1
0
mirror of https://github.com/binary-kitchen/doorlockd synced 2024-12-22 10:24:26 +01:00

Improved Logic.cpp

This commit is contained in:
Ralf Ramsauer 2015-05-11 23:28:02 +00:00
parent 3216294134
commit 0d7f56e647
3 changed files with 48 additions and 18 deletions

View File

@ -9,11 +9,13 @@
#define DEFAULT_LOG_LEVEL LogLevel::info
#endif
#define TOKEN_TIMEOUT 15
#define TOKEN_TIMEOUT 60
#define LOCKPAGE_PREFIX "https://lock.binary.kitchen/"
#define FIFO_LOCATION "/tmp/fifo"
#define FIFO_LOCATION "/var/run/doorlockd/doorlockd"
#define LDAP_SERVER "ldaps://ldap.binary.kitchen"
#define BINDDN "cn=%s,ou=Users,dc=binary-kitchen,dc=de"
#define ALLOWEDIPPREFIX "172.23.3."
#endif

View File

@ -22,6 +22,7 @@ const string Logic::_fifoLocation = FIFO_LOCATION;
const string Logic::_ldapServer = LDAP_SERVER;
const string Logic::_bindDN = BINDDN;
const string Logic::_allowedIpPrefix = ALLOWEDIPPREFIX;
Logic &Logic::get()
{
@ -45,17 +46,26 @@ Logic::Logic() :
throw("Unable to delete Fifo file");
}
}
if (mkfifo(_fifoLocation.c_str(), 0660) != 0)
umask(0);
if (mkfifo(_fifoLocation.c_str(), 0770) != 0)
{
throw("Unable to create Fifo");
}
_fifoHandle = open(_fifoLocation.c_str(), O_RDWR | O_NONBLOCK);
if (_fifoHandle == -1)
{
throw("Unable to open Fifo");
}
if (fchown(_fifoHandle, 0, 1001) != 0)
{
throw("Fifo chown failed");
}
_createNewToken(false);
}
@ -73,26 +83,27 @@ Logic::~Logic()
}
}
void Logic::_parseRequest(const string &str)
int Logic::_parseRequest(const string &str)
{
_logger("Parsing request...");
Json::Reader reader;
Json::Value root;
int retval = 0;
string action, user, password, ip, token;
bool authenticate;
bool suc = reader.parse(str, root, false);
if (!suc)
{
_logger(LogLevel::error, "Request ist not valid JSON!");
return;
goto out;
}
string action, user, password, host, token;
bool authenticated;
try {
action = getJsonOrFail<string>(root, "action");
host = getJsonOrFail<string>(root, "host");
authenticated = getJsonOrFail<bool>(root, "authenticated");
if (authenticated == true)
ip = getJsonOrFail<string>(root, "ip");
authenticate = getJsonOrFail<bool>(root, "authenticate");
if (authenticate == true)
{
user = getJsonOrFail<string>(root, "user");
password = getJsonOrFail<string>(root, "password");
@ -102,24 +113,30 @@ void Logic::_parseRequest(const string &str)
catch (...)
{
_logger(LogLevel::warning, "Error parsing JSON");
return;
goto out;
}
printf("Action: %s\nAuthenticated: %d\nHost: %s\n",action.c_str(), authenticated, host.c_str());
printf("User: %s\nPassword: %s\nToken: %s\n",user.c_str(), password.c_str(), token.c_str());
printf("Action: %s\nAuthenticate: %d\nIP: %s\n",action.c_str(), authenticate, ip.c_str());
printf("User: %s\nPassword: XXXXXXXXXX\nToken: %s\n",user.c_str(), token.c_str());
if (authenticated == true)
if (authenticate == true)
{
if (_checkToken(token) == false)
{
_logger(LogLevel::error, "User provided invalid token");
return;
goto out;
}
if (_checkLDAP(user, password) == false)
{
_logger(LogLevel::error, "invalid LDAP credentials");
return;
goto out;
}
} else {
if (_checkIP(ip) == false)
{
_logger(LogLevel::error, "IP check for non-authentication failed");
goto out;
}
}
@ -131,6 +148,9 @@ void Logic::_parseRequest(const string &str)
} else {
_logger(LogLevel::error, "Unknown Action: %s", action.c_str());
}
out:
return retval;
}
void Logic::_lock()
@ -200,10 +220,16 @@ void Logic::run()
throw "read() fifo failed";
}
}
_parseRequest(payload);
int rc = _parseRequest(payload);
}
}
bool Logic::_checkIP(const string &ip)
{
return true;
}
bool Logic::_checkToken(const string &strToken)
{
try {

View File

@ -22,13 +22,14 @@ public:
private:
Logic();
void _parseRequest(const std::string &str);
int _parseRequest(const std::string &str);
void _lock();
void _unlock();
bool _checkToken(const std::string &token);
bool _checkLDAP(const std::string &user, const std::string &password);
bool _checkIP(const std::string &ip);
void _createNewToken(const bool stillValid);
@ -47,6 +48,7 @@ private:
const static std::string _fifoLocation;
const static std::string _bindDN;
const static std::string _ldapServer;
const static std::string _allowedIpPrefix;
int _fifoHandle = {-1};