92 lines
2.6 KiB
C++
92 lines
2.6 KiB
C++
// SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
|
|
*
|
|
* Copyright (C) 2013 - 2024, nymea GmbH
|
|
* Copyright (C) 2024 - 2025, chargebyte austria GmbH
|
|
*
|
|
* This file is part of nymea-experience-plugin-evdash.
|
|
*
|
|
* nymea-experience-plugin-evdash is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* nymea-experience-plugin-evdash is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with nymea-experience-plugin-evdash. If not, see <https://www.gnu.org/licenses/>.
|
|
*
|
|
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
|
|
|
|
#ifndef EVDASHWEBSERVERRESOURCE_H
|
|
#define EVDASHWEBSERVERRESOURCE_H
|
|
|
|
#include <QObject>
|
|
#include <QDateTime>
|
|
#include <QHash>
|
|
#include <QString>
|
|
|
|
#include <webserver/webserverresource.h>
|
|
|
|
#include "evdashengine.h"
|
|
|
|
class QJsonObject;
|
|
|
|
class EvDashWebServerResource : public WebServerResource
|
|
{
|
|
Q_OBJECT
|
|
public:
|
|
explicit EvDashWebServerResource(QObject *parent = nullptr);
|
|
|
|
HttpReply *processRequest(const HttpRequest &request) override;
|
|
|
|
// User management
|
|
QStringList usernames() const;
|
|
|
|
EvDashEngine::EvDashError addUser(const QString &username, const QString &password);
|
|
EvDashEngine::EvDashError removeUser(const QString &username);
|
|
|
|
bool validateToken(const QString &token);
|
|
|
|
signals:
|
|
void userAdded(const QString &username);
|
|
void userRemoved(const QString &username);
|
|
|
|
private:
|
|
struct TokenInfo {
|
|
QString username;
|
|
QDateTime expiresAt;
|
|
};
|
|
|
|
struct UserInfo {
|
|
QString username;
|
|
QByteArray passwordHash;
|
|
QByteArray passwordSalt;
|
|
};
|
|
|
|
static constexpr int s_tokenLifetimeSeconds = 3600;
|
|
static constexpr int s_minimalPasswordLength = 4;
|
|
|
|
QHash<QString, UserInfo> m_users;
|
|
QHash<QString, TokenInfo> m_activeTokens;
|
|
|
|
HttpReply *handleLoginRequest(const HttpRequest &request);
|
|
HttpReply *handleRefreshRequest(const HttpRequest &request);
|
|
HttpReply *redirectToIndex();
|
|
|
|
QString issueToken(const QString &username);
|
|
void purgeExpiredTokens();
|
|
|
|
bool verifyStaticFile(const QString &fileName);
|
|
|
|
bool verifyCredentials(const QString &username, const QString &password) const;
|
|
|
|
|
|
};
|
|
|
|
#endif // EVDASHWEBSERVERRESOURCE_H
|