frodovdr/hyperion.ng
1
0
Fork 0
mirror of https://github.com/hyperion-project/hyperion.ng.git synced 2025-03-01 10:33:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor config API

Browse Source
This commit is contained in:
LordGrey
2024-08-01 23:07:18 +02:00
parent 4a5b0b6bf2
commit c86af5ce79
42 changed files with 1605 additions and 889 deletions
Download Patch File Download Diff File Expand all files Collapse all files

241
include/db/AuthTable.h
View File

@@ -1,12 +1,7 @@
#pragma once
#ifndef AUTHSTABLE_H
#define AUTHSTABLE_H
// hyperion
#include <db/DBManager.h>
#include <QCryptographicHash>
// qt
#include <QDateTime>
#include <QUuid>
namespace hyperion {
const char DEFAULT_USER[] = "Hyperion";
@@ -21,69 +16,30 @@ class AuthTable : public DBManager
public:
/// construct wrapper with auth table
AuthTable(const QString& rootPath = "", QObject* parent = nullptr, bool readonlyMode = false)
: DBManager(parent)
{
setReadonlyMode(readonlyMode);
if(!rootPath.isEmpty()){
// Init Hyperion database usage
setRootPath(rootPath);
setDatabaseName("hyperion");
}
// init Auth table
setTable("auth");
// create table columns
createTable(QStringList()<<"user TEXT"<<"password BLOB"<<"token BLOB"<<"salt BLOB"<<"comment TEXT"<<"id TEXT"<<"created_at TEXT"<<"last_use TEXT");
};
explicit AuthTable(QObject* parent = nullptr);
///
/// @brief Create a user record, if called on a existing user the auth is recreated
/// @param[in] user The username
/// @param[in] pw The password
/// @param[in] password The password
/// @return true on success else false
///
inline bool createUser(const QString& user, const QString& pw)
{
// new salt
QByteArray salt = QCryptographicHash::hash(QUuid::createUuid().toByteArray(), QCryptographicHash::Sha512).toHex();
QVariantMap map;
map["user"] = user;
map["salt"] = salt;
map["password"] = hashPasswordWithSalt(pw,salt);
map["created_at"] = QDateTime::currentDateTimeUtc().toString(Qt::ISODate);
VectorPair cond;
cond.append(CPair("user",user));
return createRecord(cond, map);
}
bool createUser(const QString& user, const QString& password);
///
/// @brief Test if user record exists
/// @param[in] user The user id
/// @return true on success else false
///
inline bool userExist(const QString& user)
{
VectorPair cond;
cond.append(CPair("user",user));
return recordExists(cond);
}
bool userExist(const QString& user);
///
/// @brief Test if a user is authorized for access with given pw.
/// @param user The user name
/// @param pw The password
/// @return True on success else false
/// @param user The user name
/// @param password The password
/// @return True on success else false
///
inline bool isUserAuthorized(const QString& user, const QString& pw)
{
if(userExist(user) && (calcPasswordHashOfUser(user, pw) == getPasswordHashOfUser(user)))
{
updateUserUsed(user);
return true;
}
return false;
}
bool isUserAuthorized(const QString& user, const QString& password);
///
/// @brief Test if a user token is authorized for access.
@@ -91,197 +47,92 @@ public:
/// @param token The token
/// @return True on success else false
///
inline bool isUserTokenAuthorized(const QString& usr, const QString& token)
{
if(getUserToken(usr) == token.toUtf8())
{
updateUserUsed(usr);
return true;
}
return false;
}
bool isUserTokenAuthorized(const QString& usr, const QString& token);
///
/// @brief Update token of a user. It's an alternate login path which is replaced on startup. This token is NOT hashed(!)
/// @param user The user name
/// @return True on success else false
///
inline bool setUserToken(const QString& user)
{
QVariantMap map;
map["token"] = QCryptographicHash::hash(QUuid::createUuid().toByteArray(), QCryptographicHash::Sha512).toHex();
VectorPair cond;
cond.append(CPair("user", user));
return updateRecord(cond, map);
}
bool setUserToken(const QString& user);
///
/// @brief Get token of a user. This token is NOT hashed(!)
/// @param user The user name
/// @return The token
///
inline const QByteArray getUserToken(const QString& user)
{
QVariantMap results;
VectorPair cond;
cond.append(CPair("user", user));
getRecord(cond, results, QStringList()<<"token");
return results["token"].toByteArray();
}
const QByteArray getUserToken(const QString& user);
///
/// @brief update password of given user. The user should be tested (isUserAuthorized) to verify this change
/// @param user The user name
/// @param newPw The new password to set
/// @return True on success else false
/// @param user The user name
/// @param newassword The new password to set
/// @return True on success else false
///
inline bool updateUserPassword(const QString& user, const QString& newPw)
{
QVariantMap map;
map["password"] = calcPasswordHashOfUser(user, newPw);
VectorPair cond;
cond.append(CPair("user", user));
return updateRecord(cond, map);
}
bool updateUserPassword(const QString& user, const QString& newPassword);
///
/// @brief Reset password of Hyperion user !DANGER! Used in Hyperion main.cpp
/// @return True on success else false
///
inline bool resetHyperionUser()
{
QVariantMap map;
map["password"] = calcPasswordHashOfUser(hyperion::DEFAULT_USER, hyperion::DEFAULT_PASSWORD);
VectorPair cond;
cond.append(CPair("user", hyperion::DEFAULT_USER));
return updateRecord(cond, map);
}
bool resetHyperionUser();
///
/// @brief Update 'last_use' column entry for the corresponding user
/// @param[in] user The user to search for
///
inline void updateUserUsed(const QString& user)
{
QVariantMap map;
map["last_use"] = QDateTime::currentDateTimeUtc().toString(Qt::ISODate);
VectorPair cond;
cond.append(CPair("user", user));
updateRecord(cond, map);
}
void updateUserUsed(const QString& user);
///
/// @brief Test if token record exists, updates last_use on success
/// @param[in] token The token id
/// @return true on success else false
///
inline bool tokenExist(const QString& token)
{
QVariantMap map;
map["last_use"] = QDateTime::currentDateTimeUtc().toString(Qt::ISODate);
VectorPair cond;
cond.append(CPair("token", hashToken(token)));
if(recordExists(cond))
{
// update it
createRecord(cond,map);
return true;
}
return false;
}
bool tokenExist(const QString& token);
///
/// @brief Create a new token record with comment
/// @param[in] token The token id as plaintext
/// @param[in] comment The comment for the token (eg a human readable identifier)
/// @param[in] id The id for the token
/// @param[in] identifier The identifier for the token
/// @return true on success else false
///
inline bool createToken(const QString& token, const QString& comment, const QString& id)
{
QVariantMap map;
map["comment"] = comment;
map["id"] = idExist(id) ? QUuid::createUuid().toString().remove("{").remove("}").left(5) : id;
map["created_at"] = QDateTime::currentDateTimeUtc().toString(Qt::ISODate);
VectorPair cond;
cond.append(CPair("token", hashToken(token)));
return createRecord(cond, map);
}
bool createToken(const QString& token, const QString& comment, const QString& identifier);
///
/// @brief Delete token record by id
/// @param[in] id The token id
/// @brief Delete token record by identifier
/// @param[in] identifier The token identifier
/// @return true on success else false
///
inline bool deleteToken(const QString& id)
{
VectorPair cond;
cond.append(CPair("id", id));
return deleteRecord(cond);
}
bool deleteToken(const QString& identifier);
///
/// @brief Rename token record by id
/// @param[in] id The token id
/// @brief Rename token record by identifier
/// @param[in] identifier The token identifier
/// @param[in] comment The new comment
/// @return true on success else false
///
inline bool renameToken(const QString &id, const QString &comment)
{
QVariantMap map;
map["comment"] = comment;
VectorPair cond;
cond.append(CPair("id", id));
return updateRecord(cond, map);
}
bool renameToken(const QString &identifier, const QString &comment);
///
/// @brief Get all 'comment', 'last_use' and 'id' column entries
/// @return A vector of all lists
///
inline const QVector<QVariantMap> getTokenList()
{
QVector<QVariantMap> results;
getRecords(results, QStringList() << "comment" << "id" << "last_use");
return results;
}
const QVector<QVariantMap> getTokenList();
///
/// @brief Test if id exists
/// @param[in] id The id
/// @brief Test if identifier exists
/// @param[in] identifier The identifier
/// @return true on success else false
///
inline bool idExist(const QString& id)
{
VectorPair cond;
cond.append(CPair("id", id));
return recordExists(cond);
}
bool identifierExist(const QString& identifier);
///
/// @brief Get the passwort hash of a user from db
/// @param user The user name
/// @return password as hash
///
inline const QByteArray getPasswordHashOfUser(const QString& user)
{
QVariantMap results;
VectorPair cond;
cond.append(CPair("user", user));
getRecord(cond, results, QStringList()<<"password");
return results["password"].toByteArray();
}
const QByteArray getPasswordHashOfUser(const QString& user);
///
/// @brief Calc the password hash of a user based on user name and password
@@ -289,36 +140,22 @@ public:
/// @param pw The password
/// @return The calced password hash
///
inline const QByteArray calcPasswordHashOfUser(const QString& user, const QString& pw)
{
// get salt
QVariantMap results;
VectorPair cond;
cond.append(CPair("user", user));
getRecord(cond, results, QStringList()<<"salt");
// calc
return hashPasswordWithSalt(pw,results["salt"].toByteArray());
}
const QByteArray calcPasswordHashOfUser(const QString& user, const QString& password);
///
/// @brief Create a password hash of plaintex password + salt
/// @param pw The plaintext password
/// @param password The plaintext password
/// @param salt The salt
/// @return The password hash with salt
///
inline const QByteArray hashPasswordWithSalt(const QString& pw, const QByteArray& salt)
{
return QCryptographicHash::hash(pw.toUtf8().append(salt), QCryptographicHash::Sha512).toHex();
}
const QByteArray hashPasswordWithSalt(const QString& password, const QByteArray& salt);
///
/// @brief Create a token hash
/// @param token The plaintext token
/// @return The token hash
///
inline const QByteArray hashToken(const QString& token)
{
return QCryptographicHash::hash(token.toUtf8(), QCryptographicHash::Sha512).toHex();
}
const QByteArray hashToken(const QString& token);
};
#endif // AUTHSTABLE_H