From 3e94e0e22e666ae4c9da342d873530d1c867ec1d Mon Sep 17 00:00:00 2001 From: kdeng00 Date: Mon, 19 Aug 2019 22:19:47 -0400 Subject: [PATCH] Left some TODO's. Next thing is to check if the token is valid --- CMakeLists.txt | 7 ++++- include/token_manager.h | 4 +++ include/types/scopes.h | 10 ++++++++ src/controller/loginController.hpp | 7 ++--- src/controller/songController.hpp | 41 ++++++++++++++---------------- src/dto/loginResultDto.hpp | 5 +++- src/token_manager.cpp | 12 +++++++++ 7 files changed, 59 insertions(+), 27 deletions(-) create mode 100644 include/types/scopes.h diff --git a/CMakeLists.txt b/CMakeLists.txt index d9a6e09..e771f40 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -26,6 +26,7 @@ set(HEADERS include/metadata_retriever.h include/models.h include/token_manager.h + include/types/scopes.h ) set (TAGLIB @@ -57,6 +58,10 @@ set(TAGLIB_HEADERS "${CMAKE_SOURCE_DIR}/3rdparty/taglib/taglib/xm" ) +set(JWT_CPP_INCLUDE + ${CMAKE_CURRENT_SOURCE_DIR}/3rdparty/jwt-cpp/include +) + set (ORM_DIR ${CMAKE_CURRENT_SOURCE_DIR}/3rdparty/ormpp ) @@ -75,5 +80,5 @@ configure_file(${CMAKE_CURRENT_SOURCE_DIR}/authcredentials.json ${CMAKE_BINARY_D configure_file(${CMAKE_CURRENT_SOURCE_DIR}/database.json ${CMAKE_BINARY_DIR}/bin/database.json COPYONLY) add_executable(icarus ${SOURCES} ${HEADERS}) -target_include_directories(icarus PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/3rdparty/jwt-cpp/include) +target_include_directories(icarus PUBLIC ${JWT_CPP_INCLUDE}) target_link_libraries(icarus "-lstdc++fs" tag oatpp mysqlclient ${CONAN_LIBS} ${CPR_LIBRARIES}) diff --git a/include/token_manager.h b/include/token_manager.h index 4d7b80b..4b15d49 100644 --- a/include/token_manager.h +++ b/include/token_manager.h @@ -1,9 +1,11 @@ #ifndef TOKEN_MANAGER_H_ #define TOKEN_MANAGER_H_ +#include #include #include "models.h" +#include "types/scopes.h" class token_manager { @@ -12,6 +14,8 @@ public: loginResult retrieve_token(); loginResult retrieve_token(std::string_view); + + bool is_token_valid(std::string&, Scope); private: auth_credentials parse_auth_credentials(std::string_view); }; diff --git a/include/types/scopes.h b/include/types/scopes.h new file mode 100644 index 0000000..c95fd1c --- /dev/null +++ b/include/types/scopes.h @@ -0,0 +1,10 @@ +#ifndef SCOPES_H_ +#define SCOPES_H_ + +enum class Scope +{ + upload = 0, + download +}; + +#endif diff --git a/src/controller/loginController.hpp b/src/controller/loginController.hpp index a8f6c2b..7c9e7ee 100644 --- a/src/controller/loginController.hpp +++ b/src/controller/loginController.hpp @@ -29,15 +29,16 @@ public: { OATPP_LOGI("icarus", "logging in"); - std::cout << "user: " << usr->username->c_str() << std::endl; - token_manager tok; auto token = tok.retrieve_token(exe_path); auto logRes = loginResultDto::createShared(); - logRes->access_token = token.access_token.c_str(); + logRes->id = 0; // TODO: change this later on to something meaningful + logRes->username = usr->username->c_str(); + logRes->token = token.access_token.c_str(); logRes->token_type = token.token_type.c_str(); logRes->expiration = token.expiration; + logRes->message = "Successful"; return createDtoResponse(Status::CODE_200, logRes); } diff --git a/src/controller/songController.hpp b/src/controller/songController.hpp index ba4b780..82d26e7 100644 --- a/src/controller/songController.hpp +++ b/src/controller/songController.hpp @@ -15,6 +15,8 @@ #include "managers/song_manager.h" #include "models.h" +#include "token_manager.h" +#include "types/scopes.h" class songController : public oatpp::web::server::api::ApiController { @@ -30,6 +32,20 @@ public: ENDPOINT("POST", "/api/v1/song/data", songUpload, REQUEST(std::shared_ptr, request)) { + auto authHeader = request->getHeader("Authorization"); + + OATPP_ASSERT_HTTP(authHeader, Status::CODE_403, "Nope"); + + auto auth = authHeader->std_str(); + + std::cout << "auth " << auth << std::endl; + + token_manager tok; + if (!tok.is_token_valid(auth, Scope::upload)) { + // TODO: prevent user from moving forward + // token did not have the specified scope (permission) + } + auto mp = std::make_shared(request->getHeaders()); oatpp::web::mime::multipart::Reader mp_reader(mp.get()); @@ -43,35 +59,16 @@ public: OATPP_ASSERT_HTTP(file, Status::CODE_400, "file is null"); auto stream = file->getInputStream(); - //char *buff = new char[file->getKnownSize()]; auto buff = std::unique_ptr(new char[file->getKnownSize()]); - //std::vector buff; - //buff.reserve(file->getKnownSize()); - //std::string buff; - //std::vector buff; - auto buffSize = stream->read(buff.get(), file->getKnownSize()-1); - //auto buffSize = stream->read(&buff[0], file->getKnownSize()-1); - std::cout << "buff size " << buffSize << std::endl; - /** - std::cout << "buff " << buff << std::endl; - //std::cout << stream.get() << std::endl; - */ + auto buffSize = stream->read(buff.get(), file->getKnownSize()); + std::vector data(buff.get(), buff.get() + buffSize); - std::cout << "size of data " << data.size() << std::endl; Song sng; sng.data = std::move(data); - //sng.data = std::move(buff); - //std::cout << "data buff " << sng.data << std::endl; - std::cout << "data size " << sng.data.size() << std::endl; + song_manager s_mgr(exe_path); s_mgr.saveSong(sng); - /* */ - - //std::string fileStr = file->getInMemoryData()->c_str(); - //std::cout << fileStr << std::endl; - //std::cout << "known size " << file->getKnownSize() << std::endl; - //std::cout << "size " << fileStr.size() << std::endl; return createResponse(Status::CODE_200, "OK"); } diff --git a/src/dto/loginResultDto.hpp b/src/dto/loginResultDto.hpp index a43ec02..935bbc7 100644 --- a/src/dto/loginResultDto.hpp +++ b/src/dto/loginResultDto.hpp @@ -10,9 +10,12 @@ class loginResultDto : public oatpp::data::mapping::type::Object { DTO_INIT(loginResultDto, Object) - DTO_FIELD(String, access_token); + DTO_FIELD(Int32, id); + DTO_FIELD(String, username); + DTO_FIELD(String, token); DTO_FIELD(String, token_type); DTO_FIELD(Int32, expiration); + DTO_FIELD(String, message); }; class userDto : public oatpp::data::mapping::type::Object diff --git a/src/token_manager.cpp b/src/token_manager.cpp index 73aab95..c8c4299 100644 --- a/src/token_manager.cpp +++ b/src/token_manager.cpp @@ -55,6 +55,18 @@ loginResult token_manager::retrieve_token(std::string_view path) return lr; } +bool token_manager::is_token_valid(std::string& auth, Scope scope) +{ + switch (scope) { + case Scope::upload: + break; + default: + break; + } + + return true; +} + auth_credentials token_manager::parse_auth_credentials(std::string_view path) { auto exe_path = fs::canonical(path).parent_path().string();