X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=server%2Ffastcgi.c;h=29e85d3b9fdc59988537d010546a94655ed97448;hb=f5d659a02be34c0b0b0a7660ad283c90c4a3c182;hp=00d826432d7a25639e39e5153ffa1679d1d9dd88;hpb=2e3ab88d1282fc893c9bd615911aaedc9e552178;p=matches%2FMCTX3420.git

diff --git a/server/fastcgi.c b/server/fastcgi.c
index 00d8264..29e85d3 100644
--- a/server/fastcgi.c
+++ b/server/fastcgi.c
@@ -12,16 +12,16 @@
 
 #include "common.h"
 #include "sensor.h"
-#include "log.h"
+#include "control.h"
 #include "options.h"
 
-#define LOGIN_TIMEOUT 180
+#define CONTROL_TIMEOUT 180
 
 struct FCGIContext {
-	/**The time of last valid logged-in user access*/
-	time_t login_timestamp;
-	char login_key[41];
-	char login_ip[16];
+	/**The time of last valid user access possessing the control key*/
+	time_t control_timestamp;
+	char control_key[41];
+	char control_ip[16];
 	/**The name of the current module**/
 	const char *current_module;
 	/**For debugging purposes?**/
@@ -29,32 +29,30 @@ struct FCGIContext {
 };
 
 /**
- * Handles user logins.
- * @param context The context to work in
- * @param params User specified parameters
- */
-static void LoginHandler(FCGIContext *context, char *params) {
-	const char *key, *value;
-	bool force = 0, end = 0;
-
-	while ((params = FCGI_KeyPair(params, &key, &value))) {
-		if (!strcmp(key, "force"))
-			force = !force;
-		else if (!strcmp(key, "end"))
-			end = !end;
-	}
-
-	if (end) {
-		*(context->login_key) = 0;
-		FCGI_BeginJSON(context, STATUS_OK);
-		FCGI_EndJSON();
-		return;
-	}
+ * Identifies current version info. Useful for testing that the API is running.
+ * TODO - Consider adding info about available sensors and actuators (eg capabilities)?
+ */ 
+static void IdentifyHandler(FCGIContext *context, char *params) {
+	FCGI_BeginJSON(context, STATUS_OK);
+	FCGI_JSONPair("description", "MCTX3420 Server API (2013)");
+	FCGI_JSONPair("build_date", __DATE__ " " __TIME__);
+	FCGI_EndJSON();
+}
 
+/**
+ * Gives the user a key that determines who has control over
+ * the system at any one time. The key can be forcibly generated, revoking
+ * any previous control keys. To be used in conjunction with HTTP 
+ * basic authentication.
+ * This function will generate a JSON response that indicates success/failure.
+ * @param context The context to work in
+ * @param force Whether to force key generation or not.
+ */ 
+void FCGI_BeginControl(FCGIContext *context, bool force) {
 	time_t now = time(NULL);
-	if (force || !*(context->login_key) || 
-	   (now - context->login_timestamp > LOGIN_TIMEOUT)) 
-	{
+	bool expired = now - context->control_timestamp > CONTROL_TIMEOUT;
+	
+	if (force || !*(context->control_key) || expired) {
 		SHA_CTX sha1ctx;
 		unsigned char sha1[20];
 		int i = rand();
@@ -64,62 +62,55 @@ static void LoginHandler(FCGIContext *context, char *params) {
 		SHA1_Update(&sha1ctx, &i, sizeof(i));
 		SHA1_Final(sha1, &sha1ctx);
 
-		context->login_timestamp = now;
+		context->control_timestamp = now;
 		for (i = 0; i < 20; i++)
-			sprintf(context->login_key + i * 2, "%02x", sha1[i]);
-		snprintf(context->login_ip, 16, "%s", getenv("REMOTE_ADDR"));
+			sprintf(context->control_key + i * 2, "%02x", sha1[i]);
+		snprintf(context->control_ip, 16, "%s", getenv("REMOTE_ADDR"));
 		FCGI_BeginJSON(context, STATUS_OK);
-		FCGI_JSONPair("key", context->login_key);
-		FCGI_EndJSON();
+		FCGI_JSONPair("key", context->control_key);
+		FCGI_EndJSON();		
 	} else {
 		char buf[128];
 		strftime(buf, 128, "%H:%M:%S %d-%m-%Y",
-			localtime(&(context->login_timestamp))); 
+			localtime(&(context->control_timestamp))); 
 		FCGI_BeginJSON(context, STATUS_UNAUTHORIZED);
-		FCGI_JSONPair("description", "Already logged in");
-		FCGI_JSONPair("user", context->login_ip); 
-		FCGI_JSONPair("time", buf);
-		FCGI_EndJSON();
-	}
-}
-
-/*TODO: Remove and replace with the actual actuator code*/
-static void ActuatorHandler(FCGIContext *context, char *params) {
-	const char *key, *value, *loginkey = NULL;
-	while ((params = FCGI_KeyPair(params, &key, &value))) {
-		if (!strcmp(key, "key")) {
-			loginkey = value;
-		}
-	}
-	if (!loginkey || !FCGI_Authorized(context, loginkey)) {
-		FCGI_BeginJSON(context, STATUS_UNAUTHORIZED);
-		FCGI_JSONPair("description", "Invalid key specified.");
-		FCGI_EndJSON();
-	} else {
-		FCGI_BeginJSON(context, STATUS_OK);
-		FCGI_JSONPair("description", "Logged in!");
+		FCGI_JSONPair("description", "Another user already has control");
+		FCGI_JSONPair("current_user", context->control_ip); 
+		FCGI_JSONPair("when", buf);
 		FCGI_EndJSON();
 	}
 }
 
 /**
  * Given an FCGIContext, determines if the current user (as specified by
- * the key) is authorized or not. If validated, the context login_timestamp is
+ * the key) has control or not. If validated, the context control_timestamp is
  * updated.
  * @param context The context to work in
- * @param key The login key to be validated.
+ * @param key The control key to be validated.
  * @return TRUE if authorized, FALSE if not.
  */
-bool FCGI_Authorized(FCGIContext *context, const char *key) {
+bool FCGI_HasControl(FCGIContext *context, const char *key) {
 	time_t now = time(NULL);
-	int result = (now - context->login_timestamp) <= LOGIN_TIMEOUT &&
-				 !strcmp(context->login_key, key);
+	int result = (now - context->control_timestamp) <= CONTROL_TIMEOUT &&
+				 key != NULL && !strcmp(context->control_key, key);
 	if (result) {
-		context->login_timestamp = now; //Update the login_timestamp
+		context->control_timestamp = now; //Update the control_timestamp
 	}
 	return result;
 }
 
+
+/**
+ * Revokes the current control key, if present.
+ * @param context The context to work in
+ */
+void FCGI_EndControl(FCGIContext *context) {
+	*(context->control_key) = 0;
+	FCGI_BeginJSON(context, STATUS_OK);
+	FCGI_EndJSON();
+	return;
+}
+
 /**
  * Extracts a key/value pair from a request string.
  * Note that the input is modified by this function.
@@ -213,6 +204,16 @@ void FCGI_JSONDouble(const char *key, double value)
 	printf(",\r\n\t\"%s\" : %f", key, value);
 }
 
+/**
+ * Similar to FCGI_JsonPair except for boolean values.
+ * @param key The key of the JSON entry
+ * @param value The value associated with the key
+ */
+void FCGI_JSONBool(const char *key, bool value)
+{
+	printf(",\r\n\t\"%s\" : %s", key, value ? "true" : "false");
+}
+
 /**
  * Begins a JSON entry by writing the key. To be used in conjunction
  * with FCGI_JsonValue.
@@ -245,26 +246,36 @@ void FCGI_EndJSON()
 }
 
 /**
- * To be used when the input parameters are invalid.
- * Sends a response with HTTP status 400 Bad request, along with
- * JSON data for debugging.
+ * To be used when the input parameters are invalid. The return data will
+ * have a status of STATUS_ERROR, along with other debugging information.
  * @param context The context to work in
- * @param params The parameters that the module handler received.
  */
 void FCGI_RejectJSON(FCGIContext *context)
 {
-	printf("Status: 400 Bad Request\r\n");
-	
-	FCGI_BeginJSON(context, STATUS_ERROR);
-	FCGI_JSONPair("description", "Invalid request");
+	FCGI_RejectJSONEx(context, STATUS_ERROR, "Invalid request");
+}
+
+/**
+ * To be used when the input parameters are rejected. The return data
+ * will also have debugging information provided.
+ * @param context The context to work in
+ * @param status The status the return data should have.
+ * @param description A short description of why the input was rejected.
+ * @param params The parameters that the module handler received.
+ */
+void FCGI_RejectJSONEx(FCGIContext *context, StatusCodes status, const char *description)
+{
+	FCGI_BeginJSON(context, status);
+	FCGI_JSONPair("description", description);
 	FCGI_JSONLong("responsenumber", context->response_number);
-	FCGI_JSONPair("params", getenv("DOCUMENT_URI_LOCAL"));
+	FCGI_JSONPair("params", getenv("QUERY_STRING"));
 	FCGI_JSONPair("host", getenv("SERVER_HOSTNAME"));
 	FCGI_JSONPair("user", getenv("REMOTE_USER"));
 	FCGI_JSONPair("ip", getenv("REMOTE_ADDR"));
 	FCGI_EndJSON();
 }
 
+
 /**
  * Main FCGI request loop that receives/responds to client requests.
  * @param data Reserved.
@@ -302,20 +313,19 @@ void * FCGI_RequestLoop (void *data)
 		if (lastchar > 0 && module[lastchar] == '/')
 			module[lastchar] = 0;
 		
-
-		if (!strcmp("login", module)) {
-			module_handler = LoginHandler;
+		if (!*module || !strcmp("identify", module)) {
+			module_handler = IdentifyHandler;
+		} else if (!strcmp("control", module)) {
+			module_handler = Control_Handler;
 		} else if (!strcmp("sensors", module)) {
 			module_handler = Sensor_Handler;
-		} else if (!strcmp("actuators", module)) {
-			module_handler = ActuatorHandler;
 		}
 
 		context.current_module = module;
 		if (module_handler) {
 			module_handler(&context, params);
 		} else {
-			strncat(module, " [unknown]", BUFSIZ);
+			strncat(module, " (unhandled)", BUFSIZ);
 			FCGI_RejectJSON(&context);
 		}
 		context.response_number++;