martin/aqhomecontrol
Public Access
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

aqhome-cgi: use AQH_ModService_DenyRequest

Browse Source 
this function redirects to the login page and then to the requested page.
This commit is contained in:
Martin Preuss
2026-05-29 17:22:12 +02:00
parent 03db148a3b
commit b8d2fc76eb
3 changed files with 68 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
apps/aqhome-cgi/modules/common/madmin.c
View File

@@ -166,10 +166,8 @@ int _handleRequest(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const
if (strcasecmp(sLastPathElem, "index.html")==0) {
if (AQH_ModService_GetUserPerms(m) & (AQH_MODADM_PERMS_ADMINUSERS | AQH_MODADM_PERMS_ADMINMODULES))
rv=_handleRqIndex(m, rq, dbuf);
else {
AQCGI_Request_SetResponseCode(rq, 403);
AQCGI_Request_SetResponseText(rq, "Forbidden");
}
else
AQH_ModService_DenyRequest(m, rq, session, dbuf);
}
else {
AQCGI_Request_SetResponseCode(rq, 404);

82
apps/aqhome-cgi/modules/mroot.c
View File

@@ -19,6 +19,7 @@
#include <gwenhywfar/debug.h>
#include <gwenhywfar/timestamp.h>
#include <gwenhywfar/text.h>
@@ -27,6 +28,10 @@
* ------------------------------------------------------------------------------------------------
*/
#define AQH_SERVICE_SESSION_MAXAGE 86400
/* ------------------------------------------------------------------------------------------------
* global vars
* ------------------------------------------------------------------------------------------------
@@ -41,8 +46,9 @@ static AQH_MODULE *_loadSubModule(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION
static int _handleRequest(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sLastPathElem);
static int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf);
static int _handleRqLogin(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf);
static int _handleRqLoginPost(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf);
static AQH_USER *_getAndCheckUser(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf);
static int _handleRqLoginGet(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf);
static int _handleRqLoginPost(AQH_MODULE *m, AQCGI_REQUEST *rq);
static AQH_USER *_getAndCheckUser(AQH_MODULE *m, AQCGI_REQUEST *rq);
/* ------------------------------------------------------------------------------------------------
@@ -64,7 +70,7 @@ AQH_MODULE *AQH_ModRoot_new(AQH_SERVICE *sv, const char *baseFolder)
AQH_MODULE *_loadSubModule(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sModuleName)
AQH_MODULE *_loadSubModule(AQH_MODULE *m, GWEN_UNUSED AQCGI_REQUEST *rq, GWEN_UNUSED AQH_SESSION *session, const char *sModuleName)
{
AQH_SERVICE *sv;
@@ -110,7 +116,7 @@ AQH_MODULE *_loadSubModule(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *sessio
int _handleRequest(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sLastPathElem)
int _handleRequest(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_UNUSED AQH_SESSION *session, const char *sLastPathElem)
{
GWEN_BUFFER *dbuf;
@@ -160,9 +166,9 @@ int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf)
int _handleRqLogin(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf)
{
if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_GET)
AQH_ModService_RespondWithFile(m, rq, "en", "login.html", dbuf);
_handleRqLoginGet(m, rq, dbuf);
else if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_POST)
_handleRqLoginPost(m, rq, dbuf);
_handleRqLoginPost(m, rq);
else {
DBG_ERROR(NULL, "Invalid request method %d", AQCGI_Request_GetRequestMethod(rq));
AQCGI_Request_SetResponseCode(rq, 405);
@@ -174,28 +180,47 @@ int _handleRqLogin(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf)
int _handleRqLoginPost(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf)
int _handleRqLoginGet(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf)
{
GWEN_DB_NODE *dbQuery;
const char *sSrc;
GWEN_DB_NODE *dbVars;
int rv;
dbVars=GWEN_DB_Group_new("vars");
dbQuery=AQCGI_Request_GetDbQuery(rq);
sSrc=dbQuery?GWEN_DB_GetCharValue(dbQuery, "src", 0, NULL):NULL;
if (sSrc && *sSrc)
GWEN_DB_SetCharValue(dbVars, 0, "destination", sSrc);
rv=AQH_ModService_RespondWithVarFile(m, rq, "en", "login.html", dbVars, dbuf);
GWEN_DB_Group_free(dbVars);
return rv;
}
int _handleRqLoginPost(AQH_MODULE *m, AQCGI_REQUEST *rq)
{
AQH_SERVICE *sv;
AQH_USER *user;
AQH_SESSION *session;
GWEN_BUFFER *tbuf;
GWEN_TIMESTAMP *ts;
GWEN_DB_NODE *dbPost;
const char *s;
int rv;
DBG_ERROR(NULL, "Handling request");
sv=AQH_ModService_GetService(m);
user=_getAndCheckUser(m, rq, dbuf);
user=_getAndCheckUser(m, rq);
if (user==NULL) {
DBG_INFO(NULL, "here");
AQCGI_Request_SetResponseCode(rq, 500);
AQCGI_Request_SetResponseText(rq, "Internal Error");
return GWEN_ERROR_GENERIC;
}
ts=GWEN_Timestamp_NowInLocalTime();
AQH_User_SetTimestampLastLogin(user, ts);
DBG_ERROR(NULL, "Saving user");
rv=AQH_Service_SaveUser(sv, user);
if (rv<0) {
DBG_ERROR(NULL, "Error saving user \"%s\"", AQH_User_GetAlias(user));
@@ -206,7 +231,6 @@ int _handleRqLoginPost(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf)
}
/* generate session */
DBG_ERROR(NULL, "Generating session");
tbuf=GWEN_Buffer_new(0, 64, 0, 1);
AQCGI_GenerateSessionId(tbuf);
session=AQH_Session_new();
@@ -227,14 +251,38 @@ int _handleRqLoginPost(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf)
/* add Set-Cookie header */
tbuf=GWEN_Buffer_new(0, 256, 0, 1);
GWEN_Buffer_AppendArgs(tbuf, "Set-Cookie: session=%s; max-age=86400", AQH_Session_GetUid(session));
GWEN_Buffer_AppendArgs(tbuf, "Set-Cookie: session=%s; max-age=%d", AQH_Session_GetUid(session), AQH_SERVICE_SESSION_MAXAGE);
AQCGI_Request_AddResponseHeaderData(rq, GWEN_Buffer_GetStart(tbuf));
GWEN_Buffer_free(tbuf);
/* finish */
AQCGI_Request_AddResponseHeaderData(rq, "Location: index.html");
AQCGI_Request_SetResponseCode(rq, 303);
AQCGI_Request_SetResponseText(rq, "See other");
dbPost=AQCGI_Request_GetDbPostBody(rq);
s=dbPost?GWEN_DB_GetCharValue(dbPost, "dest", 0, NULL):NULL;
if (s && *s) {
GWEN_BUFFER *ubuf;
ubuf=GWEN_Buffer_new(0, 128, 0, 1);
if (GWEN_Text_UnescapeToBufferTolerant(s, ubuf)>=0) {
const char *p;
p=GWEN_Buffer_GetStart(ubuf);
if (*p=='/')
AQH_ModService_Redirect(rq, p);
else {
DBG_ERROR(NULL, "Destination does not start with \"/\", not using it [%s]", p);
AQCGI_Request_AddResponseHeaderData(rq, "Location: index.html");
AQCGI_Request_SetResponseCode(rq, 303);
AQCGI_Request_SetResponseText(rq, "See other");
}
}
GWEN_Buffer_free(ubuf);
}
else {
AQCGI_Request_AddResponseHeaderData(rq, "Location: index.html");
AQCGI_Request_SetResponseCode(rq, 303);
AQCGI_Request_SetResponseText(rq, "See other");
}
AQH_Session_free(session);
AQH_User_free(user);
@@ -243,7 +291,7 @@ int _handleRqLoginPost(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf)
AQH_USER *_getAndCheckUser(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf)
AQH_USER *_getAndCheckUser(AQH_MODULE *m, AQCGI_REQUEST *rq)
{
GWEN_DB_NODE *dbPost;

3
apps/aqhome-cgi/modules/static/en/login.html
View File

@@ -4,6 +4,7 @@
<h3>Enter your login credentials</h3>
<form action="login" method="post">
<input type="hidden" name="dest" value="$(destination)">
<label for="userid">Username:</label>
<input type="text" id="userid" name="userid" placeholder="Enter your Username" required>
<label for="password">Password:</label>
@@ -20,6 +21,4 @@
</a>
</p>
</div>
</body>
</html>