expand/CCash
1
0
Fork 0
mirror of https://github.com/Expand-sys/CCash synced 2026-03-22 20:47:10 +11:00
Code Issues Projects Releases Packages Wiki Activity Actions

🎨🔥 merged admin filter with user filter as template arg

Browse source
This commit is contained in:
EntireTwix 2021-07-05 17:11:24 -07:00
parent 6bc6c78ed7
commit da2074859e
7 changed files with 53 additions and 97 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CMakeLists.txt
View file

@ -18,7 +18,6 @@ add_subdirectory(third_party/xxHash/cmake_unofficial third_party/xxHash/build EX
target_sources(${PROJECT_NAME} PRIVATE target_sources(${PROJECT_NAME} PRIVATE
src/json_filter.cpp src/json_filter.cpp
src/admin_filter.cpp
src/bank_api.cpp src/bank_api.cpp
src/bank.cpp src/bank.cpp
src/change_flag.cpp src/change_flag.cpp

19
include/admin_filter.h
View file

@ -1,19 +0,0 @@
#pragma once
#include <drogon/HttpFilter.h>
#include <libbase64.h>
#include "bank.h"
using namespace drogon;
class AdminFilter : public HttpFilter<AdminFilter, false>
{
private:
Bank &bank;
public:
AdminFilter(Bank &);
virtual void doFilter(const HttpRequestPtr &,
FilterCallback &&,
FilterChainCallback &&) override;
};

29
include/bank_api.h
View file

@ -1,7 +1,6 @@
#pragma once #pragma once
#include <drogon/HttpController.h> #include <drogon/HttpController.h>
#include "json_filter.h" #include "json_filter.h"
#include "admin_filter.h"
#include "user_filter.h" #include "user_filter.h"
using namespace drogon; using namespace drogon;
@ -47,31 +46,31 @@ public:
//Usage //Usage
METHOD_ADD(api::GetBal, "/v1/user/balance?name={name}", Get, Options, "JsonFilter<false>"); METHOD_ADD(api::GetBal, "/v1/user/balance?name={name}", Get, Options, "JsonFilter<false>");
#if MAX_LOG_SIZE > 0 #if MAX_LOG_SIZE > 0
METHOD_ADD(api::GetLog, "/v1/user/log", Get, Options, "UserFilter<true>", "JsonFilter<false>"); METHOD_ADD(api::GetLog, "/v1/user/log", Get, Options, "UserFilter<true, false>", "JsonFilter<false>");
#else #else
METHOD_ADD(api::GetLog, "/v1/user/log", Get, Options, "JsonFilter<false>"); METHOD_ADD(api::GetLog, "/v1/user/log", Get, Options, "JsonFilter<false>");
#endif #endif
METHOD_ADD(api::SendFunds, "/v1/user/transfer", Post, Options, "JsonFilter<true>", "UserFilter<true>"); //expects ["to"](string) and ["amount"](32 bits) METHOD_ADD(api::SendFunds, "/v1/user/transfer", Post, Options, "JsonFilter<true>", "UserFilter<true, false>"); //expects ["to"](string) and ["amount"](32 bits)
METHOD_ADD(api::VerifyPassword, "/v1/user/verify_password", Post, Options, "UserFilter<false>", "JsonFilter<false>"); METHOD_ADD(api::VerifyPassword, "/v1/user/verify_password", Post, Options, "UserFilter<false, false>", "JsonFilter<false>");
//Meta Usage //Meta Usage
METHOD_ADD(api::ChangePassword, "/v1/user/change_password", Patch, Options, "JsonFilter<true>", "UserFilter<true>"); //expects ["new_pass"](string) METHOD_ADD(api::ChangePassword, "/v1/user/change_password", Patch, Options, "JsonFilter<true>", "UserFilter<true, false>"); //expects ["new_pass"](string)
METHOD_ADD(api::AdminChangePassword, "/v1/user/change_password", Patch, Options, "JsonFilter<true>", "AdminFilter"); //expects ["name"](string) and ["new_pass"](string) METHOD_ADD(api::AdminChangePassword, "/v1/user/change_password", Patch, Options, "JsonFilter<true>", "UserFilter<false, true>"); //expects ["name"](string) and ["new_pass"](string)
METHOD_ADD(api::SetBal, "/v1/admin/set_balance", Patch, Options, "JsonFilter<true>", "AdminFilter"); //expects ["name"](string) and ["amount"](32 bits) METHOD_ADD(api::SetBal, "/v1/admin/set_balance", Patch, Options, "JsonFilter<true>", "UserFilter<false, true>"); //expects ["name"](string) and ["amount"](32 bits)
METHOD_ADD(api::AddBal, "/v1/admin/add_balance", Post, Options, "JsonFilter<true>", "AdminFilter"); //expects ["name"](string) and ["amount"](32 bits) METHOD_ADD(api::AddBal, "/v1/admin/add_balance", Post, Options, "JsonFilter<true>", "UserFilter<false, true>"); //expects ["name"](string) and ["amount"](32 bits)
METHOD_ADD(api::SubBal, "/v1/admin/sub_balance", Post, Options, "JsonFilter<true>", "AdminFilter"); //expects ["name"](string) and ["amount"](32 bits) METHOD_ADD(api::SubBal, "/v1/admin/sub_balance", Post, Options, "JsonFilter<true>", "UserFilter<false, true>"); //expects ["name"](string) and ["amount"](32 bits)
//System Usage //System Usage
METHOD_ADD(api::Help, "/v1/help", Get, Options); METHOD_ADD(api::Help, "/v1/help", Get, Options);
METHOD_ADD(api::Close, "/v1/admin/shutdown", Post, Options, "AdminFilter", "JsonFilter<false>"); METHOD_ADD(api::Close, "/v1/admin/shutdown", Post, Options, "UserFilter<false, true>", "JsonFilter<false>");
METHOD_ADD(api::Contains, "/v1/user/exists?name={name}", Get, Options, "JsonFilter<false>"); METHOD_ADD(api::Contains, "/v1/user/exists?name={name}", Get, Options, "JsonFilter<false>");
METHOD_ADD(api::AdminVerifyAccount, "/v1/admin/verify_account", Post, Options, "AdminFilter", "JsonFilter<false>"); METHOD_ADD(api::AdminVerifyAccount, "/v1/admin/verify_account", Post, Options, "UserFilter<false, true>", "JsonFilter<false>");
//User Managment //User Managment
METHOD_ADD(api::AddUser, "/v1/user/register", Post, Options); //expects ["name"](string) ["pass"](string) METHOD_ADD(api::AddUser, "/v1/user/register", Post, Options); //expects ["name"](string) ["pass"](string)
METHOD_ADD(api::AdminAddUser, "/v1/admin/user/register", Post, Options, "JsonFilter<true>", "AdminFilter"); //expects ["name"](string) ["balance"](32 bits) ["pass"](string) METHOD_ADD(api::AdminAddUser, "/v1/admin/user/register", Post, Options, "JsonFilter<true>", "UserFilter<false, true>"); //expects ["name"](string) ["balance"](32 bits) ["pass"](string)
METHOD_ADD(api::DelUser, "/v1/user/delete", Delete, Options, "UserFilter<true>", "JsonFilter<false>"); METHOD_ADD(api::DelUser, "/v1/user/delete", Delete, Options, "UserFilter<true, false>", "JsonFilter<false>");
METHOD_ADD(api::AdminDelUser, "/v1/admin/user/delete", Delete, Options, "JsonFilter<true>", "AdminFilter"); //expects ["name"](string) METHOD_ADD(api::AdminDelUser, "/v1/admin/user/delete", Delete, Options, "JsonFilter<true>", "UserFilter<false, true>"); //expects ["name"](string)
#endif #endif
METHOD_ADD(api::ApiProperties, "/properties", Get, Options); METHOD_ADD(api::ApiProperties, "/properties", Get, Options);

11
include/user_filter.h
View file

@ -5,19 +5,16 @@
using namespace drogon; using namespace drogon;
template <bool set_body_flag> template <bool set_body_flag, bool require_admin>
class UserFilter : public HttpFilter<UserFilter<set_body_flag>, false> class UserFilter : public HttpFilter<UserFilter<set_body_flag, require_admin>, false>
{ {
private: private:
Bank &bank; Bank &bank;
public: public:
UserFilter(Bank &); UserFilter(Bank &b);
virtual void doFilter(const HttpRequestPtr &, virtual void doFilter(const HttpRequestPtr &,
FilterCallback &&, FilterCallback &&,
FilterChainCallback &&) override; FilterChainCallback &&) override;
}; };
using UserFilterDefault = UserFilter<true>;
using UserFilterSparse = UserFilter<false>;

6
main.cpp
View file

@ -101,9 +101,9 @@ int main(int argc, char **argv)
} }
auto API = std::make_shared<api>(bank); auto API = std::make_shared<api>(bank);
auto user_filter_default = std::make_shared<UserFilterDefault>(bank); auto user_filter_default = std::make_shared<UserFilter<true, false>>(bank);
auto user_filter_sparse = std::make_shared<UserFilterSparse>(bank); auto user_filter_sparse = std::make_shared<UserFilter<false, false>>(bank);
auto admin_filter = std::make_shared<AdminFilter>(bank); auto admin_filter = std::make_shared<UserFilter<false, true>>(bank);
auto json_resp_and_req_filter = std::make_shared<JsonFilter<true>>(); auto json_resp_and_req_filter = std::make_shared<JsonFilter<true>>();
auto json_resp_filter = std::make_shared<JsonFilter<false>>(); auto json_resp_filter = std::make_shared<JsonFilter<false>>();

40
src/admin_filter.cpp
View file

@ -1,40 +0,0 @@
#include "admin_filter.h"
AdminFilter::AdminFilter(Bank &b) : bank(b) {}
void AdminFilter::doFilter(const HttpRequestPtr &req,
FilterCallback &&fcb,
FilterChainCallback &&fccb)
{
std::string_view auth_header = req->getHeader("Authorization");
if (auth_header.size() > 6)
{
if (auth_header.substr(0, 6) == "Basic ")
{
std::string_view base64_input = auth_header.substr(6);
char base64_result[(base64_input.size() * 3) / 4];
size_t new_sz;
base64_decode(base64_input.data(), base64_input.size(), base64_result, &new_sz, 0);
std::string_view results_view(base64_result, new_sz);
std::size_t middle = results_view.find(':');
if (middle != std::string::npos)
{
base64_result[middle] = '\0';
const std::string &username(results_view.substr(0, middle).data());
if (bank.AdminVerifyAccount(username))
{
base64_result[new_sz] = '\0';
if (bank.VerifyPassword(std::move(username), results_view.substr(middle + 1)))
{
fccb();
return;
}
}
}
}
}
const auto &resp = HttpResponse::newHttpJsonResponse("Invalid Credentials");
resp->setStatusCode(k401Unauthorized);
fcb(resp);
}

44
src/user_filter.cpp
View file

@ -1,14 +1,18 @@
#include "user_filter.h" #include "user_filter.h"
template <bool set_body_flag, bool require_admin>
UserFilter<set_body_flag, require_admin>::UserFilter(Bank &b) : bank(b) {}
template <> template <>
UserFilter<true>::UserFilter(Bank &b) : bank(b) {} UserFilter<true, false>::UserFilter(Bank &b) : bank(b) {}
template <> template <>
UserFilter<false>::UserFilter(Bank &b) : bank(b) {} UserFilter<false, false>::UserFilter(Bank &b) : bank(b) {}
template <>
UserFilter<false, true>::UserFilter(Bank &b) : bank(b) {}
template <bool set_body_flag> template <bool set_body_flag, bool require_admin>
void UserFilter<set_body_flag>::doFilter(const HttpRequestPtr &req, void UserFilter<set_body_flag, require_admin>::doFilter(const HttpRequestPtr &req,
FilterCallback &&fcb, FilterCallback &&fcb,
FilterChainCallback &&fccb) FilterChainCallback &&fccb)
{ {
std::string_view auth_header = req->getHeader("Authorization"); std::string_view auth_header = req->getHeader("Authorization");
if (auth_header.size() > 6) if (auth_header.size() > 6)
@ -25,16 +29,32 @@ void UserFilter<set_body_flag>::doFilter(const HttpRequestPtr &req,
if (middle != std::string::npos) if (middle != std::string::npos)
{ {
base64_result[middle] = '\0'; base64_result[middle] = '\0';
base64_result[new_sz] = '\0';
const std::string &username(results_view.substr(0, middle).data()); const std::string &username(results_view.substr(0, middle).data());
if (bank.VerifyPassword(username, results_view.substr(middle + 1))) if constexpr (require_admin)
{ {
if constexpr (set_body_flag) base64_result[new_sz] = '\0';
if (bank.VerifyPassword(username, results_view.substr(middle + 1)))
{ {
req->setBody(username); //feels sub optimal if constexpr (set_body_flag)
{
req->setBody(username); //feels sub optimal
}
fccb();
return;
}
}
else
{
if (bank.AdminVerifyAccount(username))
{
base64_result[new_sz] = '\0';
if (bank.VerifyPassword(std::move(username), results_view.substr(middle + 1)))
{
fccb();
return;
}
} }
fccb();
return;
} }
} }
} }