11 #include <QCryptographicHash>
13 #include "httpsession.h"
17 m_needs_access_data =
false;
18 m_needs_change_settings =
false;
22 if(!request.getParameter(
"logout").isEmpty()) {
24 }
else if(request.getParameter(
"action").startsWith(
"chpw")) {
28 QByteArray retP = request.getParameter(
"returnPath");
29 retP = (retP.isEmpty()) ? QByteArray(
"/") : QByteArray::fromPercentEncoding(retP);
31 QString username = request.getParameter(
"username");
32 QString password = request.getParameter(
"password");
33 QString passsha1 = QCryptographicHash::hash(password.toAscii(), QCryptographicHash::Sha1).toHex();
34 QList<DBT_USERS> users = Static::db->
users(username);
35 qDebug() << username << passsha1 << password;
36 qDebug() << users.value(0).user
37 << users.value(0).password
39 if (!username.isEmpty() && !users.isEmpty() &&
40 users[0].user == username &&
41 users[0].password == passsha1) {
43 HttpSession session = getSession();
44 session.set(
"username",username);
45 if (users[0].can_access_data ) { session.set(
"can_access_data",
true); }
else { session.remove(
"can_access_data"); }
46 if (users[0].can_change_settings) { session.set(
"can_change_settings",
true); }
else { session.remove(
"can_change_settings"); }
47 redirect(QString(retP));
51 QString i (
"<tr><td><label for=\"%2\">%1</label>: </td><td><input type=\"%3\" name=\"%2\" /></td></tr>\n");
52 write(tr(
"<h2>You have to login to this page</h2>\n")
53 + QString(
"<form method=\"post\"><table class=\"formTable\">\n")
54 + i.arg(tr(
"Username"),
"username",
"text")
55 + i.arg(tr(
"Password"),
"password",
"password")
56 + QString(
"<tr><td></td><td><input type=\"hidden\" name=\"returnPath\" value=\"%1\" />"
57 "<br/><input type=\"submit\" value=\"%2\"></td></tr>\n"
58 "</table></form>\n").arg(QString(retP.toPercentEncoding()), tr(
" OK "))
69 HttpSession session = getSession();
78 QByteArray action = request.getParameter(
"action");
79 HttpSession session = getSession();
80 if(!session.contains(
"username")) {
81 QString location = QString(
"/login?message=%1").arg(percentEncode(tr(
"Need to log in to change password.")));
85 write(QString(
"<h3>%1</h3>\n").arg(tr(
"Change Password")));
86 write(
"<form method=\"post\">\n"
87 "<input type=\"hidden\" name=\"action\" value=\"chpw2\" />\n");
88 QString pw = request.getParameter(
"pw");
89 write(QString(
"<input type=\"password\" name=\"pw\" value=\"%1\" />").arg(pw));
90 write(QString(
"<input type=\"submit\" value=\"%1\">\n"
91 "</form>\n").arg(tr(
"Change")));
92 if(action ==
"chpw2") {
97 user.user = session.get(
"username").toString();
100 QString location = QString(
"/?message=%1").arg(percentEncode(tr(
"Password changed.")));
103 write(QString(
"<p>%1</p>").arg(tr(
"Error: Password invalid.")));
QList< DBT_USERS > users(const QString &user=QString())
Returs list of users or selected user.
static HttpSessionStore * sessionStore
void saveUser(QSqlDatabase &, DBT_USERS)
Updates user's info.
void actionLogout(HttpRequest &request)
void actionChPW(HttpRequest &request)
Class describing database table USERS.
void servicePrivate(HttpRequest &request)