2023-12-30 22:42:11 +00:00
|
|
|
//SPDX-FileCopyrightText: 2023 Yury Gubich <blue@macaw.me>
|
|
|
|
|
//SPDX-License-Identifier: GPL-3.0-or-later
|
2023-12-10 23:23:15 +00:00
|
|
|
|
2023-11-21 22:19:08 +00:00
|
|
|
#include "server.h"
|
|
|
|
|
|
2023-12-20 22:42:13 +00:00
|
|
|
#include <random>
|
|
|
|
|
|
2023-12-28 20:26:08 +00:00
|
|
|
#include "database/exceptions.h"
|
|
|
|
|
|
2023-12-13 20:33:11 +00:00
|
|
|
#include "handler/info.h"
|
|
|
|
|
#include "handler/env.h"
|
2023-12-14 22:17:28 +00:00
|
|
|
#include "handler/register.h"
|
2023-12-22 23:25:20 +00:00
|
|
|
#include "handler/login.h"
|
2024-01-09 17:02:56 +00:00
|
|
|
#include "handler/poll.h"
|
2024-01-12 23:39:41 +00:00
|
|
|
#include "handler/listassets.h"
|
|
|
|
|
#include "handler/addasset.h"
|
2024-01-21 19:23:48 +00:00
|
|
|
#include "handler/deleteasset.h"
|
2024-01-22 18:21:55 +00:00
|
|
|
#include "handler/mycurrencies.h"
|
2023-12-13 20:33:11 +00:00
|
|
|
|
2023-12-30 22:42:11 +00:00
|
|
|
#include "taskmanager/route.h"
|
|
|
|
|
|
2023-12-20 22:42:13 +00:00
|
|
|
constexpr const char* pepper = "well, not much of a secret, huh?";
|
2023-12-29 17:40:00 +00:00
|
|
|
constexpr const char* dbLogin = "pica";
|
|
|
|
|
constexpr const char* dbPassword = "pica";
|
|
|
|
|
constexpr const char* dbName = "pica";
|
|
|
|
|
constexpr const char* dbPath = "/run/mysqld/mysqld.sock";
|
|
|
|
|
constexpr uint8_t dbConnectionsCount = 4;
|
2024-01-09 17:02:56 +00:00
|
|
|
constexpr uint32_t pollTimout = 10000;
|
2023-12-28 20:26:08 +00:00
|
|
|
|
2023-12-23 20:23:38 +00:00
|
|
|
constexpr const char* randomChars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
|
2023-12-20 22:42:13 +00:00
|
|
|
constexpr uint8_t saltSize = 16;
|
|
|
|
|
constexpr uint8_t hashSize = 32;
|
|
|
|
|
constexpr uint8_t hashParallel = 1;
|
|
|
|
|
constexpr uint8_t hashIterations = 2;
|
|
|
|
|
constexpr uint32_t hashMemoryCost = 65536;
|
2023-12-10 23:23:15 +00:00
|
|
|
|
2023-12-28 20:26:08 +00:00
|
|
|
constexpr uint8_t currentDbVesion = 1;
|
|
|
|
|
|
2024-01-12 23:39:41 +00:00
|
|
|
Server::Server ():
|
2023-12-30 22:42:11 +00:00
|
|
|
std::enable_shared_from_this<Server>(),
|
2023-11-21 22:19:08 +00:00
|
|
|
terminating(false),
|
|
|
|
|
requestCount(0),
|
2023-11-23 19:57:32 +00:00
|
|
|
serverName(std::nullopt),
|
2023-12-30 22:42:11 +00:00
|
|
|
router(std::make_shared<Router>()),
|
2023-12-29 17:40:00 +00:00
|
|
|
pool(DB::Pool::create()),
|
2023-12-30 22:42:11 +00:00
|
|
|
taskManager(std::make_shared<TM::Manager>()),
|
2023-12-31 17:10:04 +00:00
|
|
|
scheduler(std::make_shared<TM::Scheduler>(taskManager)),
|
2023-12-23 20:23:38 +00:00
|
|
|
sessions()
|
2023-11-23 19:57:32 +00:00
|
|
|
{
|
2023-12-07 20:32:43 +00:00
|
|
|
std::cout << "Startig pica..." << std::endl;
|
|
|
|
|
std::cout << "Database type: MySQL" << std::endl;
|
2023-12-29 17:40:00 +00:00
|
|
|
pool->addInterfaces(
|
|
|
|
|
DB::Interface::Type::mysql,
|
|
|
|
|
dbConnectionsCount,
|
|
|
|
|
dbLogin,
|
|
|
|
|
dbPassword,
|
|
|
|
|
dbName,
|
|
|
|
|
dbPath
|
|
|
|
|
);
|
2023-12-07 20:32:43 +00:00
|
|
|
|
2023-12-29 17:40:00 +00:00
|
|
|
DB::Resource db = pool->request();
|
2023-12-07 20:47:15 +00:00
|
|
|
|
2023-12-11 23:29:55 +00:00
|
|
|
db->migrate(currentDbVesion);
|
2023-11-23 19:57:32 +00:00
|
|
|
}
|
2023-11-21 22:19:08 +00:00
|
|
|
|
2024-01-12 23:39:41 +00:00
|
|
|
Server::~Server () {}
|
2023-11-21 22:19:08 +00:00
|
|
|
|
2024-01-12 23:39:41 +00:00
|
|
|
void Server::run (int socketDescriptor) {
|
2024-01-22 18:21:55 +00:00
|
|
|
std::shared_ptr<Server> srv = shared_from_this();
|
|
|
|
|
|
2023-12-30 22:42:11 +00:00
|
|
|
router->addRoute(std::make_unique<Handler::Info>());
|
|
|
|
|
router->addRoute(std::make_unique<Handler::Env>());
|
2024-01-22 18:21:55 +00:00
|
|
|
router->addRoute(std::make_unique<Handler::Register>(srv));
|
|
|
|
|
router->addRoute(std::make_unique<Handler::Login>(srv));
|
|
|
|
|
router->addRoute(std::make_unique<Handler::Poll>(srv));
|
|
|
|
|
router->addRoute(std::make_unique<Handler::ListAssets>(srv));
|
|
|
|
|
router->addRoute(std::make_unique<Handler::AddAsset>(srv));
|
|
|
|
|
router->addRoute(std::make_unique<Handler::DeleteAsset>(srv));
|
|
|
|
|
router->addRoute(std::make_unique<Handler::MyCurrencies>(srv));
|
2023-12-30 22:42:11 +00:00
|
|
|
|
|
|
|
|
taskManager->start();
|
2023-12-31 17:10:04 +00:00
|
|
|
scheduler->start();
|
|
|
|
|
|
2023-11-21 22:19:08 +00:00
|
|
|
while (!terminating) {
|
|
|
|
|
std::unique_ptr<Request> request = std::make_unique<Request>();
|
|
|
|
|
bool result = request->wait(socketDescriptor);
|
|
|
|
|
if (!result) {
|
|
|
|
|
std::cerr << "Error accepting a request" << std::endl;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
handleRequest(std::move(request));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-01-12 23:39:41 +00:00
|
|
|
void Server::handleRequest (std::unique_ptr<Request> request) {
|
2023-11-21 22:19:08 +00:00
|
|
|
++requestCount;
|
|
|
|
|
if (!serverName) {
|
|
|
|
|
try {
|
|
|
|
|
serverName = request->getServerName();
|
|
|
|
|
std::cout << "received server name " << serverName.value() << std::endl;
|
|
|
|
|
} catch (...) {
|
|
|
|
|
std::cerr << "failed to read server name" << std::endl;
|
2023-12-22 23:25:20 +00:00
|
|
|
Response& error = request->createResponse(Response::Status::internalError);
|
2023-12-13 20:33:11 +00:00
|
|
|
error.send();
|
2023-11-21 22:19:08 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-12-28 20:26:08 +00:00
|
|
|
request->readPath(serverName.value());
|
2023-12-30 22:42:11 +00:00
|
|
|
|
|
|
|
|
auto route = std::make_unique<TM::Route>(router, std::move(request));
|
|
|
|
|
taskManager->schedule(std::move(route));
|
2023-11-23 19:57:32 +00:00
|
|
|
}
|
2023-12-20 22:42:13 +00:00
|
|
|
|
2024-01-12 23:39:41 +00:00
|
|
|
std::string Server::generateRandomString (std::size_t length) {
|
2023-12-20 22:42:13 +00:00
|
|
|
std::random_device rd;
|
|
|
|
|
std::mt19937 gen(rd());
|
2023-12-23 20:23:38 +00:00
|
|
|
std::uniform_int_distribution<uint8_t> distribution(0, std::strlen(randomChars) - 1);
|
2023-12-20 22:42:13 +00:00
|
|
|
|
|
|
|
|
std::string result(length, 0);
|
|
|
|
|
for (size_t i = 0; i < length; ++i)
|
|
|
|
|
result[i] = randomChars[distribution(gen)];
|
|
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2024-01-12 23:39:41 +00:00
|
|
|
unsigned int Server::registerAccount (const std::string& login, const std::string& password) {
|
2023-12-20 22:42:13 +00:00
|
|
|
std::size_t encSize = argon2_encodedlen(
|
|
|
|
|
hashIterations, hashMemoryCost,
|
|
|
|
|
hashParallel, saltSize, hashSize, Argon2_id
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
std::string hash(encSize, 0);
|
|
|
|
|
std::string salt = generateRandomString(saltSize);
|
|
|
|
|
std::string spiced = password + pepper;
|
|
|
|
|
|
|
|
|
|
int result = argon2id_hash_encoded(
|
|
|
|
|
hashIterations, hashMemoryCost, hashParallel,
|
|
|
|
|
spiced.data(), spiced.size(),
|
|
|
|
|
salt.data(), saltSize,
|
|
|
|
|
hashSize, hash.data(), encSize
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (result != ARGON2_OK)
|
|
|
|
|
throw std::runtime_error(std::string("Hashing failed: ") + argon2_error_message(result));
|
|
|
|
|
|
2023-12-29 17:40:00 +00:00
|
|
|
DB::Resource db = pool->request();
|
2023-12-20 22:42:13 +00:00
|
|
|
return db->registerAccount(login, hash);
|
|
|
|
|
}
|
2023-12-22 23:25:20 +00:00
|
|
|
|
2024-01-12 23:39:41 +00:00
|
|
|
bool Server::validatePassword (const std::string& login, const std::string& password) {
|
2023-12-29 17:40:00 +00:00
|
|
|
DB::Resource db = pool->request();
|
2023-12-22 23:25:20 +00:00
|
|
|
std::string hash = db->getAccountHash(login);
|
|
|
|
|
|
|
|
|
|
std::string spiced = password + pepper;
|
|
|
|
|
int result = argon2id_verify(hash.data(), spiced.data(), spiced.size());
|
|
|
|
|
|
|
|
|
|
switch (result) {
|
|
|
|
|
case ARGON2_OK:
|
|
|
|
|
return true;
|
|
|
|
|
case ARGON2_VERIFY_MISMATCH:
|
|
|
|
|
return false;
|
|
|
|
|
default:
|
|
|
|
|
throw std::runtime_error(std::string("Failed to verify password: ") + argon2_error_message(result));
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-12-23 20:23:38 +00:00
|
|
|
|
2024-01-12 23:39:41 +00:00
|
|
|
Session& Server::openSession (const std::string& login) {
|
2023-12-28 20:26:08 +00:00
|
|
|
std::string accessToken, renewToken;
|
2024-01-11 21:33:46 +00:00
|
|
|
DB::Session s;
|
|
|
|
|
s.id = 0;
|
2023-12-28 20:26:08 +00:00
|
|
|
int counter = 10;
|
|
|
|
|
do {
|
|
|
|
|
try {
|
|
|
|
|
accessToken = generateRandomString(32);
|
|
|
|
|
renewToken = generateRandomString(32);
|
2023-12-29 17:40:00 +00:00
|
|
|
DB::Resource db = pool->request();
|
2024-01-11 21:33:46 +00:00
|
|
|
s = db->createSession(login, accessToken, renewToken);
|
2023-12-28 20:26:08 +00:00
|
|
|
break;
|
2023-12-29 17:40:00 +00:00
|
|
|
} catch (const DB::Duplicate& e) {
|
2023-12-28 20:26:08 +00:00
|
|
|
std::cout << "Duplicate on creating session, trying again with different tokens";
|
|
|
|
|
}
|
|
|
|
|
} while (--counter != 0);
|
|
|
|
|
|
2024-01-11 21:33:46 +00:00
|
|
|
if (s.id == 0)
|
2023-12-28 20:26:08 +00:00
|
|
|
throw std::runtime_error("Couldn't create session, ran out of attempts");
|
2023-12-23 20:23:38 +00:00
|
|
|
|
2024-01-09 17:02:56 +00:00
|
|
|
std::unique_ptr<Session>& session = sessions[accessToken]
|
2024-01-11 21:33:46 +00:00
|
|
|
= std::make_unique<Session>(scheduler, s.id, s.owner, s.accessToken, s.renewToken, pollTimout);
|
2024-01-03 22:20:01 +00:00
|
|
|
return *session.get();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Session& Server::getSession (const std::string& accessToken) {
|
|
|
|
|
Sessions::const_iterator itr = sessions.find(accessToken);
|
|
|
|
|
if (itr != sessions.end())
|
|
|
|
|
return *(itr->second);
|
|
|
|
|
|
|
|
|
|
DB::Resource db = pool->request();
|
|
|
|
|
DB::Session s = db->findSession(accessToken);
|
|
|
|
|
std::unique_ptr<Session>& session = sessions[accessToken] = std::make_unique<Session>(
|
|
|
|
|
scheduler,
|
|
|
|
|
s.id,
|
2024-01-11 21:33:46 +00:00
|
|
|
s.owner,
|
2024-01-03 22:20:01 +00:00
|
|
|
s.accessToken,
|
2024-01-09 17:02:56 +00:00
|
|
|
s.renewToken,
|
|
|
|
|
pollTimout
|
2024-01-03 22:20:01 +00:00
|
|
|
);
|
2023-12-23 20:23:38 +00:00
|
|
|
return *session.get();
|
|
|
|
|
}
|
2024-01-12 23:39:41 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
DB::Resource Server::getDatabase () {
|
|
|
|
|
return pool->request();
|
|
|
|
|
}
|
