plugins/generic-sessions/private-lwsgs.h

   1 /*
   2  * ws protocol handler plugin for "generic sessions"
   3  *
   4  * Copyright (C) 2010-2016 Andy Green <andy@warmcat.com>
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU General Public
   8  * License as published by the Free Software Foundation:
   9  * version 2.1 of the License.
  10  *
  11  * This library is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public
  17  * License along with this library; if not, write to the Free Software
  18  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
  19  * MA  02110-1301  USA
  20  */
  21
  22 #define LWS_DLL
  23 #define LWS_INTERNAL
  24 #include "../lib/libwebsockets.h"
  25
  26 #include <sqlite3.h>
  27 #include <string.h>
  28
  29 #define LWSGS_VERIFIED_ACCEPTED 100
  30
  31 enum {
  32         FGS_USERNAME,
  33         FGS_PASSWORD,
  34         FGS_PASSWORD2,
  35         FGS_EMAIL,
  36         FGS_REGISTER,
  37         FGS_GOOD,
  38         FGS_BAD,
  39         FGS_REG_GOOD,
  40         FGS_REG_BAD,
  41         FGS_ADMIN,
  42         FGS_FORGOT,
  43         FGS_FORGOT_GOOD,
  44         FGS_FORGOT_BAD,
  45         FGS_FORGOT_POST_GOOD,
  46         FGS_FORGOT_POST_BAD,
  47         FGS_CHANGE,
  48         FGS_CURPW,
  49         FGS_DELETE,
  50 };
  51
  52 struct lwsgs_user {
  53         char username[32];
  54         char ip[16];
  55         lwsgw_hash pwhash;
  56         lwsgw_hash pwsalt;
  57         lwsgw_hash token;
  58         time_t created;
  59         time_t last_forgot_validated;
  60         char email[100];
  61         int verified;
  62 };
  63
  64 struct per_vhost_data__gs {
  65         struct lws_email email;
  66         struct lws_context *context;
  67         char session_db[256];
  68         char admin_user[32];
  69         char confounder[32];
  70         char email_contact_person[128];
  71         char email_title[128];
  72         char email_template[128];
  73         char email_confirm_url[128];
  74         lwsgw_hash admin_password_sha1;
  75         sqlite3 *pdb;
  76         int timeout_idle_secs;
  77         int timeout_absolute_secs;
  78         int timeout_anon_absolute_secs;
  79         int timeout_email_secs;
  80         time_t last_session_expire;
  81         struct lwsgs_user u;
  82 };
  83
  84 struct per_session_data__gs {
  85         struct lws_spa *spa;
  86         lwsgw_hash login_session;
  87         lwsgw_hash delete_session;
  88         unsigned int login_expires;
  89         char onward[256];
  90         char result[500 + LWS_PRE];
  91         char urldec[500 + LWS_PRE];
  92         int result_len;
  93         char ip[46];
  94         struct lws_process_html_state phs;
  95         int spos;
  96
  97         unsigned int logging_out:1;
  98 };
  99
 100 /* utils.c */
 101
 102 int
 103 lwsgs_lookup_callback_user(void *priv, int cols, char **col_val,
 104                            char **col_name);
 105 void
 106 lwsgw_cookie_from_session(lwsgw_hash *sid, time_t expires, char **p, char *end);
 107 int
 108 lwsgs_get_sid_from_wsi(struct lws *wsi, lwsgw_hash *sid);
 109 int
 110 lwsgs_lookup_session(struct per_vhost_data__gs *vhd,
 111                      const lwsgw_hash *sid, char *username, int len);
 112 int
 113 lwsgs_get_auth_level(struct per_vhost_data__gs *vhd,
 114                      const char *username);
 115 int
 116 lwsgs_check_credentials(struct per_vhost_data__gs *vhd,
 117                         const char *username, const char *password);
 118 void
 119 sha1_to_lwsgw_hash(unsigned char *hash, lwsgw_hash *shash);
 120 unsigned int
 121 lwsgs_now_secs(void);
 122 int
 123 lwsgw_check_admin(struct per_vhost_data__gs *vhd,
 124                   const char *username, const char *password);
 125 int
 126 lwsgs_hash_password(struct per_vhost_data__gs *vhd,
 127                     const char *password, struct lwsgs_user *u);
 128 int
 129 lwsgs_new_session_id(struct per_vhost_data__gs *vhd,
 130                      lwsgw_hash *sid, const char *username, int exp);
 131 int
 132 lwsgs_lookup_user(struct per_vhost_data__gs *vhd,
 133                   const char *username, struct lwsgs_user *u);
 134 int
 135 lwsgw_update_session(struct per_vhost_data__gs *vhd,
 136                      lwsgw_hash *hash, const char *user);
 137 int
 138 lwsgw_expire_old_sessions(struct per_vhost_data__gs *vhd);
 139
 140
 141 /* handlers.c */
 142
 143 int
 144 lwsgs_handler_confirm(struct per_vhost_data__gs *vhd, struct lws *wsi,
 145                       struct per_session_data__gs *pss);
 146 int
 147 lwsgs_handler_forgot(struct per_vhost_data__gs *vhd, struct lws *wsi,
 148                      struct per_session_data__gs *pss);
 149 int
 150 lwsgs_handler_check(struct per_vhost_data__gs *vhd, struct lws *wsi,
 151                       struct per_session_data__gs *pss);
 152 int
 153 lwsgs_handler_change_password(struct per_vhost_data__gs *vhd, struct lws *wsi,
 154                               struct per_session_data__gs *pss);
 155 int
 156 lwsgs_handler_forgot_pw_form(struct per_vhost_data__gs *vhd, struct lws *wsi,
 157                              struct per_session_data__gs *pss);
 158 int
 159 lwsgs_handler_register_form(struct per_vhost_data__gs *vhd, struct lws *wsi,
 160                              struct per_session_data__gs *pss);
 161