*/
static void IdentifyHandler(FCGIContext *context, char *params) {
bool ident_sensors = false, ident_actuators = false;
-
+ bool has_control = FCGI_HasControl(context, getenv("COOKIE_STRING"));
int i;
FCGIValue values[2] = {{"sensors", &ident_sensors, FCGI_BOOL_T},
FCGI_JSONPair("description", "MCTX3420 Server API (2013)");
FCGI_JSONPair("build_date", __DATE__ " " __TIME__);
FCGI_JSONLong("api_version", API_VERSION);
- FCGI_JSONBool("logged_in", FCGI_HasControl(context, getenv("COOKIE_STRING")));
- FCGI_JSONPair("friendly_name", "");
+ FCGI_JSONBool("logged_in", has_control);
+ FCGI_JSONPair("friendly_name", has_control ? context->friendly_name : "");
//Sensor and actuator information
if (ident_sensors) {
FCGI_BeginJSON(context, status);
FCGI_JSONPair("description", description);
FCGI_JSONLong("responsenumber", context->response_number);
- //FCGI_JSONPair("params", getenv("QUERY_STRING"));
+ //FCGI_JSONPair("params", getenv("QUERY_STRING")); //A bad idea if contains password but also if contains unescaped stuff
FCGI_JSONPair("host", getenv("SERVER_HOSTNAME"));
FCGI_JSONPair("user", getenv("REMOTE_USER"));
FCGI_JSONPair("ip", getenv("REMOTE_ADDR"));
if (lastchar > 0 && module[lastchar] == '/')
module[lastchar] = 0;
- //Escape all special characters
- FCGI_EscapeText(params);
-
//Default to the 'identify' module if none specified
if (!*module)
strcpy(module, "identify");
FCGI_RejectJSON(&context, "Please login.");
continue;
}
+
if (!FCGI_HasControl(&context, cookie))
{
FCGI_RejectJSON(&context, "Invalid control key.");
continue;
}
+
+ //Escape all special characters.
+ //Don't escape for login (password may have special chars?)
+ FCGI_EscapeText(params);
}
module_handler(&context, params);
/**Contextual information related to FCGI requests*/
typedef struct
{
- /**The time of last valid user access possessing the control key*/
+ /**The time of last valid user access possessing the control key**/
time_t control_timestamp;
+ /**A SHA-1 hash that is the control key, determining who is logged in**/
char control_key[41];
+ /**The IPv4 address of the logged-in user**/
char control_ip[16];
+ /**A friendly name for the logged-in user. Max length 30**/
+ char friendly_name[31];
/**The name of the current module**/
const char *current_module;
/**For debugging purposes?**/
if (len >= BUFSIZ)
{
FCGI_RejectJSON(context, "DN too long! Recompile with increased BUFSIZ");
+ return;
}
authenticated = (Login_LDAP_Bind(g_options.auth_uri, dn, pass) == LDAP_SUCCESS);
{
if (FCGI_LockControl(context, false))
{
+ //Todo: change this to something better than the username if using LDAP.
+ snprintf(context->friendly_name, 31, "%s", user);
+ FCGI_EscapeText(context->friendly_name); //Don't break javascript pls
+
// Give the user a cookie
FCGI_AcceptJSON(context, "Logged in", context->control_key);
}
<link rel="stylesheet" type="text/css" href="static/style.css">
<link rel="stylesheet" type="text/css" href="static/nav-menu.css">
<script type="text/javascript">
- runBeforeLoad();
- $(document).ready(function () {
- //$("#menu-container").populateNavbar();
- $("#login").submit(function () {
- $("#login").login();
- return false;
- });
-
- $("#logout").click(function () {
- $("#logout").logout();
- });
-
- $("#main_controls").submit(function () {
- //Validate!
- return false;
- });
-
- $("#errorlog").setErrorLog();
- });
+ runBeforeLoad().always(function () {
+ $(document).ready(function () {
+ //Show the content!
+ $("#content").css("display", "block");
+ //Set the welcome bar
+ var name = " " + (mctx.friendlyName ? mctx.friendlyName : "");
+ $("#welcome-container").text("Welcome"+ name + "!");
+ //$("#menu-container").populateNavbar();
+
+ $("#logout").click(function () {
+ $("#logout").logout();
+ });
+
+ $("#main_controls").submit(function () {
+ //Validate!
+ return false;
+ });
+
+ $("#errorlog").setErrorLog();
+ });
+ })
+
</script>
</head>
<div id="menu-container" class="nav-menu">
</div>
<span id="welcome-container">
- Welcome, Joe Bloggs!
</span>
<span id="date">
<script type="text/javascript">getDate();</script>
document.write((new Date()).toDateString());
}
+/**
+ * Should be run before the load of any GUI page.
+ * To hook events to be called after this function runs,
+ * use the 'always' method, e.g runBeforeLoad().always(function() {my stuff});
+ * @param {type} isLoginPage
+ * @returns The return value of calling $.ajax
+ */
function runBeforeLoad(isLoginPage) {
- $.ajax({
+ return $.ajax({
url : mctx.api + "identify"
}).done(function (data) {
- if (mctx.debug) {
- debugLog("Redirect disabled!");
- } else if (data.logged_in && isLoginPage) {
+ if (data.logged_in && isLoginPage) {
+ if (mctx.debug) {
+ debugLog("Redirect disabled!");
+ } else {
window.location = mctx.location;
+ }
} else if (!data.logged_in && !isLoginPage) {
- //Note: this only clears the nameless cookie
- document.cookie = "";
- window.location = mctx.location + "login.html";
+ if (mctx.debug) {
+ debugLog("Redirect disabled!");
+ } else {
+ //Note: this only clears the nameless cookie
+ document.cookie = "";
+ window.location = mctx.location + "login.html";
+ }
} else {
mctx.friendlyName = data.friendly_name;
- $("#content").css("display", "block");
}
}).fail(function (jqHXR) {
- if (!isLoginPage) {
- window.location = mctx.location + "login.html";
- } else {
+ if (mctx.debug) {
debugLog("Failed to ident server. Is API running?")
+ } else if (!isLoginPage) {
+ window.location = mctx.location + "login.html";
}
});
}
git.ucc.asn.au / matches / MCTX3420.git / commitdiff
UCC git Repository :: git.ucc.asn.au