From: paulr Date: Sun, 5 Dec 2010 16:25:43 +0000 (+1100) Subject: a partially functional web app is now partially functional X-Git-Url: http://git.pjr.cc/?a=commitdiff_plain;h=a5bc0d133aabe8a6f52c8fc24a955796e93299fe;p=ga4php.git a partially functional web app is now partially functional --- diff --git a/authserver/authd/authd.php b/authserver/authd/authd.php index bd10267..3a52041 100644 --- a/authserver/authd/authd.php +++ b/authserver/authd/authd.php @@ -1,5 +1,7 @@ query($sql); + msg_send($cl_queue, MSG_GET_OTK_PNG, $data); } } @@ -155,23 +154,29 @@ if($pid == -1) { break; case MSG_SET_USER_PASSWORD: - echo "Call to set user pass\n"; + echo "how on earth is that happening Call to set user pass, wtf?\n"; // TODO + print_r($msg); if(!isset($msg["username"])) { msg_send($cl_queue, MSG_SET_USER_PASSWORD, false); + echo "in break 1\n"; break; } if(!isset($msg["password"])) { msg_send($cl_queue, MSG_SET_USER_PASSWORD, false); + echo "in break 1\n"; break; } $username = $msg["username"]; $password = $msg["password"]; - $pass = hash('sha512', $password); + echo "would set pass for $username, to $password\n"; + if($password == "") $pass = ""; + else $pass = hash('sha512', $password); $dbo = getDatabase(); + echo "in set user pass for $username, $pass\n"; $sql = "update users set users_password='$pass' where users_username='$username'"; $dbo->query($sql); @@ -267,6 +272,12 @@ if($pid == -1) { } else { $users[$i]["hastoken"] = false; } + + if($row["users_otk"]!="") { + $users[$i]["otk"] = $row["users_otk"]; + } else { + $users[$i]["otk"] = ""; + } $i++; } msg_send($cl_queue, MSG_GET_USERS, $users); diff --git a/authserver/www/actions.php b/authserver/www/actions.php new file mode 100644 index 0000000..2d2ca9c --- /dev/null +++ b/authserver/www/actions.php @@ -0,0 +1,68 @@ +authUserPass($username, $password)) { + $_SESSION["loggedin"] = true; + $_SESSION["username"] = $username; + header("Location: index.php"); + } else { + header("Location: index.php?message=loginfail"); + } + + exit(0); + break; + case "logout": + $_SESSION["loggedin"] = false; + $_SESSION["username"] = ""; + header("Location: index.php"); + exit(0); + break; + case "createuser": + $username = $_REQUEST["username"]; + $myAC->addUser($username); + header("Location: index.php"); + exit(0); + break; + case "update": + error_log("would update"); + $err = print_r($_REQUEST, true); + error_log("req: $err\n"); + $username = $_REQUEST["username"]; + if($_REQUEST["realname"]!="") { + $myAC->setUserRealName($username, $_REQUEST["realname"]); + } + if($_REQUEST["password"]!= "") { + $myAC->setUserPass($username, $_REQUEST["password"]); + } + break; + case "delete": + $username = $_REQUEST["username"]; + $myAC->deleteUser($username); + break; + case "deletepass": + $username = $_REQUEST["username"]; + $myAC->setUserPass($username, ""); + break; + case "getotk": + $username = $_REQUEST["username"]; + $otk = $myAC->getOtkPng($username); + header("Content-type: image/png"); + echo $otk; + exit(0); + break; + } +} +?> \ No newline at end of file diff --git a/authserver/www/index.php b/authserver/www/index.php index a893e2c..fa6f6df 100644 --- a/authserver/www/index.php +++ b/authserver/www/index.php @@ -11,5 +11,76 @@ * then user admin would be less disconnected. I.e. if a user was deleted from AD, their token * data should disappear with them. */ +require_once("actions.php"); +// the logged in component +if($loggedin) { +?> +

GAAS Manager

+Welcome to the Google Authenticator Authentication Server Manager Application
+

Users

+ + +getUsers(); +foreach($users as $user) { + $username = $user["username"]; + + if($user["realname"] == "") $realname = ""; + else $realname = $user["realname"]; + + if($user["haspass"]) $haspass = "Yes Delete Password"; + else $haspass = "No "; + + if($user["hastoken"]) $hastoken = "Yes"; + else $hastoken = "No"; + + if($user["otk"]!="") $otk = "Get"; + else $otk = "Already Claimed"; + + $delete = "Delete"; + + echo ""; + echo ""; +} +?> +
UsernameRealNameHas Password?Has Token?OTKUpdateDelete
$username$haspass$hastoken$otk$delete

+
Create User:
+ +

Radius Clients

+Not yet implemented + +
Logout + + +

GAAS Manager Login

+Login Failed"; +} +?> +
+ + + + +
Username
Password
+
+ \ No newline at end of file diff --git a/unittests/generaterandomstrings.php b/unittests/generaterandomstrings.php new file mode 100644 index 0000000..fc3e38c --- /dev/null +++ b/unittests/generaterandomstrings.php @@ -0,0 +1,18 @@ +