From f7e03bdc0f21723b07636a1f85c8747701d0bcba Mon Sep 17 00:00:00 2001 From: Tina_Azure <-> Date: Sat, 22 Apr 2023 23:11:56 +0200 Subject: [PATCH] Login route handlers --- src/main.cpp | 36 ++++++++++++++++++++++++++---------- 1 file changed, 26 insertions(+), 10 deletions(-) diff --git a/src/main.cpp b/src/main.cpp index 8a1ae7c..39d854e 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -232,14 +232,9 @@ int main(int argc, char *argv[]) { res.end(); }); - /* - * Page for freelancer to log in + * Logs out a freelancer by replacing validation key and expiring cookies */ - CROW_ROUTE(app, "/freelancer/login") - ([&,databaseURI](const crow::request& getRequest ) { - - /* auto& ctx = app.get_context(getRequest); // Read cookies with get_cookie auto value = ctx.get_cookie("cookieloggedin"); @@ -255,9 +250,20 @@ int main(int argc, char *argv[]) { + /* + * Page for freelancer to log in + */ + CROW_ROUTE(app, "/freelancer/login") + ([&,configuration](const crow::request& getRequest ) { + auto& ctx = app.get_context(getRequest); + string loginKey = ctx.get_cookie("loginKey"); + string freelancerEmail = ctx.get_cookie("freelancerEmail"); string templateHTML = "freelancer_Login.html"; + if (!freelancerEmail.empty() && !loginKey.empty()) { + if (Utilities::checkFreelancerLoginState(configuration, loginKey, freelancerEmail)) + templateHTML = "freelancer_Redirect_Profile.html"; + } auto page = crow::mustache::load(templateHTML); - return page.render(); }); @@ -265,12 +271,13 @@ int main(int argc, char *argv[]) { * Page for freelancer to log in fulfillment */ CROW_ROUTE(app, "/freelancer/login/fulfilment").methods("POST"_method) - ([databaseURI, configuration](const crow::request& postRequest ) { + ([&, configuration](const crow::request& postRequest ) { crow::mustache::context ctx; string postRequestBody = postRequest.body; Utilities::decodeString(postRequestBody); vector splitPostRequestBody = Utilities::splitStringIntoVector(postRequestBody, '&'); string email, password; + bool stayLoggedIn; for (const string& item : splitPostRequestBody) { vector splitItem = Utilities::splitStringIntoVector(item, '='); @@ -278,12 +285,14 @@ int main(int argc, char *argv[]) { email = splitItem.at(1); if (splitItem.at(0) == "freelancerpassword") password = splitItem.at(1); + if (splitItem.at(0) == "stayloggedin") + stayLoggedIn = !splitItem.at(1).empty(); //if checkbox not set result is empty ie stay logged in is false, if it is set result is "on" ie not empty ie stay logged in is true } //check if login data is complete if (!email.empty() && !password.empty()){ //check if freelancer exists - pqxx::connection databaseConnection(databaseURI); + pqxx::connection databaseConnection(configuration.databaseConnectionString); pqxx::result checkFreelancerExists = Database::executePreparedStatement_SELECT_CHECK_EMAIL_EXISTS(databaseConnection, email); int checkFreelancerExistsExtracted = stoi(checkFreelancerExists.at(0).at(0).c_str()); if (checkFreelancerExistsExtracted == 1) { @@ -293,7 +302,14 @@ int main(int argc, char *argv[]) { pqxx::result checkFreelancerHash = Database::executePreparedStatement_SELECT_CHECK_HASH_VALID(databaseConnection, email, hash); int checkFreelancerHashExtracted = stoi(checkFreelancerHash.at(0).at(0).c_str()); if (checkFreelancerHashExtracted == 1) { - //todo::create secure cookie + //create secureCookie + auto& cookieCtx = app.get_context(postRequest); + std::string loginKeyValue = Utilities::generateLoginKeyValue(); + Database::executePreparedStatement_UPDATE_LOGIN_VALIDATION_KEY(databaseConnection, loginKeyValue, email); + std::string loginKeyCookieValue = Utilities::generateSecureCookieLoginKeyValue(loginKeyValue, stayLoggedIn); + std::string freelancerEmailCookieValue = Utilities::generateSecureCookieFreelancerEmailValue(email, stayLoggedIn); + cookieCtx.set_cookie("loginKey", loginKeyCookieValue); + cookieCtx.set_cookie("freelancerEmail",freelancerEmailCookieValue); ctx["LOGIN_SUCCESS"] = true; } else {