Skip to content

Commit

Permalink
The user can now change his password.
Browse files Browse the repository at this point in the history
  • Loading branch information
@StefanRvO
StefanRvO committed Jul 11, 2017
1 parent a0b13e9 commit da18cd1
Show file tree
Hide file tree
Showing 8 changed files with 264 additions and 38 deletions.
103 changes: 103 additions & 0 deletions software/data_files/html/users.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,117 @@
<div class="header">
<h1>Users</h1>
<h2>Here you can see user information</h2>
</div>
<div class="content">

<h2 class="content-subhead"><b>Current User</b></h2>
<p> <b>Username:</b> <span id="span_user_username">Loading...</span> </p>
<p> <b>Session Creation:</b> <span id="span_session_creation">Loading...</span> </p>
<p> <b>Session Expiration:</b> <span id="span_session_expiration">Loading...</span> </p>
<p> <b>Type:</b> <span id="span_user_type">Loading...</span> </p>

<h2 class="content-subhead"><b>Change Password</b></h2>
<form method="POST" class="pure-form pure-form-stacked" id="FormChangePassword">
<fieldset>
<div class="pure-control-group">
<label for="old_password">Current password:</label>
<input type="password" name="password[old_password]" id="old_password" value="">
</div>
<div class="pure-control-group">

<label for="new_password">New password</label>
<input type="password" name="password[new_password]" id="new_password">
</div>

<div class="pure-control-group">

<label for="repeat">Repeat new password</label>
<input type="password" name="password[repeat]" id="repeat">
</div>

<div id="passwordMatchMessage">
</div>

<div class="pure-controls">
<label for="submit"></label>
<button id="submit" name="submit" class="pure-button" disabled = '1' >Submit</button>
</div>
</fieldset>

</form>

</div>
</div>

<!--#include file="ssi/com_js.html"-->


<script language="javascript" type="text/javascript">

function checkPasswordMatch() {
var password = $("#new_password").val();
var confirmPassword = $("#repeat").val();
if(password.length < 3)
{
document.getElementById('submit').disabled = 1;
$("#passwordMatchMessage").html("<font color='red'>You probably don't want a password this short!</font>");

}
else if (password != confirmPassword)
{
document.getElementById('submit').disabled = 1;
$("#passwordMatchMessage").html("<font color='red'>Passwords do not match!</font>");
}
else
{
document.getElementById('submit').disabled = 0;
$("#passwordMatchMessage").html("");
}
}

$(document).ready(function () {
$("#new_password, #repeat").keyup(checkPasswordMatch);
});

$( document ).ready(function() {
$.ajax({
url: '/api/v1/get/user_info',
method: 'GET',
dataType: 'json',
data: {},
success: function(json) {
var cur_time = new Date().getTime();
$('#span_user_username').html(json.username);
$('#span_session_creation').html(new Date(cur_time + json.session_created - json.cur_time).toString());
$('#span_session_expiration').html(new Date(cur_time + json.session_expire - json.cur_time).toString());
$('#span_user_type').html(json.type);

}
});
});

// Submit password form
$('form#FormChangePassword').submit(function(e) {
e.preventDefault();
$.ajax({
url: '/api/v1/post/change_password',
type: 'POST',
contentType:"application/json; charset=utf-8",
data: $('form#FormChangePassword').serializeJSON(),
success: function() {
var t = new Toast();
t.snackShow('Password updated successfully', 'success');
},
error: function(jqXHR, exception) {
if(jqXHR.status == 403)
{
var t = new Toast();
t.snackShow('The password was incorrect', 'error');
}
},
});
});

</script>

<!--#include file="ssi/footer.html"-->
35 changes: 30 additions & 5 deletions software/main/HttpServer_get_api.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,27 @@ int HttpServer::handle_get_uptime(get_api_session_data *session_data, char *requ
return 0;
}

int HttpServer::handle_get_user_info(get_api_session_data *session_data, char *request_uri)
{
Session session;
uint64_t cur_time = this->t_keeper->get_uptime_milliseconds();
if(this->login_manager->get_session_info(&session_data->session_token, &session))
return 1;

cJSON *root = cJSON_CreateObject();
cJSON_AddStringToObject(root, "username", session.username);
cJSON_AddNumberToObject(root, "type", session.u_type);
cJSON_AddNumberToObject(root, "session_created", session.created);
cJSON_AddNumberToObject(root, "session_lastuse", session.last_used);
cJSON_AddNumberToObject(root, "session_expire", this->login_manager->get_expire_time(&session));
cJSON_AddNumberToObject(root, "cur_time", cur_time);


session_data->json_str = (unsigned char *)cJSON_PrintBuffered(root, 60, 1);
cJSON_Delete(root);
return 0;
}

int HttpServer::handle_get_bootinfo(get_api_session_data *session_data, char *request_uri)
{
cJSON *root = cJSON_CreateObject();
Expand All @@ -73,7 +94,6 @@ int HttpServer::handle_get_bootinfo(get_api_session_data *session_data, char *re
const esp_partition_t *part = lws_esp_ota_get_boot_partition();
struct lws_esp32_image i;
lws_esp32_get_image_info(part, &i, buf, sizeof(buf) - 1);
uint32_t switch_num;
cJSON *build = cJSON_Parse(buf);

cJSON *partition = cJSON_CreateObject();
Expand Down Expand Up @@ -195,6 +215,11 @@ int HttpServer::create_get_callback_reply(get_api_session_data *session_data, ch
return handle_get_uptime(session_data, request_uri);
if(strcmp(request_uri, "/boot_info") == 0)
return handle_get_bootinfo(session_data, request_uri);
if(strcmp(request_uri, "/user_info") == 0)
return handle_get_user_info(session_data, request_uri);
/*if(strcmp(request_uri, "/user_list") == 0)
return handle_get_bootinfo(session_data, request_uri);*/


return 2; //This results in a 404 being sent
}
Expand Down Expand Up @@ -223,7 +248,7 @@ HttpServer::get_callback(struct lws *wsi, enum lws_callback_reasons reason,
goto try_to_reuse;
case 2:
default:
return -1;
return 1;
}
p = buffer + LWS_PRE;
end = p + sizeof(buffer) - LWS_PRE;
Expand Down Expand Up @@ -278,7 +303,7 @@ HttpServer::get_callback(struct lws *wsi, enum lws_callback_reasons reason,
LWS_WRITE_HTTP_HEADERS);
if (n < 0) {
if(session_data->json_str) free(session_data->json_str);
return -1;
return 1;
}
/*Transfer the malloced json string to the buffered one.
*This means that we can free the memory op fairly quickly, and not worry anymore.*/
Expand Down Expand Up @@ -341,7 +366,7 @@ HttpServer::get_callback(struct lws *wsi, enum lws_callback_reasons reason,
ESP_LOGI(TAG, "LWS WRITE FAILED, BAILING\n")

if(session_data->json_str) free(session_data->json_str);
return -1;
return 1;

case LWS_CALLBACK_FILTER_NETWORK_CONNECTION:
/* if we returned non-zero from here, we kill the connection */
Expand All @@ -367,7 +392,7 @@ HttpServer::get_callback(struct lws *wsi, enum lws_callback_reasons reason,
return 1;
try_to_reuse:
if (lws_http_transaction_completed(wsi))
return -1;
return 1;

return 0;
}
8 changes: 4 additions & 4 deletions software/main/HttpServer_login_api.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,7 @@ int HttpServer::login_callback(struct lws *wsi, enum lws_callback_reasons reason

/* let it parse the POST data */
if(sizeof(session_data->post_data) - 1 - session_data->total_post_length < len) //We substract 1 to make space for zero termination
return -1;
return 1;
memcpy(session_data->post_data + session_data->total_post_length, in, len);
session_data->total_post_length += len;
break;
Expand All @@ -152,7 +152,7 @@ int HttpServer::login_callback(struct lws *wsi, enum lws_callback_reasons reason
ESP_LOGI(TAG, "LWS_CALLBACK_HTTP_BODY_COMPLETION");

if(sizeof(session_data->post_data) - session_data->total_post_length < len)
return -1;
return 1;
memcpy(session_data->post_data + session_data->total_post_length, in, len);
session_data->total_post_length += len;

Expand Down Expand Up @@ -222,7 +222,7 @@ int HttpServer::login_callback(struct lws *wsi, enum lws_callback_reasons reason
goto try_to_reuse;
}
ESP_LOGI(TAG, "%d", __LINE__);
return -1;
return 1;

case LWS_CALLBACK_HTTP_DROP_PROTOCOL:
ESP_LOGI(TAG, "%d", __LINE__);
Expand All @@ -235,7 +235,7 @@ int HttpServer::login_callback(struct lws *wsi, enum lws_callback_reasons reason

try_to_reuse:
if (lws_http_transaction_completed(wsi))
return -1;
return 1;
ESP_LOGI(TAG, "%d", __LINE__);

return 0;
Expand Down
5 changes: 2 additions & 3 deletions software/main/HttpServer_ota.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -207,9 +207,8 @@ HttpServer::ota_callback(struct lws *wsi, enum lws_callback_reasons reason,
}

/* let it parse the POST data */
printf("%p, %p, %p, %d\n", pss->spa, pss, in, len);
if (lws_spa_process(pss->spa, (const char*)in, len))
return -1;
return 1;
break;

case LWS_CALLBACK_HTTP_BODY_COMPLETION:
Expand Down Expand Up @@ -274,7 +273,7 @@ HttpServer::ota_callback(struct lws *wsi, enum lws_callback_reasons reason,
return 0;
try_to_reuse:
if (lws_http_transaction_completed(wsi))
return -1;
return 1;
return 0;

bail:
Expand Down
52 changes: 45 additions & 7 deletions software/main/HttpServer_post_api.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,8 +103,39 @@ int HttpServer::post_set_switch_state(post_api_session_data *session_data)
return 0;
}

int HttpServer::post_change_password(struct lws *wsi, post_api_session_data *session_data)
{
cJSON *root, *fmt, *new_pass, *old_pass;
login_error result;
root = cJSON_Parse(session_data->post_data);
if(!root) return -1;
fmt = cJSON_GetObjectItem(root, "password");
old_pass = cJSON_GetObjectItem(fmt, "old_password");
if(!old_pass || old_pass->type != cJSON_String) goto post_change_password_failure;

new_pass = cJSON_GetObjectItem(fmt, "new_password");
if(!new_pass || new_pass->type != cJSON_String) goto post_change_password_failure;

result = this->login_manager->change_passwd(&session_data->session_token,
old_pass->valuestring, new_pass->valuestring);
cJSON_Delete(root);
if(result == invalid_password)
{
lws_return_http_status(wsi, 403, "Old password validation failed!");
return 1;
}
if(result)
return -1;
return 0;

int HttpServer::handle_post_data(post_api_session_data *session_data)
post_change_password_failure:
cJSON_Delete(root);
return -1;

}


int HttpServer::handle_post_data(struct lws *wsi, post_api_session_data *session_data)
{
session_data->post_data[session_data->total_post_length] = '\0'; //Make sure to zero terminate the string
printf("URI: %.*s\n", sizeof(session_data->post_uri), session_data->post_uri);
Expand All @@ -120,6 +151,8 @@ int HttpServer::handle_post_data(post_api_session_data *session_data)
this->s_handler->reset_settings();
else if(strcmp(session_data->post_uri, "/toggle_switch") == 0)
return post_set_switch_state(session_data);
else if(strcmp(session_data->post_uri, "/change_password") == 0)
return post_change_password(wsi, session_data);

return 0;
}
Expand All @@ -145,23 +178,23 @@ HttpServer::post_callback(struct lws *wsi, enum lws_callback_reasons reason,
goto try_to_reuse;
case 2:
default:
return -1;
return 1;
}
break;
case LWS_CALLBACK_HTTP_BODY:
printf("LWS_CALLBACK_HTTP_BODY\n");

/* let it parse the POST data */
if(sizeof(session_data->post_data) - 1 - session_data->total_post_length < len) //We substract 1 to make space for zero termination
return -1;
return 1;
memcpy(session_data->post_data + session_data->total_post_length, in, len);
session_data->total_post_length += len;
break;

case LWS_CALLBACK_HTTP_BODY_COMPLETION:
printf("LWS_CALLBACK_HTTP_BODY_COMPLETION\n");
if(sizeof(session_data->post_data) - session_data->total_post_length < len)
return -1;
return 1;
memcpy(session_data->post_data + session_data->total_post_length, in, len);
session_data->total_post_length += len;

Expand All @@ -170,14 +203,19 @@ HttpServer::post_callback(struct lws *wsi, enum lws_callback_reasons reason,

case LWS_CALLBACK_HTTP_WRITEABLE:
printf("LWS_CALLBACK_HTTP_WRITEABLE\n");
post_result = server->handle_post_data(session_data);
post_result = server->handle_post_data(wsi, session_data);
printf("post_result: %d\n", post_result);
if(post_result == 0)
{
lws_return_http_status(wsi, HTTP_STATUS_OK, NULL);
goto try_to_reuse;
}
else if(post_result == 1)
{
goto try_to_reuse;
}
else
return -1;
return 1;

case LWS_CALLBACK_HTTP_DROP_PROTOCOL:
break;
Expand All @@ -189,7 +227,7 @@ HttpServer::post_callback(struct lws *wsi, enum lws_callback_reasons reason,
return 0;
try_to_reuse:
if (lws_http_transaction_completed(wsi))
return -1;
return 1;

return 0;
}
Loading

0 comments on commit da18cd1

Please sign in to comment.