From 8fb438238db4353ee9c2786c3ea6786ceee75a84 Mon Sep 17 00:00:00 2001 From: BlubbFish Date: Tue, 2 Apr 2019 23:32:27 +0200 Subject: [PATCH] add admin session and some resources implement login function --- Lora-Map/Lora-Map.csproj | 1 + Lora-Map/Model/Admin/AdminSession.cs | 17 ++++++++ Lora-Map/Model/Admin/Adminmodel.cs | 60 ++++++++++++++++++++++++---- Lora-Map/Server.cs | 2 +- Lora-Map/resources/admin/index.html | 11 +++++ Lora-Map/resources/admin/login.html | 15 +++++++ 6 files changed, 98 insertions(+), 8 deletions(-) create mode 100644 Lora-Map/Model/Admin/AdminSession.cs create mode 100644 Lora-Map/resources/admin/index.html create mode 100644 Lora-Map/resources/admin/login.html diff --git a/Lora-Map/Lora-Map.csproj b/Lora-Map/Lora-Map.csproj index cc670b3..b65950e 100644 --- a/Lora-Map/Lora-Map.csproj +++ b/Lora-Map/Lora-Map.csproj @@ -46,6 +46,7 @@ + diff --git a/Lora-Map/Model/Admin/AdminSession.cs b/Lora-Map/Model/Admin/AdminSession.cs new file mode 100644 index 0000000..42c7993 --- /dev/null +++ b/Lora-Map/Model/Admin/AdminSession.cs @@ -0,0 +1,17 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; + +namespace Fraunhofer.Fit.IoT.LoraMap.Model.Admin { + class AdminSession { + public Boolean IsLoggedin { get; internal set; } + public static Int64 GetRandomSessionid() { + Byte[] buf = new Byte[8]; + Random rand = new Random(); + rand.NextBytes(buf); + return BitConverter.ToInt64(buf, 0); + } + } +} diff --git a/Lora-Map/Model/Admin/Adminmodel.cs b/Lora-Map/Model/Admin/Adminmodel.cs index 3777591..cb3cff5 100644 --- a/Lora-Map/Model/Admin/Adminmodel.cs +++ b/Lora-Map/Model/Admin/Adminmodel.cs @@ -1,27 +1,73 @@ using System; using System.Collections.Generic; -using System.Linq; using System.Net; -using System.Text; -using System.Threading.Tasks; +using BlubbFish.Utils; using BlubbFish.Utils.IoT.Bots; namespace Fraunhofer.Fit.IoT.LoraMap.Model.Admin { class AdminModel { + private readonly Dictionary session = new Dictionary(); public Boolean ParseReuqest(HttpListenerContext cont) { - //cont.Request.Url.PathAndQuery = + if(cont.Request.Url.PathAndQuery == "/admin/login") { + return this.Login(cont); + } if(!this.CheckAuth(cont)) { return false; } - return Webserver.SendFileResponse(cont, "admin"); + return Webserver.SendFileResponse(cont); + } + + private Boolean Login(HttpListenerContext cont) { + Dictionary POST = Webserver.GetPostParams(cont.Request); + if(POST.ContainsKey("user") && POST["user"] == "admin" && + POST.ContainsKey("pass") && POST["pass"] == "password") { + Int64 sessionid = 0; + while(true) { + sessionid = AdminSession.GetRandomSessionid(); + if(!this.session.ContainsKey(sessionid)) { + break; + } + } + if(cont.Request.Cookies["loramapsession"] != null) { + if(Int64.TryParse(cont.Request.Cookies["loramapsession"].Value, out Int64 cookiesessionid)) { + if(this.session.ContainsKey(cookiesessionid)) { + if(!this.session[sessionid].IsLoggedin) { + sessionid = cookiesessionid; + } + } + } + } + if(!this.session.ContainsKey(sessionid)) { + this.session.Add(sessionid, new AdminSession()); + } + this.session[sessionid].IsLoggedin = true; + cont.Response.AppendCookie(new Cookie("loramapsession", sessionid.ToString()) { + Expires = DateTime.Now.AddYears(1) + }); + cont.Response.AddHeader("Location", "/admin"); + cont.Response.StatusCode = 307; + Console.WriteLine("200 - Login OK! " + cont.Request.Url.PathAndQuery); + return true; + } + cont.Response.AddHeader("Location", "/admin/login.html"); + cont.Response.StatusCode = 307; + Helper.WriteError("307 - Login WRONG! " + cont.Request.Url.PathAndQuery); + return false; } private Boolean CheckAuth(HttpListenerContext cont) { - if(cont.Request.Url.PathAndQuery.StartsWith("/admin/login")) { + if(cont.Request.Url.PathAndQuery.StartsWith("/admin/login.html")) { return true; - } else if(cont.Request.Url.PathAndQuery.StartsWith("/admin/logout")) { } else { + if(cont.Request.Cookies["loramapsession"] != null) { + if(Int64.TryParse(cont.Request.Cookies["loramapsession"].Value, out Int64 sessionid)) { + if(this.session.ContainsKey(sessionid)) { + return this.session[sessionid].IsLoggedin; + } + } + } cont.Response.StatusCode = 403; + Helper.WriteError("403 - " + cont.Request.Url.PathAndQuery); } return false; } diff --git a/Lora-Map/Server.cs b/Lora-Map/Server.cs index e814281..db7b031 100644 --- a/Lora-Map/Server.cs +++ b/Lora-Map/Server.cs @@ -74,7 +74,7 @@ namespace Fraunhofer.Fit.IoT.LoraMap { cont.Response.StatusCode = 500; return false; } - return SendFileResponse(cont, "resources"); + return SendFileResponse(cont); } } } \ No newline at end of file diff --git a/Lora-Map/resources/admin/index.html b/Lora-Map/resources/admin/index.html new file mode 100644 index 0000000..2ac7b38 --- /dev/null +++ b/Lora-Map/resources/admin/index.html @@ -0,0 +1,11 @@ + + + + + + + + + ADMIN + + \ No newline at end of file diff --git a/Lora-Map/resources/admin/login.html b/Lora-Map/resources/admin/login.html new file mode 100644 index 0000000..495f3ab --- /dev/null +++ b/Lora-Map/resources/admin/login.html @@ -0,0 +1,15 @@ + + + + + + + + +
+ U:
+ P:
+ +
+ + \ No newline at end of file