Fawkes API Fawkes Development Version
user_verifier.cpp
1
2/***************************************************************************
3 * user_verifier.cpp - Webview user verifier
4 *
5 * Created: Mon Jan 24 18:43:47 2011
6 * Copyright 2006-2011 Tim Niemueller [www.niemueller.de]
7 *
8 ****************************************************************************/
9
10/* This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU Library General Public License for more details.
19 *
20 * Read the full text in the LICENSE.GPL file in the doc directory.
21 */
22
23#include "user_verifier.h"
24
25#include <config/config.h>
26#include <core/exception.h>
27#include <logging/logger.h>
28
29#include <string>
30#ifdef HAVE_CRYPT
31# ifdef __USE_GNU
32# include <crypt.h>
33# else
34# include <unistd.h>
35# endif
36#endif
37#ifdef HAVE_APR_UTIL
38# include <apr_md5.h>
39#endif
40using namespace fawkes;
41
42/** @class WebviewUserVerifier "user_verifier.h"
43 * Webview user verification.
44 * Verifies users against entries in the configuration database.
45 * @author Tim Niemueller
46 */
47
48/** Constructor.
49 * @param config configuration to read users from
50 * @param logger logger for log output
51 */
53{
54}
55
56/** Destructor. */
58{
59}
60
61bool
62WebviewUserVerifier::verify_user(const char *user, const char *password) noexcept
63{
64 try {
65 std::string userpath = std::string("/webview/users/") + user;
66 std::string confpass = config->get_string(userpath.c_str());
67
68 if (confpass.compare(0, 11, "!cleartext!") == 0) {
69 return (confpass.substr(11) == password);
70 }
71
72#ifdef HAVE_APR_UTIL
73 return (apr_password_validate(password, confpass.c_str()) == APR_SUCCESS);
74
75#elif defined(HAVE_CRYPT)
76# ifdef __USE_GNU
77 struct crypt_data cd;
78 cd.initialized = 0;
79
80 char *crypted = crypt_r(password, confpass.c_str(), &cd);
81# else
82 char *crypted = crypt(password, confpass.c_str());
83# endif
84
85 if (confpass == crypted) {
86 return true;
87 } else {
88 //logger->log_warn("WebviewUserVerifier", "Access denied for user %s, "
89 // "invalid clear hashed password", user);
90 return false;
91 }
92#else
93 return (confpass == password);
94#endif
95
96 } catch (Exception &e) {
97 //logger->log_warn("WebviewUserVerifier", "Access denied for unknown user %s",
98 // user);
99 return false;
100 }
101
102 // should not actually happen, just in case...
103 return false;
104}
WebviewUserVerifier(fawkes::Configuration *config, fawkes::Logger *logger)
Constructor.
virtual ~WebviewUserVerifier()
Destructor.
virtual bool verify_user(const char *user, const char *password) noexcept
Verify a user.
Interface for configuration handling.
Definition: config.h:68
virtual std::string get_string(const char *path)=0
Get value from configuration which is of type string.
Base class for exceptions in Fawkes.
Definition: exception.h:36
Interface for logging.
Definition: logger.h:42
Fawkes library namespace.