diff --git a/apps/aqhome-cgi/modules/common/mservice.c b/apps/aqhome-cgi/modules/common/mservice.c index 6f409c9..0a84981 100644 --- a/apps/aqhome-cgi/modules/common/mservice.c +++ b/apps/aqhome-cgi/modules/common/mservice.c @@ -226,23 +226,18 @@ void AQH_ModService_AddFooter(AQH_MODULE *m, const char *lang, GWEN_BUFFER *dbuf -int AQH_ModService_RespondWithFile(AQH_MODULE *m, AQCGI_REQUEST *rq, const char *lang, const char *sFilename) +int AQH_ModService_RespondWithFile(AQH_MODULE *m, AQCGI_REQUEST *rq, const char *lang, const char *sFilename, GWEN_BUFFER *dbuf) { - GWEN_BUFFER *buf; int rv; - buf=GWEN_Buffer_new(0, 256, 0, 1); - AQH_ModService_AddHeader(m, lang, buf); - rv=AQH_ModService_ReadStaticFile(m, lang, sFilename, buf); + rv=AQH_ModService_ReadStaticFile(m, lang, sFilename, dbuf); if (rv<0) { - AQCGI_SendResponseWithStatus(rq, 500, "Internal error"); - GWEN_Buffer_free(buf); + AQCGI_Request_SetResponseCode(rq, 500); + AQCGI_Request_SetResponseText(rq, "Internal Error"); return GWEN_ERROR_INTERNAL; } - AQH_ModService_AddFooter(m, lang, buf); - AQCGI_Request_SetBufferResponseBody(rq, buf); - AQCGI_Request_AddResponseHeaderData(rq, "Content-type: text/html"); - AQCGI_SendResponseWithStatus(rq, 200, "Ok"); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); return 0; } diff --git a/apps/aqhome-cgi/modules/common/mservice.h b/apps/aqhome-cgi/modules/common/mservice.h index 0e265f6..c147210 100644 --- a/apps/aqhome-cgi/modules/common/mservice.h +++ b/apps/aqhome-cgi/modules/common/mservice.h @@ -42,7 +42,7 @@ AQH_SESSION *AQH_ModService_ReadSession(AQH_MODULE *m, AQCGI_REQUEST *rq); void AQH_ModService_CalcSessionModPerms(AQH_MODULE *m, const AQH_SESSION *session); -int AQH_ModService_RespondWithFile(AQH_MODULE *m, AQCGI_REQUEST *rq, const char *lang, const char *sFilename); +int AQH_ModService_RespondWithFile(AQH_MODULE *m, AQCGI_REQUEST *rq, const char *lang, const char *sFilename, GWEN_BUFFER *dbuf); int AQH_ModService_ReadStaticFile(AQH_MODULE *m, const char *lang, const char *filename, GWEN_BUFFER *dbuf); void AQH_ModService_AddPermDef(AQH_PERMDEF_LIST *permDefList, const char *id, uint32_t mask, const char *descr); diff --git a/apps/aqhome-cgi/modules/mroot.c b/apps/aqhome-cgi/modules/mroot.c index 86ff5bc..b2093a2 100644 --- a/apps/aqhome-cgi/modules/mroot.c +++ b/apps/aqhome-cgi/modules/mroot.c @@ -39,10 +39,10 @@ static AQH_MODULE *_loadSubModule(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sModuleName); static int _handleRequest(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sLastPathElem); -static int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq); -static int _handleRqLogin(AQH_MODULE *m, AQCGI_REQUEST *rq); -static int _handleRqLoginPost(AQH_MODULE *m, AQCGI_REQUEST *rq); -static AQH_USER *_getAndCheckUser(AQH_MODULE *m, AQCGI_REQUEST *rq); +static int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf); +static int _handleRqLogin(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf); +static int _handleRqLoginPost(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf); +static AQH_USER *_getAndCheckUser(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf); /* ------------------------------------------------------------------------------------------------ @@ -118,7 +118,7 @@ int _handleRequest(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const AQH_ModService_AddHeader(m, "en", dbuf); if (strcasecmp(sLastPathElem, "login")==0) - _handleRqLogin(m, rq); + _handleRqLogin(m, rq, dbuf); else if (strcasecmp(sLastPathElem, "signup")==0) { AQCGI_Request_SetResponseCode(rq, 501); AQCGI_Request_SetResponseText(rq, "Not Implemented"); @@ -128,7 +128,7 @@ int _handleRequest(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const AQCGI_Request_SetResponseText(rq, "Not Implemented"); } else if (strcasecmp(sLastPathElem, "index.html")==0) - _handleRqIndex(m, rq); + _handleRqIndex(m, rq, dbuf); else { AQCGI_Request_SetResponseCode(rq, 404); AQCGI_Request_SetResponseText(rq, "Not Found"); @@ -143,10 +143,10 @@ int _handleRequest(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const -int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq) +int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf) { if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_GET) - return AQH_ModService_RespondWithFile(m, rq, "en", "index.html"); + return AQH_ModService_RespondWithFile(m, rq, "en", "index.html", dbuf); else { DBG_ERROR(NULL, "Invalid request method %d", AQCGI_Request_GetRequestMethod(rq)); AQCGI_Request_SetResponseCode(rq, 405); @@ -157,14 +157,12 @@ int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq) -int _handleRqLogin(AQH_MODULE *m, AQCGI_REQUEST *rq) +int _handleRqLogin(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf) { - int rv; - if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_GET) - AQH_ModService_RespondWithFile(m, rq, "en", "login.html"); + AQH_ModService_RespondWithFile(m, rq, "en", "login.html", dbuf); else if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_POST) - _handleRqLoginPost(m, rq); + _handleRqLoginPost(m, rq, dbuf); else { DBG_ERROR(NULL, "Invalid request method %d", AQCGI_Request_GetRequestMethod(rq)); AQCGI_Request_SetResponseCode(rq, 405); @@ -176,18 +174,18 @@ int _handleRqLogin(AQH_MODULE *m, AQCGI_REQUEST *rq) -int _handleRqLoginPost(AQH_MODULE *m, AQCGI_REQUEST *rq) +int _handleRqLoginPost(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf) { AQH_SERVICE *sv; AQH_USER *user; AQH_SESSION *session; - GWEN_BUFFER *dbuf; + GWEN_BUFFER *tbuf; GWEN_TIMESTAMP *ts; int rv; DBG_ERROR(NULL, "Handling request"); sv=AQH_ModService_GetService(m); - user=_getAndCheckUser(m, rq); + user=_getAndCheckUser(m, rq, dbuf); if (user==NULL) { DBG_INFO(NULL, "here"); AQCGI_Request_SetResponseCode(rq, 500); @@ -209,17 +207,17 @@ int _handleRqLoginPost(AQH_MODULE *m, AQCGI_REQUEST *rq) /* generate session */ DBG_ERROR(NULL, "Generating session"); - dbuf=GWEN_Buffer_new(0, 64, 0, 1); - AQCGI_GenerateSessionId(dbuf); + tbuf=GWEN_Buffer_new(0, 64, 0, 1); + AQCGI_GenerateSessionId(tbuf); session=AQH_Session_new(); AQH_Session_SetTimestampCreation(session, ts); AQH_Session_SetTimestampLastAccess(session, ts); - AQH_Session_SetUid(session, GWEN_Buffer_GetStart(dbuf)); - GWEN_Buffer_free(dbuf); + AQH_Session_SetUid(session, GWEN_Buffer_GetStart(tbuf)); + GWEN_Buffer_free(tbuf); AQH_Session_SetUserAlias(session, AQH_User_GetAlias(user)); rv=AQH_Service_AddSession(sv, session); if (rv<0) { - DBG_ERROR(NULL, "Error adding session for user \"%s\"", AQH_User_GetAlias(user)); + DBG_ERROR(NULL, "Error adding session for user \"%s\" (%d)", AQH_User_GetAlias(user), rv); AQCGI_Request_SetResponseCode(rq, 500); AQCGI_Request_SetResponseText(rq, "Internal Error"); AQH_Session_free(session); @@ -228,9 +226,10 @@ int _handleRqLoginPost(AQH_MODULE *m, AQCGI_REQUEST *rq) } /* add Set-Cookie header */ - dbuf=GWEN_Buffer_new(0, 256, 0, 1); - GWEN_Buffer_AppendArgs(dbuf, "Set-Cookie: session=%s; max-age=3600", AQH_Session_GetUid(session)); - AQCGI_Request_AddResponseHeaderData(rq, GWEN_Buffer_GetStart(dbuf)); + tbuf=GWEN_Buffer_new(0, 256, 0, 1); + GWEN_Buffer_AppendArgs(tbuf, "Set-Cookie: session=%s; max-age=3600", AQH_Session_GetUid(session)); + AQCGI_Request_AddResponseHeaderData(rq, GWEN_Buffer_GetStart(tbuf)); + GWEN_Buffer_free(tbuf); /* finish */ AQCGI_Request_AddResponseHeaderData(rq, "Location: index.html"); @@ -244,7 +243,7 @@ int _handleRqLoginPost(AQH_MODULE *m, AQCGI_REQUEST *rq) -AQH_USER *_getAndCheckUser(AQH_MODULE *m, AQCGI_REQUEST *rq) +AQH_USER *_getAndCheckUser(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf) { GWEN_DB_NODE *dbPost; @@ -262,7 +261,8 @@ AQH_USER *_getAndCheckUser(AQH_MODULE *m, AQCGI_REQUEST *rq) sPasswd=GWEN_DB_GetCharValue(dbPost, "password", 0, NULL); if (!(sUserName && *sUserName && sPasswd && *sPasswd)) { DBG_ERROR(NULL, "Either user name or password missing"); - AQCGI_SendResponseWithStatus(rq, 400, "Bad Request"); + AQCGI_Request_SetResponseCode(rq, 400); + AQCGI_Request_SetResponseText(rq, "Bad Request"); return NULL; } @@ -270,14 +270,16 @@ AQH_USER *_getAndCheckUser(AQH_MODULE *m, AQCGI_REQUEST *rq) user=AQH_Service_LoadUser(sv, sUserName); if (user==NULL) { DBG_ERROR(NULL, "User \"%s\" not found", sUserName); - AQCGI_SendResponseWithStatus(rq, 403, "Forbidden"); + AQCGI_Request_SetResponseCode(rq, 403); + AQCGI_Request_SetResponseText(rq, "Forbidden"); return NULL; } DBG_ERROR(NULL, "Loaded user \"%s\"", sUserName); if (AQH_User_GetState(user)!=AQH_UserState_Active) { DBG_ERROR(NULL, "User \"%s\" not active", sUserName); - AQCGI_SendResponseWithStatus(rq, 403, "Forbidden"); + AQCGI_Request_SetResponseCode(rq, 403); + AQCGI_Request_SetResponseText(rq, "Forbidden"); AQH_User_free(user); return NULL; } @@ -285,7 +287,8 @@ AQH_USER *_getAndCheckUser(AQH_MODULE *m, AQCGI_REQUEST *rq) hashedPaswd=AQH_User_GetHashedPassword(user); if (!(hashedPaswd && *hashedPaswd)) { DBG_ERROR(NULL, "User \"%s\" has no hashed password", sUserName); - AQCGI_SendResponseWithStatus(rq, 403, "Forbidden"); + AQCGI_Request_SetResponseCode(rq, 403); + AQCGI_Request_SetResponseText(rq, "Forbidden"); AQH_User_free(user); return NULL; } @@ -295,7 +298,8 @@ AQH_USER *_getAndCheckUser(AQH_MODULE *m, AQCGI_REQUEST *rq) DBG_ERROR(NULL, "Hashed password: [%s]", GWEN_Buffer_GetStart(buf)); if (strcasecmp(GWEN_Buffer_GetStart(buf), hashedPaswd)!=0) { DBG_ERROR(NULL, "Bad password for user \"%s\"", sUserName); - AQCGI_SendResponseWithStatus(rq, 403, "Forbidden"); + AQCGI_Request_SetResponseCode(rq, 403); + AQCGI_Request_SetResponseText(rq, "Forbidden"); GWEN_Buffer_free(buf); AQH_User_free(user); return NULL; @@ -308,6 +312,8 @@ AQH_USER *_getAndCheckUser(AQH_MODULE *m, AQCGI_REQUEST *rq) else { DBG_ERROR(NULL, "No POST data"); AQCGI_SendResponseWithStatus(rq, 400, "Bad Request"); + AQCGI_Request_SetResponseCode(rq, 400); + AQCGI_Request_SetResponseText(rq, "Bad Request"); return NULL; } }