From d1eae3d523f459b4cdd5e1bfc776690d0ad96069 Mon Sep 17 00:00:00 2001
From: paulr <me@pjr.cc>
Date: Fri, 3 Dec 2010 16:44:06 +1100
Subject: [PATCH] more auth server work

---
 authserver/authd/authd.php    |   21 +++++++++--------
 authserver/lib/authClient.php |   28 ++++++++++++++++++++++
 authserver/lib/lib.php        |   51 +++++++++++++++++++---------------------
 3 files changed, 63 insertions(+), 37 deletions(-)

diff --git a/authserver/authd/authd.php b/authserver/authd/authd.php
index 616eab7..fb6d895 100644
--- a/authserver/authd/authd.php
+++ b/authserver/authd/authd.php
@@ -40,29 +40,30 @@ if($pid == -1) {
 	
 	while(true) {
 		msg_receive($sr_queue, 0, $msg_type, 16384, $msg);
-		echo "Got message $msg_type\n";
 		print_r($msg);
 		switch($msg_type) {
 			case MSG_AUTH_USER:
-				echo "got auth message, $msg\n";
+				// minimal checking, we leav it up to authenticateUser to do the real
+				// checking
+				if(!isset($msg["user"])) $msg["user"] = "";
+				if(!isset($msg["passcode"])) $msg["passcode"] = "";
 				$username = $msg["user"];
 				$passcode = $msg["passcode"];
 				global $myga;
 				msg_send($cl_queue, MSG_AUTH_USER, $myga->authenticateUser($username, $passcode));
 				break;
 			case MSG_ADD_USER:
-				echo "add user\n";
-				$username = $msg["username"];
-				global $myga;
-				msg_send($cl_queue, MSG_ADD_USER, $myga->setUser($username));
+				if(!isset($msg["username"])) {
+					msg_send($cl_queue, MSG_ADD_USER, false);	
+				} else {
+					$username = $msg["username"];				
+					global $myga;
+					msg_send($cl_queue, MSG_ADD_USER, $myga->setUser($username));
+				}
 				break;
 			case MSG_DELETE_USER:
 				break;
-			default:
-				echo "um??\n";
-				
 		}		
-		echo "Back to wait\n";
 	}	
 }
 
diff --git a/authserver/lib/authClient.php b/authserver/lib/authClient.php
index 64093e2..2783e91 100644
--- a/authserver/lib/authClient.php
+++ b/authserver/lib/authClient.php
@@ -3,6 +3,27 @@
 require_once("lib.php");
 
 class GAAuthClient {
+	
+	function setUserToken($username, $token) {
+		
+	}
+	
+	function setUserPass($username, $password) {
+		
+	}
+	
+	function authUserPass($username, $password) {
+		
+	}
+	
+	function deleteUser($username) {
+		
+	}
+	
+	function setUserRealName($username, $realname) {
+		
+	}
+	
 	function authUser($username, $passcode) {
 		global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
 		
@@ -11,6 +32,9 @@ class GAAuthClient {
 			return false;
 		}
 
+		if(!msg_queue_exists($MSG_QUEUE_KEY_ID_CLIENT)) {
+			return false;
+		}
 		// TODO we need to setup a client queue sem lock here
 		
 		$cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT);
@@ -38,6 +62,10 @@ class GAAuthClient {
 			return false;
 		}
 
+		if(!msg_queue_exists($MSG_QUEUE_KEY_ID_CLIENT)) {
+			return false;
+		}
+		
 		// TODO we need to setup a client queue sem lock here
 		
 		$cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT);
diff --git a/authserver/lib/lib.php b/authserver/lib/lib.php
index efc6d95..cf4c39e 100644
--- a/authserver/lib/lib.php
+++ b/authserver/lib/lib.php
@@ -1,32 +1,35 @@
 <?php
 
-if(!isset($MSG_QUEUE_KEY_ID_SERVER)) $MSG_QUEUE_KEY_ID_SERVER = "189751072";
-if(!isset($MSG_QUEUE_KEY_ID_CLIENT)) $MSG_QUEUE_KEY_ID_CLIENT = "189751073";
+if(!isset($MSG_QUEUE_KEY_ID_SERVER)) $MSG_QUEUE_KEY_ID_SERVER = "189751072"; // i would use ftok, but its crap
+if(!isset($MSG_QUEUE_KEY_ID_CLIENT)) $MSG_QUEUE_KEY_ID_CLIENT = "189751073"; // ftok is not ok!
 global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
 
-define("MSG_AUTH_USER", 1);
-define("MSG_ADD_USER", 2);
-define("MSG_DELETE_USER", 2);
-
+define("MSG_AUTH_USER_TOKEN", 1);
+define("MSG_ADD_USER_TOKEN", 2);
+define("MSG_DELETE_USER", 3);
+define("MSG_AUTH_USER_PASSWORD", 4);
+define("MSG_SET_USER_PASSWORD", 5);
+define("MSG_SET_USER_REALNAME", 6);
+define("MSG_SET_USER_TOKEN", 7);
 
 if(file_exists("../../lib/ga4php.php")) require_once("../../lib/ga4php.php");
 if(file_exists("../lib/ga4php.php")) require_once("../lib/ga4php.php");
 
 function getDatabase() {
 	$dbobject = false;
-	if(file_exists("/tmp/gadata.sqlite")) {
+	if(file_exists("gaasdata.sqlite")) {
 		try {
-			$dbobject = new PDO("sqlite:/tmp/gadata.sqlite");
+			$dbobject = new PDO("sqlite:gaasdata.sqlite");
 		} catch(PDOException $exep) {
 			error_log("execpt on db open");
 		}
 	} else {
 		try {
-			$dbobject = new PDO("sqlite:/tmp/gadata.sqlite");
+			$dbobject = new PDO("sqlite:gaasdata.sqlite");
 		} catch(PDOException $exep) {
 			error_log("execpt on db open");
 		}
-		$sql = 'CREATE TABLE "users" ("users_id" INTEGER PRIMARY KEY AUTOINCREMENT,"users_username" TEXT,"users_tokendata" TEXT);';
+		$sql = 'CREATE TABLE "users" ("users_id" INTEGER PRIMARY KEY AUTOINCREMENT,"users_username" TEXT, "users_realname" TEXT, "users_password" TEXT, "users_tokendata" TEXT);';
 		$dbobject->query($sql);
 	}
 	
@@ -66,33 +69,27 @@ class gaasGA extends GoogleAuthenticator {
 	}
 	
 	
-	// now we need a function for putting the data back into our user table.
-	// in this example, we wont check anything, we'll just overwrite it.
 	function putData($username, $data) {
 		// get our database connection
 		$dbObject = getDatabase();
 		
-		// set the sql for updating the data
-		// token data is stored as a base64 encoded string, it should
-		// not need to be escaped in any way prior to storing in a database
-		// but feel free to call your databases "addslashes" (or whatever)
-		// function on $data prior to doing the SQL.
-		$sql = "delete from users where users_username='$username'";
-		$dbObject->query($sql);
-		
-		$sql = "insert into users values (NULL, '$username', '$data')";
-		
+		// we need to check if the user exists, and if so put the data, if not create the data
+		$sql = "select * from users where users_username='$username'";
+		$res = $dbOject->query($sql);
+		if($res->fetchColumn() > 0) {
+			// do update
+			$sql = "update users set users_tokendata='$data' where users_username='$username'";
+		} else {
+			// do insert
+			$sql = "insert into users values (NULL, '$username', '', '', '$data')";
+		}
 		
-		// now execute the sql and return straight away - you should probably
-		// clean up after yourselves, but im going to assume pdo does this
-		// for us anyway in this exmaple
 		if($dbObject->query($sql)) {
 			return true;
 		} else {
 			return false;
 		}
-		
-		// even simpler!
+
 	}
 	
 	function getUsers() {
-- 
1.7.0.4