mirror of
https://github.com/j-a-n/raspberrymatic-addon-rmupdate.git
synced 2023-10-10 11:37:40 +00:00
Implement session and login handling
This commit is contained in:
parent
34d35761ca
commit
ee2956f7b4
@ -21,15 +21,99 @@
|
||||
#set env(TCLLIBPATH) [list /www /usr/local/addons/rmupdate/lib]
|
||||
#source once.tcl
|
||||
#source session.tcl
|
||||
load tclrega.so
|
||||
source /usr/local/addons/rmupdate/lib/rmupdate.tcl
|
||||
package require http
|
||||
|
||||
proc get_http_header {request header_name} {
|
||||
upvar $request req
|
||||
set header_name [string toupper $header_name]
|
||||
array set meta $req(meta)
|
||||
foreach header [array names meta] {
|
||||
if {$header_name == [string toupper $header] } then {
|
||||
return $meta($header)
|
||||
}
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
proc get_session {sid} {
|
||||
if {[regexp {@([0-9a-zA-Z]{10})@} $sid match sidnr]} {
|
||||
return [lindex [rega_script "Write(system.GetSessionVarStr('$sidnr'));"] 1]
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
proc check_session {sid} {
|
||||
if {[get_session $sid] != ""} {
|
||||
# renew session
|
||||
set url "http://127.0.0.1/pages/index.htm?sid=$sid"
|
||||
::http::cleanup [::http::geturl $url]
|
||||
return 1
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
proc new_session {} {
|
||||
set request [::http::geturl "http://127.0.0.1/login.htm"]
|
||||
set location [get_http_header $request "location"]
|
||||
::http::cleanup $request
|
||||
if {![regexp {sid=@([0-9a-zA-Z]{10})@} $location match sid]} {
|
||||
error "Too many sessions" "Service Unavailable" 503
|
||||
}
|
||||
return $sid
|
||||
}
|
||||
|
||||
proc login {username password} {
|
||||
set sid [new_session]
|
||||
|
||||
set request [::http::geturl "http://127.0.0.1/login.htm?sid=@$sid@" -query [::http::formatQuery tbUsername $username tbPassword $password]]
|
||||
set code [::http::code $request]
|
||||
set location [get_http_header $request "location"]
|
||||
::http::cleanup $request
|
||||
|
||||
if {[string first "500" $code] != -1} {
|
||||
rega_script "system.ClearSessionID(\"$sid\");"
|
||||
error "Invalid session" "Internal server error" 500
|
||||
}
|
||||
|
||||
if {[string first "error" $location] != -1} {
|
||||
rega_script "system.ClearSessionID(\"$sid\");"
|
||||
error "Invalid username oder password" "Unauthorized" 401
|
||||
}
|
||||
return $sid
|
||||
}
|
||||
|
||||
proc process {} {
|
||||
global env
|
||||
if { [info exists env(QUERY_STRING)] } {
|
||||
set query $env(QUERY_STRING)
|
||||
set path [split $query {/}]
|
||||
set sid ""
|
||||
set pairs [split $query "&"]
|
||||
foreach pair $pairs {
|
||||
if {[regexp "^(\[^=\]+)=(.*)$" $pair match varname value]} {
|
||||
if {$varname == "sid"} {
|
||||
set sid $value
|
||||
} elseif {$varname == "path"} {
|
||||
set path [split $value "/"]
|
||||
}
|
||||
}
|
||||
}
|
||||
set plen [expr [llength $path] - 1]
|
||||
|
||||
|
||||
if {[lindex $path 1] == "login"} {
|
||||
set data [read stdin $env(CONTENT_LENGTH)]
|
||||
regexp {\"username\"\s*:\s*\"([^\"]*)\"} $data match username
|
||||
regexp {\"password\"\s*:\s*\"([^\"]*)\"} $data match password
|
||||
set sid [login $username $password]
|
||||
return "\"${sid}\""
|
||||
}
|
||||
|
||||
if {![check_session $sid]} {
|
||||
error "Invalid session" "Unauthorized" 401
|
||||
}
|
||||
|
||||
if {[lindex $path 1] == "install_addon_archive"} {
|
||||
set archive_file "/tmp/uploaded_addon.tar.gz"
|
||||
catch {fconfigure stdin -translation binary}
|
||||
@ -48,7 +132,9 @@ proc process {} {
|
||||
set data [read stdin $env(CONTENT_LENGTH)]
|
||||
}
|
||||
|
||||
if {[lindex $path 1] == "version"} {
|
||||
if {[lindex $path 1] == "get_session"} {
|
||||
return "\"[get_session $sid]\""
|
||||
} elseif {[lindex $path 1] == "version"} {
|
||||
return "\"[rmupdate::version]\""
|
||||
} elseif {[lindex $path 1] == "get_firmware_info"} {
|
||||
return [rmupdate::get_firmware_info]
|
||||
@ -151,14 +237,14 @@ proc process {} {
|
||||
return [rmupdate::wlan_disconnect]
|
||||
}
|
||||
}
|
||||
error "invalid request" "Not found" 404
|
||||
error "Path not found" "Not found" 404
|
||||
}
|
||||
|
||||
variable content_type "application/json"
|
||||
|
||||
if [catch {process} result] {
|
||||
set status 500
|
||||
if { [info exists $errorCode] } {
|
||||
if { $errorCode != "NONE" } {
|
||||
set status $errorCode
|
||||
}
|
||||
puts "Content-Type: ${content_type}"
|
||||
|
Loading…
x
Reference in New Issue
Block a user