Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | logout now fails if the auth token is not available to it (as a sanity check and potentially stop someone from logging out someone else). |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | json |
Files: | files | file ages | folders |
SHA1: |
affdf56c3fef4e57c6a72b55e6e592d9 |
User & Date: | stephan 2011-09-17 14:24:24.326 |
Context
2011-09-17
| ||
16:01 | More cleaning up of error lower-level handling to output JSON instead of HTML in a few more cases. ... (check-in: 9b842564 user: stephan tags: json) | |
14:24 | logout now fails if the auth token is not available to it (as a sanity check and potentially stop someone from logging out someone else). ... (check-in: affdf56c user: stephan tags: json) | |
01:25 | dropped back to a simpler timestamp generation mechanism. Thanks to Ge Weijers for the input. ... (check-in: 147f4bfb user: stephan tags: json) | |
Changes
Changes to src/json.c.
︙ | ︙ | |||
52 53 54 55 56 57 58 59 60 61 62 63 64 65 | FSL_JSON_E_RESOURCE_NOT_FOUND = FSL_JSON_E_GENERIC_SUB1 + 4, FSL_JSON_E_TIMEOUT = FSL_JSON_E_GENERIC_SUB1 + 5, FSL_JSON_E_ASSERT = FSL_JSON_E_GENERIC_SUB1 + 6, FSL_JSON_E_ALLOC = FSL_JSON_E_GENERIC_SUB1 + 7, FSL_JSON_E_NYI = FSL_JSON_E_GENERIC_SUB1 + 8, FSL_JSON_E_AUTH = 2000, FSL_JSON_E_MISSING_AUTH = FSL_JSON_E_AUTH + 2, FSL_JSON_E_DENIED = FSL_JSON_E_AUTH + 3, FSL_JSON_E_WRONG_MODE = FSL_JSON_E_AUTH + 4, FSL_JSON_E_LOGIN_FAILED = FSL_JSON_E_AUTH + 100, FSL_JSON_E_LOGIN_FAILED_NONAME = FSL_JSON_E_LOGIN_FAILED + 1, FSL_JSON_E_LOGIN_FAILED_NOPW = FSL_JSON_E_LOGIN_FAILED + 2, | > | 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 | FSL_JSON_E_RESOURCE_NOT_FOUND = FSL_JSON_E_GENERIC_SUB1 + 4, FSL_JSON_E_TIMEOUT = FSL_JSON_E_GENERIC_SUB1 + 5, FSL_JSON_E_ASSERT = FSL_JSON_E_GENERIC_SUB1 + 6, FSL_JSON_E_ALLOC = FSL_JSON_E_GENERIC_SUB1 + 7, FSL_JSON_E_NYI = FSL_JSON_E_GENERIC_SUB1 + 8, FSL_JSON_E_AUTH = 2000, /* #2001: re-use */ FSL_JSON_E_MISSING_AUTH = FSL_JSON_E_AUTH + 2, FSL_JSON_E_DENIED = FSL_JSON_E_AUTH + 3, FSL_JSON_E_WRONG_MODE = FSL_JSON_E_AUTH + 4, FSL_JSON_E_LOGIN_FAILED = FSL_JSON_E_AUTH + 100, FSL_JSON_E_LOGIN_FAILED_NONAME = FSL_JSON_E_LOGIN_FAILED + 1, FSL_JSON_E_LOGIN_FAILED_NOPW = FSL_JSON_E_LOGIN_FAILED + 2, |
︙ | ︙ | |||
201 202 203 204 205 206 207 | ** be cson_value_free()d or transfered to a JSON container. */ cson_value * json_rc_string( int code ){ return cson_value_new_string( json_rc_cstr(code), 11 ); } /* | < < | 202 203 204 205 206 207 208 209 210 211 212 213 214 215 | ** be cson_value_free()d or transfered to a JSON container. */ cson_value * json_rc_string( int code ){ return cson_value_new_string( json_rc_cstr(code), 11 ); } /* ** Returns the current request's JSON authentication token, or NULL if ** none is found. The token's memory is owned by (or shared with) ** g.json.cgiCx. ** ** If an auth token is found in the GET/POST JSON request data then ** fossil is given that data for use in authentication for this ** session. |
︙ | ︙ | |||
226 227 228 229 230 231 232 | if( !g.json.authToken ){ /* Try to get an authorization token from GET parameter, POSTed JSON, or fossil cookie (in that order). */ g.json.authToken = cson_cgi_getenv(&g.json.cgiCx, "gp", FossilJsonKeys.authToken) /* reminder to self: cson_cgi does not have access to the cookies because fossil's core consumes them. Thus we cannot use "agpc" here. We use "a" (App-specific) as a place to store fossil's | | > > > | | > | | > > > | 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 | if( !g.json.authToken ){ /* Try to get an authorization token from GET parameter, POSTed JSON, or fossil cookie (in that order). */ g.json.authToken = cson_cgi_getenv(&g.json.cgiCx, "gp", FossilJsonKeys.authToken) /* reminder to self: cson_cgi does not have access to the cookies because fossil's core consumes them. Thus we cannot use "agpc" here. We use "a" (App-specific) as a place to store fossil's cookie value. Reminder #2: in server mode cson_cgi also doesn't have access to the GET parameters because of how the QUERY_STRING is set. That's on my to-fix list for cson_cgi (feeding it our own query string). */; if(g.json.authToken && cson_value_is_string(g.json.authToken)){ /* tell fossil to use this login info. FIXME: because the JSON bits don't carry around login_cookie_name(), there is a potential login hijacking window here. We may need to change the JSON auth token to be in the form: login_cookie_name()=... Then again, the hardened cookie value helps ensure that only a proper key/value match is valid. */ cgi_replace_parameter( login_cookie_name(), cson_value_get_cstr(g.json.authToken) ); }else if( g.isCGI ){ /* try fossil's conventional cookie. */ /* Reminder: chicken/egg scenario regarding db access in CLI mode because login_cookie_name() needs the db. */ char const * zCookie = P(login_cookie_name()); |
︙ | ︙ | |||
855 856 857 858 859 860 861 | #endif } } /* ** Impl of /json/logout. ** | < < < > > > > > > > > > > > > > > > | > > > > | 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 | #endif } } /* ** Impl of /json/logout. ** */ cson_value * json_page_logout(void){ cson_value const *token = g.json.authToken; /* Remember that json_bootstrap() replaces the login cookie with the JSON auth token if the request contains it. If the reqest is missing the auth token then this will fetch fossil's original cookie. Either way, it's what we want :). We require the auth token to avoid someone maliciously trying to log someone else out (not 100% sure if that would be possible, given fossil's hardened cookie, but i'll assume it would be for the time being). */ ; if(!token){ g.json.resultCode = FSL_JSON_E_MISSING_AUTH; }else{ login_clear_login_data(); g.json.authToken = NULL /* memory is owned by g.json.cgiCx, but now lives only in the cson_cgi garbage collector.*/; } return NULL; } /* ** Implementation of the /json/stat page/command. ** */ |
︙ | ︙ |
Changes to src/login.c.
︙ | ︙ | |||
287 288 289 290 291 292 293 294 | ** ** This is a no-op if g.userUid is 0. */ void login_clear_login_data(){ if(!g.userUid){ return; }else{ /* To logout, change the cookie value to an empty string */ | > | > > > > > > > > > | 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 | ** ** This is a no-op if g.userUid is 0. */ void login_clear_login_data(){ if(!g.userUid){ return; }else{ char const * cookie = login_cookie_name(); /* To logout, change the cookie value to an empty string */ cgi_set_cookie(cookie, "", login_cookie_path(), -86400); db_multi_exec("UPDATE user SET cookie=NULL, ipaddr=NULL, " " cexpire=0 WHERE uid=%d", g.userUid); cgi_replace_parameter(cookie, NULL) /* At the time of this writing, cgi_replace_parameter() was ** "NULL-value-safe", and i'm hoping the NULL doesn't cause any ** downstream problems here. We could alternately use "" here. */ ; /* Potential improvement: do we want/need to skip this step for ** the guest user? */ } } /* ** WEBPAGE: login ** WEBPAGE: logout ** WEBPAGE: my |
︙ | ︙ |