
{
// use_ssl_only_for_logged_users is true and noone is logged, do the redirect
return true; return true;
}
return false; return false;
} }
@ -245,23 +256,35 @@ return false;
/* /*
if this method returns true then we make a redirect this method is called when the connection is NOT through SSL
if this method returns true then we make a redirect to SSL
*/ */
bool App::ShouldUseSSL() bool App::ShouldUseSSL()
{ {
if( cur.request->method == Request::post ) if( cur.request->method == Request::post )
{
// something comes via POST, don't do a redirect because you lose the date
return false; return false;
}
if( !config.use_ssl ) if( !config.use_ssl )
{
// we do not use ssl, don't do the redirect
return false; return false;
}
// !! IMPROVE ME add a flag to functions to indicate if the function need SSL if( cur.request->function->need_ssl )
if( cur.request->function == &functions.fun_login || {
cur.request->function == &functions.fun_adduser ) // this functions require SSL, do the redirect
return true; return true;
}
if( config.use_ssl_only_for_logged_users && !cur.session->puser ) if( config.use_ssl_only_for_logged_users && !cur.session->puser )
{
// we require SSL but only for logged users
// dont do redirect
return false; return false;
}
return true; return true;
} }
@ -276,7 +299,7 @@ bool status = true;
if( ShouldNotUseSSL() ) if( ShouldNotUseSSL() )
{ {
BaseUrlRedirect(config.use_ssl_redirect_code, true); BaseUrlRedirect(config.use_ssl_redirect_code, true);
log << log3 << "App: this operation should NOT be used in SSL connection" << logend; log << log3 << "App: this operation should NOT be used through SSL" << logend;
status = false; status = false;
} }
} }
@ -284,7 +307,7 @@ bool status = true;
if( ShouldUseSSL() ) if( ShouldUseSSL() )
{ {
BaseUrlRedirect(config.use_ssl_redirect_code, true); BaseUrlRedirect(config.use_ssl_redirect_code, true);
log << log3 << "App: this operation should be used in SSL connection" << logend; log << log3 << "App: this operation should be used through SSL" << logend;
status = false; status = false;
} }

3
functions/adduser.cpp
View File

@ -21,7 +21,8 @@ namespace Fun
AddUser::AddUser() AddUser::AddUser()
{ {
fun.url = L"adduser"; fun.url = L"adduser";
need_ssl = true;
} }

1
functions/functionbase.cpp
View File

@ -16,6 +16,7 @@ FunctionBase::FunctionBase()
{ {
follow_symlinks = true; follow_symlinks = true;
template_index = size_t(-1); template_index = size_t(-1);
need_ssl = false;
fun.user_id = -1; fun.user_id = -1;
fun.group_id = -1; fun.group_id = -1;

8
functions/functionbase.h
View File

@ -43,6 +43,14 @@ public:
// html template index (for using with 'patterns' object) // html template index (for using with 'patterns' object)
size_t template_index; size_t template_index;
// try to use SSL
// if in the config 'use_ssl' is true and 'use_ssl_only_for_logged_users' is true
// then ssl is used only for logged users but sometimes there is a need to use
// SSL even if noone is logged (for example for such functions like 'login' or 'adduser')
// default: false
// (this option is ignored if 'use_ssl' in the config is false)
bool need_ssl;
virtual void Init(); virtual void Init();
virtual bool HasAccess(); virtual bool HasAccess();
virtual void MakePost(); virtual void MakePost();

3
functions/login.cpp
View File

@ -17,7 +17,8 @@ namespace Fun
Login::Login() Login::Login()
{ {
fun.url = L"login"; fun.url = L"login";
need_ssl = true;
} }