add admin session and some resources

implement login function
2019-04-02 23:32:27 +02:00 · 2019-04-02 23:32:27 +02:00 · 8fb438238d
commit 8fb438238d
parent b19a32c569
6 changed files with 98 additions and 8 deletions
--- a/Lora-Map/Lora-Map.csproj
+++ b/Lora-Map/Lora-Map.csproj
@ -46,6 +46,7 @@
  </ItemGroup>
  <ItemGroup>
    <Compile Include="Model\Admin\AdminModel.cs" />
+    <Compile Include="Model\Admin\AdminSession.cs" />
    <Compile Include="Model\Marker.cs" />
    <Compile Include="Model\AlarmItem.cs" />
    <Compile Include="Server.cs" />
--- a/Lora-Map/Model/Admin/AdminSession.cs
+++ b/Lora-Map/Model/Admin/AdminSession.cs
@ -0,0 +1,17 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Fraunhofer.Fit.IoT.LoraMap.Model.Admin {
+  class AdminSession {
+    public Boolean IsLoggedin { get; internal set; }
+    public static Int64 GetRandomSessionid() {
+      Byte[] buf = new Byte[8];
+      Random rand = new Random();
+      rand.NextBytes(buf);
+      return BitConverter.ToInt64(buf, 0);
+    }
+  }
+}
--- a/Lora-Map/Model/Admin/Adminmodel.cs
+++ b/Lora-Map/Model/Admin/Adminmodel.cs
@ -1,27 +1,73 @@
 using System;
 using System.Collections.Generic;
-using System.Linq;
 using System.Net;
-using System.Text;
-using System.Threading.Tasks;
+using BlubbFish.Utils;
 using BlubbFish.Utils.IoT.Bots;

 namespace Fraunhofer.Fit.IoT.LoraMap.Model.Admin {
  class AdminModel {
+    private readonly Dictionary<Int64, AdminSession> session = new Dictionary<Int64, AdminSession>();
    public Boolean ParseReuqest(HttpListenerContext cont) {
-      //cont.Request.Url.PathAndQuery = 
+      if(cont.Request.Url.PathAndQuery == "/admin/login") {
+        return this.Login(cont);
+      }
      if(!this.CheckAuth(cont)) {
        return false;
      }
-      return Webserver.SendFileResponse(cont, "admin");
+      return Webserver.SendFileResponse(cont);
+    }
+
+    private Boolean Login(HttpListenerContext cont) {
+      Dictionary<String, String> POST = Webserver.GetPostParams(cont.Request);
+      if(POST.ContainsKey("user") && POST["user"] == "admin" &&
+        POST.ContainsKey("pass") && POST["pass"] == "password") {
+        Int64 sessionid = 0;
+        while(true) {
+          sessionid = AdminSession.GetRandomSessionid();
+          if(!this.session.ContainsKey(sessionid)) {
+            break;
+          }
+        }
+        if(cont.Request.Cookies["loramapsession"] != null) {
+          if(Int64.TryParse(cont.Request.Cookies["loramapsession"].Value, out Int64 cookiesessionid)) {
+            if(this.session.ContainsKey(cookiesessionid)) {
+              if(!this.session[sessionid].IsLoggedin) {
+                sessionid = cookiesessionid;
+              }
+            }
+          }
+        }
+        if(!this.session.ContainsKey(sessionid)) {
+          this.session.Add(sessionid, new AdminSession());
+        }
+        this.session[sessionid].IsLoggedin = true;
+        cont.Response.AppendCookie(new Cookie("loramapsession", sessionid.ToString()) {
+          Expires = DateTime.Now.AddYears(1)
+        });
+        cont.Response.AddHeader("Location", "/admin");
+        cont.Response.StatusCode = 307;
+        Console.WriteLine("200 - Login OK! " + cont.Request.Url.PathAndQuery);
+        return true;
+      }
+      cont.Response.AddHeader("Location", "/admin/login.html");
+      cont.Response.StatusCode = 307;
+      Helper.WriteError("307 - Login WRONG! " + cont.Request.Url.PathAndQuery);
+      return false;
    }

    private Boolean CheckAuth(HttpListenerContext cont) {
-      if(cont.Request.Url.PathAndQuery.StartsWith("/admin/login")) {
+      if(cont.Request.Url.PathAndQuery.StartsWith("/admin/login.html")) {
        return true;
-      } else if(cont.Request.Url.PathAndQuery.StartsWith("/admin/logout")) {
      } else {
+        if(cont.Request.Cookies["loramapsession"] != null) {
+          if(Int64.TryParse(cont.Request.Cookies["loramapsession"].Value, out Int64 sessionid)) {
+            if(this.session.ContainsKey(sessionid)) {
+              return this.session[sessionid].IsLoggedin;
+            }
+          }
+        }
        cont.Response.StatusCode = 403;
+        Helper.WriteError("403 - " + cont.Request.Url.PathAndQuery);
      }
      return false;
    }
--- a/Lora-Map/Server.cs
+++ b/Lora-Map/Server.cs
@ -74,7 +74,7 @@ namespace Fraunhofer.Fit.IoT.LoraMap {
        cont.Response.StatusCode = 500;
        return false;
      }
-      return SendFileResponse(cont, "resources");
+      return SendFileResponse(cont);
    }
  }
 }
--- a/Lora-Map/resources/admin/index.html
+++ b/Lora-Map/resources/admin/index.html
@ -0,0 +1,11 @@
+<!DOCTYPE html>
+
+<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta charset="utf-8" />
+    <title></title>
+</head>
+<body>
+  ADMIN
+</body>
+</html>
--- a/Lora-Map/resources/admin/login.html
+++ b/Lora-Map/resources/admin/login.html
@ -0,0 +1,15 @@
+<!DOCTYPE html>
+
+<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <meta charset="utf-8" />
+    <title></title>
+</head>
+<body>
+  <form method="post" action="/admin/login">
+    U:<input name='user'><br>
+    P:<input type='password' name='pass'><br>
+    <input type='submit'>
+  </form>
+</body>
+</html>