Fotobot
Get data from your photovoltaic plant
logincontroller.cpp
Go to the documentation of this file.
1 
8 #include "logincontroller.h"
9 #include <QVariant>
10 #include <QDateTime>
11 #include <QCryptographicHash>
12 #include <QDebug>
13 #include "httpsession.h"
14 #include "static.h"
15 
17  m_needs_access_data = false;
18  m_needs_change_settings = false;
19 }
20 
21 void LoginController::servicePrivate(HttpRequest& request) {
22  if(!request.getParameter("logout").isEmpty()) {
23  actionLogout(request); return;
24  } else if(request.getParameter("action").startsWith("chpw")) {
25  actionChPW(request); return;
26  }
27 
28  QByteArray retP = request.getParameter("returnPath");
29  retP = (retP.isEmpty()) ? QByteArray("/") : QByteArray::fromPercentEncoding(retP);
30 
31  QString username = request.getParameter("username");
32  QString password = request.getParameter("password");
33  QString passsha1 = QCryptographicHash::hash(password.toAscii(), QCryptographicHash::Sha1).toHex();
34  QList<DBT_USERS> users = Static::db->users(username);
35  qDebug() << username << passsha1 << password;
36  qDebug() << users.value(0).user
37  << users.value(0).password
38  << "????";
39  if (!username.isEmpty() && !users.isEmpty() &&
40  users[0].user == username &&
41  users[0].password == passsha1) {
42  // Are we logged in?
43  HttpSession session = getSession();
44  session.set("username",username);
45  if (users[0].can_access_data ) { session.set("can_access_data", true); } else { session.remove("can_access_data"); }
46  if (users[0].can_change_settings) { session.set("can_change_settings",true); } else { session.remove("can_change_settings"); }
47  redirect(QString(retP));
48  return;
49  }
50 
51  QString i ("<tr><td><label for=\"%2\">%1</label>: </td><td><input type=\"%3\" name=\"%2\" /></td></tr>\n");
52  write(tr("<h2>You have to login to this page</h2>\n")
53  + QString("<form method=\"post\"><table class=\"formTable\">\n")
54  + i.arg(tr("Username"), "username", "text")
55  + i.arg(tr("Password"), "password", "password")
56  + QString("<tr><td></td><td><input type=\"hidden\" name=\"returnPath\" value=\"%1\" />"
57  "<br/><input type=\"submit\" value=\"%2\"></td></tr>\n"
58  "</table></form>\n").arg(QString(retP.toPercentEncoding()), tr(" OK "))
59  );
60 
61  about();
62 }
63 
67 void LoginController::actionLogout(HttpRequest& request) {
68  Q_UNUSED(request);
69  HttpSession session = getSession();
70  Static::sessionStore->removeSession(session);
71  redirect("/");
72 }
73 
77 void LoginController::actionChPW(HttpRequest& request) {
78  QByteArray action = request.getParameter("action");
79  HttpSession session = getSession();
80  if(!session.contains("username")) {
81  QString location = QString("/login?message=%1").arg(percentEncode(tr("Need to log in to change password.")));
82  redirect(location);
83  }
85  write(QString("<h3>%1</h3>\n").arg(tr("Change Password")));
86  write("<form method=\"post\">\n"
87  "<input type=\"hidden\" name=\"action\" value=\"chpw2\" />\n");
88  QString pw = request.getParameter("pw");
89  write(QString("<input type=\"password\" name=\"pw\" value=\"%1\" />").arg(pw));
90  write(QString("<input type=\"submit\" value=\"%1\">\n"
91  "</form>\n").arg(tr("Change")));
92  if(action == "chpw2") {
95  if(!pw.isEmpty()) {
96  DBT_USERS user;
97  user.user = session.get("username").toString();
98  user.password = pw;
99  Static::db->saveUser(user);
100  QString location = QString("/?message=%1").arg(percentEncode(tr("Password changed.")));
101  redirect(location);
102  } else {
103  write(QString("<p>%1</p>").arg(tr("Error: Password invalid.")));
104  }
105  }
106 }
QList< DBT_USERS > users(const QString &user=QString())
Returs list of users or selected user.
Definition: database.cpp:274
static HttpSessionStore * sessionStore
Definition: static.h:57
void saveUser(QSqlDatabase &, DBT_USERS)
Updates user's info.
Definition: database.cpp:332
void actionLogout(HttpRequest &request)
void actionChPW(HttpRequest &request)
Class describing database table USERS.
void servicePrivate(HttpRequest &request)