File: setup.cpp

package info (click to toggle)
bibledit-cloud 5.1.036-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 250,636 kB
  • sloc: xml: 915,934; ansic: 261,349; cpp: 92,628; javascript: 32,542; sh: 4,915; makefile: 586; php: 69
file content (67 lines) | stat: -rw-r--r-- 2,115 bytes parent folder | download | duplicates (5) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
 
/*
 Copyright (©) 2003-2025 Teus Benschop.
 
 This program is free software; you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
 the Free Software Foundation; either version 3 of the License, or
 (at your option) any later version.
 
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.
 
 You should have received a copy of the GNU General Public License
 along with this program; if not, write to the Free Software
 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */


#include <sync/setup.h>
#include <filter/string.h>
#include <filter/url.h>
#include <filter/roles.h>
#include <database/config/general.h>
#include <database/users.h>
#include <sync/logic.h>
#include <user/logic.h>


std::string sync_setup_url ()
{
  return "sync/setup";
}


std::string sync_setup (Webserver_Request& webserver_request)
{
  Sync_Logic sync_logic (webserver_request);
  
  if (!sync_logic.security_okay ()) {
    // When the Cloud enforces https, inform the client to upgrade.
    webserver_request.response_code = 426;
    return std::string();
  }
  
  std::string page;
  
  std::string username = webserver_request.query ["user"];
  username = filter::strings::hex2bin (username);
  std::string password = webserver_request.query ["pass"];

  // Check the credentials of the client.
  if (webserver_request.database_users ()->usernameExists (username)) {
    std::string md5 = webserver_request.database_users ()->get_md5 (username);
    if (password == md5) {
      // Check brute force attack mitigation.
      if (user_logic_login_failure_check_okay ()) {
        // Return the level to the client.
        return std::to_string (webserver_request.database_users ()->get_level (username));
      }
    }
  }
  
  // The credentials were not accepted.
  user_logic_login_failure_register ();
  return "Server does not recognize the credentials";
}