From 9e6a5b2d37a9f6be78c84f9b77d8806cc7bd2551 Mon Sep 17 00:00:00 2001
From: Tomasz Sowa <t.sowa@ttmath.org>
Date: Tue, 26 Jul 2022 21:54:33 +0200
Subject: [PATCH] add use_internal_session_mechanism and
 use_internal_loggin_mechanism config options

---
 winixd/core/config.cpp         |   3 +
 winixd/core/config.h           |  12 ++++
 winixd/core/sessionmanager.cpp | 106 +++++++++++++++++++--------------
 winixd/core/users.cpp          |  44 ++++++++------
 winixd/functions/functions.cpp |  16 ++++-
 5 files changed, 115 insertions(+), 66 deletions(-)

diff --git a/winixd/core/config.cpp b/winixd/core/config.cpp
index ec41a52..71a6e2a 100644
--- a/winixd/core/config.cpp
+++ b/winixd/core/config.cpp
@@ -191,6 +191,9 @@ void Config::AssignValues()
 	templates_request_status = Text(L"templates_request_status", L"request_status.html");
 	template_only_root_use_template_fun = Bool(L"template_only_root_use_template_fun", false);
 
+	use_internal_session_mechanism = Bool(L"use_internal_session_mechanism", true);
+	use_internal_loggin_mechanism  = Bool(L"use_internal_loggin_mechanism", true);
+
 	http_session_id_name	= Text(L"http_session_id_name", L"session_id");
 	db_conn_string			= Text(L"db_conn_string");
 	db_host					= Text(L"db_host");
diff --git a/winixd/core/config.h b/winixd/core/config.h
index 21847e9..4c99261 100644
--- a/winixd/core/config.h
+++ b/winixd/core/config.h
@@ -267,6 +267,18 @@ public:
 	// if a migration fails then stop winix
 	bool db_stop_if_migration_fails;
 
+	// use internal session mechanism
+	// default: true
+	// if false then we do not load/save and create internal sessions
+	// but there always be the temporary session object for a request
+	// also we do not load 'who' winix function
+	bool use_internal_session_mechanism;
+
+	// use internal loggin mechanism
+	// default: true
+	// if false then we do not load 'login' and 'logout' winix functions
+	// and the system will not allow to login through its api
+	bool use_internal_loggin_mechanism;
 
 	// the name of the cookie which has the session identifier
 	std::wstring http_session_id_name;
diff --git a/winixd/core/sessionmanager.cpp b/winixd/core/sessionmanager.cpp
index d1d17c8..65b7aa8 100644
--- a/winixd/core/sessionmanager.cpp
+++ b/winixd/core/sessionmanager.cpp
@@ -475,31 +475,34 @@ Session * SessionManager::PrepareSession()
 {
 	session = nullptr;
 
-	if( !IsIPBanned() )
+	if( config->use_internal_session_mechanism )
 	{
-		CookieTab::iterator i = cur->request->cookie_tab.find(config->http_session_id_name);
-
-		if( i != cur->request->cookie_tab.end() )
+		if( !IsIPBanned() )
 		{
-			if( !SetSessionFromCookie(i->second) )
+			CookieTab::iterator i = cur->request->cookie_tab.find(config->http_session_id_name);
+
+			if( i != cur->request->cookie_tab.end() )
 			{
-				cur->request->cookie_tab.erase(i);
+				if( !SetSessionFromCookie(i->second) )
+				{
+					cur->request->cookie_tab.erase(i);
+				}
+			}
+			else
+			{
+				if( cur->request->function && cur->request->function->need_session )
+				{
+					NoSessionCookieWasSent();
+				}
 			}
 		}
-		else
-		{
-			if( cur->request->function && cur->request->function->need_session )
-			{
-				NoSessionCookieWasSent();
-			}
-		}
-	}
 
-	if( !session && cur->request->function && cur->request->function->need_session )
-	{
-		if( !current_ip_ban || !current_ip_ban->IsIPBanned() )
+		if( !session && cur->request->function && cur->request->function->need_session )
 		{
-			CreateSession();
+			if( !current_ip_ban || !current_ip_ban->IsIPBanned() )
+			{
+				CreateSession();
+			}
 		}
 	}
 
@@ -516,14 +519,17 @@ Session * SessionManager::PrepareSession()
 
 Session * SessionManager::CheckIfFunctionRequireSession()
 {
-	if( cur->request->function && cur->request->function->need_session )
+	if( config->use_internal_session_mechanism )
 	{
-		if( session == &temporary_session )
+		if( cur->request->function && cur->request->function->need_session )
 		{
-			if( !current_ip_ban || !current_ip_ban->IsIPBanned() )
+			if( session == &temporary_session )
 			{
-				CreateSession();
-				session->ip_ban = current_ip_ban;
+				if( !current_ip_ban || !current_ip_ban->IsIPBanned() )
+				{
+					CreateSession();
+					session->ip_ban = current_ip_ban;
+				}
 			}
 		}
 	}
@@ -652,34 +658,37 @@ void SessionManager::LoadSessions()
 SessionParser sp;
 SessionContainer::Iterator i;
 
-	if( !config->session_file.empty() )
+	if( config->use_internal_session_mechanism )
 	{
-		sp.set_dependency(this);
-
-		// sessions will be overwritten (pointers are invalidated)
-		cur->session = &temporary_session;
-
-		sp.SetUsers(&system->users);
-		sp.Parse(config->session_file, session_tab);
-
-		for(i=session_tab.Begin() ; i != session_tab.End() ; ++i)
+		if( !config->session_file.empty() )
 		{
-			i->plugin_data.Resize(plugin->Size());
-			plugin->Call(main_model_connector, &main_log, &(*i), nullptr, nullptr, WINIX_SESSION_CREATED);
+			sp.set_dependency(this);
 
-			/*
-				!! IMPROVE ME
-				we do not add it to the last_container (we don't have IP address stored yet)
-			*/
+			// sessions will be overwritten (pointers are invalidated)
+			cur->session = &temporary_session;
 
-			if( i->puser )
-				plugin->Call(main_model_connector, &main_log, &(*i), nullptr, nullptr, WINIX_USER_LOGGED);
+			sp.SetUsers(&system->users);
+			sp.Parse(config->session_file, session_tab);
+
+			for(i=session_tab.Begin() ; i != session_tab.End() ; ++i)
+			{
+				i->plugin_data.Resize(plugin->Size());
+				plugin->Call(main_model_connector, &main_log, &(*i), nullptr, nullptr, WINIX_SESSION_CREATED);
+
+				/*
+					!! IMPROVE ME
+					we do not add it to the last_container (we don't have IP address stored yet)
+				*/
+
+				if( i->puser )
+					plugin->Call(main_model_connector, &main_log, &(*i), nullptr, nullptr, WINIX_USER_LOGGED);
+			}
+		}
+		else
+		{
+			// FIXME this log is not printed, why?
+			main_log << log1 << "SM: session_file config parameter is empty, not loading sessions" << logend;
 		}
-	}
-	else
-	{
-		// FIXME this log is not printed, why?
-		main_log << log1 << "SM: session_file config parameter is empty, not loading sessions" << logend;
 	}
 
 	cur->session = &temporary_session;
@@ -693,6 +702,11 @@ void SessionManager::SaveSessions()
 {
 char file_path[WINIX_OS_PATH_SIZE];
 
+	if( !config->use_internal_session_mechanism )
+	{
+		return;
+	}
+
 	if( config->session_file.empty() )
 	{
 		main_log << log1 << "SM: session_file config parameter is empty, not saving sessions - sessions lost" << logend;
diff --git a/winixd/core/users.cpp b/winixd/core/users.cpp
index e78992a..5395e16 100644
--- a/winixd/core/users.cpp
+++ b/winixd/core/users.cpp
@@ -5,7 +5,7 @@
  */
 
 /* 
- * Copyright (c) 2008-2021, Tomasz Sowa
+ * Copyright (c) 2008-2022, Tomasz Sowa
  * All rights reserved.
  * 
  * Redistribution and use in source and binary forms, with or without
@@ -264,6 +264,11 @@ return puser;
 
 bool Users::LoginUser(long user_id, bool remember_me, bool use_ses_log)
 {
+	Config * config = get_config();
+
+	if( !config || !config->use_internal_loggin_mechanism )
+		return false;
+
 	if( !LoginUserCheckSession(use_ses_log) )
 		return false;
 
@@ -343,26 +348,31 @@ return how_many;
 
 void Users::LogoutCurrentUser()
 {
-	Log * log = get_logger();
-	Session * session = get_session();
+	Config * config = get_config();
 
-	if( !session || !session->puser )
-		return;
-
-	if( log )
+	if( config && config->use_internal_loggin_mechanism )
 	{
-		(*log) << log2 << "Users: user " << session->puser->login <<  ", id: "
-			   << session->puser->id << " logged out" << logend;
-	}
-	
-	//plugin->Call(WINIX_PREPARE_USER_TO_LOGOUT, cur->session->puser);	// FIXME
-	last.UserLogout(session->puser->id, session->id);
+		Log * log = get_logger();
+		Session * session = get_session();
 
-	if( how_many_logged > 0 ) // for safety
-		how_many_logged -= 1;
+		if( !session || !session->puser )
+			return;
 	
-	session->puser = 0;
-	session->remember_me = false;
+		if( log )
+		{
+			(*log) << log2 << "Users: user " << session->puser->login <<  ", id: "
+				   << session->puser->id << " logged out" << logend;
+		}
+
+		//plugin->Call(WINIX_PREPARE_USER_TO_LOGOUT, cur->session->puser);	// FIXME
+		last.UserLogout(session->puser->id, session->id);
+	
+		if( how_many_logged > 0 ) // for safety
+			how_many_logged -= 1;
+
+		session->puser = 0;
+		session->remember_me = false;
+	}
 }
 
 
diff --git a/winixd/functions/functions.cpp b/winixd/functions/functions.cpp
index 6e9b63d..bc1201f 100644
--- a/winixd/functions/functions.cpp
+++ b/winixd/functions/functions.cpp
@@ -244,8 +244,13 @@ void Functions::CreateFunctions()
 	Add(fun_imgcrop);
 	Add(fun_last);
 	Add(fun_locale);
-	Add(fun_login);
-	Add(fun_logout);
+
+	if( config->use_internal_loggin_mechanism )
+	{
+		Add(fun_login);
+		Add(fun_logout);
+	}
+
 	Add(fun_ln);
 	Add(fun_ls);
 	Add(fun_ipban);
@@ -273,7 +278,12 @@ void Functions::CreateFunctions()
 	Add(fun_uname);
 	Add(fun_upload);
 	Add(fun_uptime);
-	Add(fun_who);
+
+	if( config->use_internal_session_mechanism )
+	{
+		Add(fun_who);
+	}
+
 	Add(fun_vim);
 
 	plugin->Call(WINIX_CREATE_FUNCTIONS);