X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=testing%2Ffastcgi-approach%2Ffastcgi.c;h=363857aeb0e26fcbf050f2c67e14716e9e17ebd1;hb=a42af4ebe7c8ec36bd68a31cba1e6af7c514d203;hp=c2444c8b82f4bfe299802dee38861ccb2c0bd352;hpb=81f1b8b245bc3820974ae5e270efe05fca0f89db;p=matches%2FMCTX3420.git

diff --git a/testing/fastcgi-approach/fastcgi.c b/testing/fastcgi-approach/fastcgi.c
index c2444c8..363857a 100644
--- a/testing/fastcgi-approach/fastcgi.c
+++ b/testing/fastcgi-approach/fastcgi.c
@@ -1,24 +1,103 @@
 /**
  * @file fastcgi.c
  * @purpose Runs the FCGI request loop to handle web interface requests.
- * 
- * <stdio.h> should not be included, because these functions are handled by
- * fcgi_stdio.h. If included, it must be included after fcgi_stdio.h.
+ *
+ * fcgi_stdio.h must be included before all else so the stdio function
+ * redirection works ok.
  */
- 
+
 #include <fcgi_stdio.h>
-#include <string.h>
-#include <stdlib.h>
+#include <openssl/sha.h>
+#include "fastcgi.h"
+#include "common.h"
+#include <time.h>
+
+#define LOGIN_TIMEOUT 180
+
+
+struct FCGIContext {
+	/**The time of last valid logged-in user access*/
+	time_t login_timestamp;
+	char login_key[41];
+	char login_ip[16];
+	/**The name of the current module**/
+	const char *current_module;
+	/**For debugging purposes?**/
+	int response_number;
+};
 
-/*
-	But the suggestion was: FunctionName, variable_name (local or member),
-    Structure, ENUMVALUE, Extern_FunctionName, g_global
-*/
+/**
+ * Handles user logins.
+ * @param context The context to work in
+ * @param params User specified parameters
+ */
+static void LoginHandler(FCGIContext *context, char *params) {
+	const char *key, *value;
+	bool force = 0, end = 0;
 
-enum {STATUS_OK = 200, STATUS_BADREQUEST = 400,
-	  STATUS_UNAUTHORIZED = 401};
+	while ((params = FCGI_KeyPair(params, &key, &value))) {
+		if (!strcmp(key, "force"))
+			force = !force;
+		else if (!strcmp(key, "end"))
+			end = !end;
+	}
+
+	if (end) {
+		*(context->login_key) = 0;
+		FCGI_BeginJSON(context, STATUS_OK);
+		FCGI_EndJSON();
+		return;
+	}
+
+	time_t now = time(NULL);
+	if (force || !*(context->login_key) || 
+	   (now - context->login_timestamp > LOGIN_TIMEOUT)) 
+	{
+		SHA_CTX sha1ctx;
+		unsigned char sha1[20];
+		int i = rand();
+
+		SHA1_Init(&sha1ctx);
+		SHA1_Update(&sha1ctx, &now, sizeof(now));
+		SHA1_Update(&sha1ctx, &i, sizeof(i));
+		SHA1_Final(sha1, &sha1ctx);
+
+		context->login_timestamp = now;
+		for (i = 0; i < 20; i++)
+			sprintf(context->login_key + i * 2, "%02x", sha1[i]);
+		snprintf(context->login_ip, 16, "%s", getenv("REMOTE_ADDR"));
+		FCGI_BeginJSON(context, STATUS_OK);
+		FCGI_JSONPair("key", context->login_key);
+		FCGI_EndJSON();
+	} else {
+		char buf[128];
+		strftime(buf, 128, "%H:%M:%S %d-%m-%Y",
+			localtime(&(context->login_timestamp))); 
+		FCGI_BeginJSON(context, STATUS_UNAUTHORIZED);
+		FCGI_JSONPair("description", "Already logged in");
+		FCGI_JSONPair("user", context->login_ip); 
+		FCGI_JSONPair("time", buf);
+		FCGI_EndJSON();
+	}
+}
 
-typedef void (*ModuleHandler) (void *data, char *params);
+/**
+ * Given an FCGIContext, determines if the current user (as specified by
+ * the key) is authorized or not. If validated, the context login_timestamp is
+ * updated.
+ * @param context The context to work in
+ * @param key The login key to be validated.
+ * @return TRUE if authorized, FALSE if not.
+ */
+int FCGI_Authorized(FCGIContext *context, const char *key) {
+	time_t now = time(NULL);
+	int result = (now - context->login_timestamp) <= LOGIN_TIMEOUT && 
+		   !strcmp(context->login_key, key);
+	if (result) {
+		context->login_timestamp = now; //Update the login_timestamp
+	}
+	return result;
+}
 
 /**
  * Extracts a key/value pair from a request string.
@@ -59,52 +138,114 @@ char *FCGI_KeyPair(char *in, const char **key, const char **value)
 	return ptr;
 }
 
-void FCGI_BeginJSON(int status_code, const char *module)
+/**
+ * Begins a response to the client in JSON format.
+ * @param context The context to work in.
+ * @param status_code The status code to be returned.
+ */
+void FCGI_BeginJSON(FCGIContext *context, StatusCodes status_code)
 {
-	switch (status_code) {
-		case STATUS_OK:
-			break;
-		case STATUS_UNAUTHORIZED:
-			printf("Status: 401 Unauthorized\r\n");
-			break;
-		default:
-			printf("Status: 400 Bad Request\r\n");
-	}
 	printf("Content-type: application/json; charset=utf-8\r\n\r\n");
 	printf("{\r\n");
-	printf("\t\"module\" : \"%s\"", module);
+	printf("\t\"module\" : \"%s\"", context->current_module);
+	FCGI_JSONLong("status", status_code);
 }
 
-void FCGI_BuildJSON(const char *key, const char *value)
+/**
+ * Adds a key/value pair to a JSON response. The response must have already
+ * been initiated by FCGI_BeginJSON. Note that characters are not escaped.
+ * @param key The key of the JSON entry
+ * &param value The value associated with the key.
+ */
+void FCGI_JSONPair(const char *key, const char *value)
 {
 	printf(",\r\n\t\"%s\" : \"%s\"", key, value);
 }
 
+/**
+ * Similar to FCGI_JSONPair except for signed integer values.
+ * @param key The key of the JSON entry
+ * @param value The value associated with the key
+ */
+void FCGI_JSONLong(const char *key, long value)
+{
+	printf(",\r\n\t\"%s\" : %ld", key, value);
+}
+
+/**
+ * Similar to FCGI_JsonPair except for floating point values.
+ * @param key The key of the JSON entry
+ * @param value The value associated with the key
+ */
+void FCGI_JSONDouble(const char *key, double value)
+{
+	printf(",\r\n\t\"%s\" : %f", key, value);
+}
+
+/**
+ * Begins a JSON entry by writing the key. To be used in conjunction
+ * with FCGI_JsonValue.
+ * @param key The key of the JSON entry
+ */
+void FCGI_JSONKey(const char *key)
+{
+	printf(",\r\n\t\"%s\" : ", key);
+}
+
+/**
+ * Should be used to write out the value of a JSON key. This has
+ * the same format as the printf functions. Care should be taken to format
+ * the output in valid JSON. 
+ */
+void FCGI_JSONValue(const char *format, ...)
+{
+	va_list list;
+	va_start(list, format);
+	vprintf(format, list);
+	va_end(list);
+}
+
+/**
+ * Ends a JSON response that was initiated by FCGI_BeginJSON.
+ */
 void FCGI_EndJSON() 
 {
 	printf("\r\n}\r\n");
 }
 
-static void SensorsHandler(void *data, char *params) 
+/**
+ * To be used when the input parameters are invalid.
+ * Sends a response with HTTP status 400 Bad request, along with
+ * JSON data for debugging.
+ * @param context The context to work in
+ * @param params The parameters that the module handler received.
+ */
+void FCGI_RejectJSON(FCGIContext *context, const char *params)
 {
-	const char *key, *value;
+	printf("Status: 400 Bad Request\r\n");
 	
-	//Begin a request only when you know the final result
-	//E.g whether OK or not.
-	FCGI_BeginJSON(STATUS_OK, "sensors");
-   	while ((params = FCGI_KeyPair(params, &key, &value))) {
-   		FCGI_BuildJSON(key, value);
-   	}
-   	FCGI_EndJSON();
+	FCGI_BeginJSON(context, STATUS_ERROR);
+	FCGI_JSONPair("description", "Invalid request");
+	FCGI_JSONLong("responsenumber", context->response_number);
+	FCGI_JSONPair("params", params);
+	FCGI_JSONPair("host", getenv("SERVER_HOSTNAME"));
+	FCGI_JSONPair("user", getenv("REMOTE_USER"));
+	FCGI_JSONPair("ip", getenv("REMOTE_ADDR"));
+	FCGI_EndJSON();
 }
 
+/**
+ * Main FCGI request loop that receives/responds to client requests.
+ * @param data Reserved.
+ */ 
 void FCGI_RequestLoop (void *data)
 {
-	int count = 0;
-	while (FCGI_Accept() >= 0)   {
+	FCGIContext context = {0};
+	
+	while (FCGI_Accept() >= 0) {
 		ModuleHandler module_handler = NULL;
 		char module[BUFSIZ], params[BUFSIZ];
-
+		
 		//strncpy doesn't zero-truncate properly
 		snprintf(module, BUFSIZ, "%s", getenv("DOCUMENT_URI_LOCAL"));
 		snprintf(params, BUFSIZ, "%s", getenv("QUERY_STRING"));
@@ -116,29 +257,21 @@ void FCGI_RequestLoop (void *data)
 		
 
 		if (!strcmp("sensors", module)) {
-			module_handler = SensorsHandler;
-		} else if (!strcmp("admin", module)) {
-			//module_handler = AdminHandlerReplace with pointer to admin handler
+			module_handler = Handler_Sensors;
+		} else if (!strcmp("login", module)) {
+			module_handler = LoginHandler;
+		} else if (!strcmp("actuators", module)) {
+			
 		}
 
+		context.current_module = module;
 		if (module_handler) {
-			module_handler(data, params);
+			module_handler(&context, params);
 		} else {
-			char buf[BUFSIZ];
-			
-			FCGI_BeginJSON(400, module);
-			FCGI_BuildJSON("description", "400 Invalid response");
-			snprintf(buf, BUFSIZ, "%d", count);
-			FCGI_BuildJSON("request-number", buf);
-			FCGI_BuildJSON("params", params);
-			FCGI_BuildJSON("host", getenv("SERVER_HOSTNAME"));
-			FCGI_EndJSON();
+			strncat(module, " [unknown]", BUFSIZ);
+			FCGI_RejectJSON(&context, params);
 		}
-
-		count++;
+		
+		context.response_number++;
 	}
 }
-
-int main(int argc, char *argv[]) {
-	FCGI_RequestLoop(NULL);
-}