blue/pica
1
0
Fork 1
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity

password hash cheching

Browse source
This commit is contained in:
Blue 2023-12-22 20:25:20 -03:00
parent 99a9fd507e
commit 534c282226
Signed by: blue
GPG key ID: 9B203B252A63EE38
25 changed files with 390 additions and 84 deletions
Download patch file Download diff file Expand all files Collapse all files

14
server/router.cpp
View file

@ -50,29 +50,29 @@ void Router::route(const std::string& path, std::unique_ptr<Request> request) {
if (request->currentState() != Request::State::responded)
handleInternalError(path, std::runtime_error("handler failed to handle the request"), std::move(request));
else
std::cout << "Success:\t" << path << std::endl;
std::cout << request->responseCode() << '\t' << request->methodName() << '\t' << path << std::endl;
} catch (const std::exception& e) {
handleInternalError(path, e, std::move(request));
}
}
void Router::handleNotFound(const std::string& path, std::unique_ptr<Request> request) {
Response notFound(*request.get(), Response::Status::notFound);
Response& notFound = request->createResponse(Response::Status::notFound);
notFound.setBody(std::string("Path \"") + path + "\" was not found");
notFound.send();
std::cerr << "Not found:\t" << path << std::endl;
std::cerr << notFound.statusCode() << '\t' << request->methodName() << '\t' << path << std::endl;
}
void Router::handleInternalError(const std::string& path, const std::exception& exception, std::unique_ptr<Request> request) {
Response error(*request.get(), Response::Status::internalError);
Response& error = request->createResponse(Response::Status::internalError);
error.setBody(std::string(exception.what()));
error.send();
std::cerr << "Internal error:\t" << path << "\n\t" << exception.what() << std::endl;
std::cerr << error.statusCode() << '\t' << request->methodName() << '\t' << path << std::endl;
}
void Router::handleMethodNotAllowed(const std::string& path, std::unique_ptr<Request> request) {
Response error(*request.get(), Response::Status::methodNotAllowed);
Response& error = request->createResponse(Response::Status::methodNotAllowed);
error.setBody(std::string("Method not allowed"));
error.send();
std::cerr << "Method not allowed:\t" << path << std::endl;
std::cerr << error.statusCode() << '\t' << request->methodName() << '\t' << path << std::endl;
}

20
server/server.cpp
View file

@ -8,6 +8,7 @@
#include "handler/info.h"
#include "handler/env.h"
#include "handler/register.h"
#include "handler/login.h"
constexpr const char* pepper = "well, not much of a secret, huh?";
constexpr uint8_t currentDbVesion = 1;
@ -39,6 +40,7 @@ Server::Server():
router.addRoute(std::make_unique<Handler::Info>());
router.addRoute(std::make_unique<Handler::Env>());
router.addRoute(std::make_unique<Handler::Register>(this));
router.addRoute(std::make_unique<Handler::Login>(this));
}
Server::~Server() {}
@ -63,7 +65,7 @@ void Server::handleRequest(std::unique_ptr<Request> request) {
std::cout << "received server name " << serverName.value() << std::endl;
} catch (...) {
std::cerr << "failed to read server name" << std::endl;
Response error(*request.get(), Response::Status::internalError);
Response& error = request->createResponse(Response::Status::internalError);
error.send();
return;
}
@ -107,3 +109,19 @@ unsigned int Server::registerAccount(const std::string& login, const std::string
return db->registerAccount(login, hash);
}
bool Server::validatePassword(const std::string& login, const std::string& password) {
std::string hash = db->getAccountHash(login);
std::string spiced = password + pepper;
int result = argon2id_verify(hash.data(), spiced.data(), spiced.size());
switch (result) {
case ARGON2_OK:
return true;
case ARGON2_VERIFY_MISMATCH:
return false;
default:
throw std::runtime_error(std::string("Failed to verify password: ") + argon2_error_message(result));
}
}

1
server/server.h
View file

@ -32,6 +32,7 @@ public:
void run(int socketDescriptor);
unsigned int registerAccount(const std::string& login, const std::string& password);
bool validatePassword(const std::string& login, const std::string& password);
private:
void handleRequest(std::unique_ptr<Request> request);