forked from cory/tildefriends
Move some DB things out of httpd.
This commit is contained in:
parent
81d1228b92
commit
c674cca482
158
src/httpd.js.c
158
src/httpd.js.c
@ -18,8 +18,6 @@
|
|||||||
#include "sodium/crypto_sign.h"
|
#include "sodium/crypto_sign.h"
|
||||||
#include "sodium/utils.h"
|
#include "sodium/utils.h"
|
||||||
|
|
||||||
#include "sqlite3.h"
|
|
||||||
|
|
||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
@ -36,7 +34,6 @@
|
|||||||
const int64_t k_refresh_interval = 1ULL * 7 * 24 * 60 * 60 * 1000;
|
const int64_t k_refresh_interval = 1ULL * 7 * 24 * 60 * 60 * 1000;
|
||||||
|
|
||||||
static JSValue _authenticate_jwt(JSContext* context, const char* jwt);
|
static JSValue _authenticate_jwt(JSContext* context, const char* jwt);
|
||||||
static const char* _get_property(tf_ssb_t* ssb, const char* id, const char* key);
|
|
||||||
static JSValue _httpd_websocket_upgrade(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv);
|
static JSValue _httpd_websocket_upgrade(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv);
|
||||||
static const char* _make_session_jwt(tf_ssb_t* ssb, const char* name);
|
static const char* _make_session_jwt(tf_ssb_t* ssb, const char* name);
|
||||||
static const char* _make_set_session_cookie_header(tf_http_request_t* request, const char* session_cookie);
|
static const char* _make_set_session_cookie_header(tf_http_request_t* request, const char* session_cookie);
|
||||||
@ -473,7 +470,7 @@ static JSValue _httpd_auth_query(JSContext* context, JSValueConst this_val, int
|
|||||||
JSValue name = JS_GetPropertyStr(context, entry, "name");
|
JSValue name = JS_GetPropertyStr(context, entry, "name");
|
||||||
const char* name_string = JS_ToCString(context, name);
|
const char* name_string = JS_ToCString(context, name);
|
||||||
|
|
||||||
const char* settings = _get_property(ssb, "core", "settings");
|
const char* settings = tf_ssb_db_get_property(ssb, "core", "settings");
|
||||||
JSValue settings_value = settings ? JS_ParseJSON(context, settings, strlen(settings), NULL) : JS_UNDEFINED;
|
JSValue settings_value = settings ? JS_ParseJSON(context, settings, strlen(settings), NULL) : JS_UNDEFINED;
|
||||||
JSValue permissions = JS_GetPropertyStr(context, settings_value, "permissions");
|
JSValue permissions = JS_GetPropertyStr(context, settings_value, "permissions");
|
||||||
JSValue user_permissions = JS_GetPropertyStr(context, permissions, name_string);
|
JSValue user_permissions = JS_GetPropertyStr(context, permissions, name_string);
|
||||||
@ -1096,106 +1093,6 @@ static bool _is_name_valid(const char* name)
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool _read_account(tf_ssb_t* ssb, const char* name, char* out_passwd, size_t passwd_size)
|
|
||||||
{
|
|
||||||
bool result = false;
|
|
||||||
sqlite3* db = tf_ssb_acquire_db_reader(ssb);
|
|
||||||
sqlite3_stmt* statement = NULL;
|
|
||||||
if (sqlite3_prepare(db, "SELECT value ->> '$.password' FROM properties WHERE id = 'auth' AND key = 'user:' || ?", -1, &statement, NULL) == SQLITE_OK)
|
|
||||||
{
|
|
||||||
if (sqlite3_bind_text(statement, 1, name, -1, NULL) == SQLITE_OK)
|
|
||||||
{
|
|
||||||
if (sqlite3_step(statement) == SQLITE_ROW)
|
|
||||||
{
|
|
||||||
snprintf(out_passwd, passwd_size, "%s", (const char*)sqlite3_column_text(statement, 0));
|
|
||||||
result = true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
sqlite3_finalize(statement);
|
|
||||||
}
|
|
||||||
tf_ssb_release_db_reader(ssb, db);
|
|
||||||
return result;
|
|
||||||
}
|
|
||||||
|
|
||||||
static bool _set_account_password(JSContext* context, sqlite3* db, const char* name, const char* password)
|
|
||||||
{
|
|
||||||
bool result = false;
|
|
||||||
static const int k_salt_length = 12;
|
|
||||||
|
|
||||||
char buffer[16];
|
|
||||||
tf_task_t* task = tf_task_get(context);
|
|
||||||
size_t bytes = uv_random(tf_task_get_loop(task), &(uv_random_t) { 0 }, buffer, sizeof(buffer), 0, NULL) == 0 ? sizeof(buffer) : 0;
|
|
||||||
char output[7 + 22 + 1];
|
|
||||||
char* salt = crypt_gensalt_rn("$2b$", k_salt_length, buffer, bytes, output, sizeof(output));
|
|
||||||
char hash_output[7 + 22 + 31 + 1];
|
|
||||||
char* hash = crypt_rn(password, salt, hash_output, sizeof(hash_output));
|
|
||||||
|
|
||||||
JSValue user_entry = JS_NewObject(context);
|
|
||||||
JS_SetPropertyStr(context, user_entry, "password", JS_NewString(context, hash));
|
|
||||||
JSValue user_json = JS_JSONStringify(context, user_entry, JS_NULL, JS_NULL);
|
|
||||||
size_t user_length = 0;
|
|
||||||
const char* user_string = JS_ToCStringLen(context, &user_length, user_json);
|
|
||||||
|
|
||||||
sqlite3_stmt* statement = NULL;
|
|
||||||
if (sqlite3_prepare(db, "INSERT OR REPLACE INTO properties (id, key, value) VALUES ('auth', 'user:' || ?, ?)", -1, &statement, NULL) == SQLITE_OK)
|
|
||||||
{
|
|
||||||
if (sqlite3_bind_text(statement, 1, name, -1, NULL) == SQLITE_OK && sqlite3_bind_text(statement, 2, user_string, user_length, NULL) == SQLITE_OK)
|
|
||||||
{
|
|
||||||
result = sqlite3_step(statement) == SQLITE_DONE;
|
|
||||||
}
|
|
||||||
sqlite3_finalize(statement);
|
|
||||||
}
|
|
||||||
|
|
||||||
JS_FreeCString(context, user_string);
|
|
||||||
JS_FreeValue(context, user_json);
|
|
||||||
JS_FreeValue(context, user_entry);
|
|
||||||
return result;
|
|
||||||
}
|
|
||||||
|
|
||||||
static bool _register_account(tf_ssb_t* ssb, const char* name, const char* password)
|
|
||||||
{
|
|
||||||
bool result = false;
|
|
||||||
JSContext* context = tf_ssb_get_context(ssb);
|
|
||||||
JSValue users_array = JS_UNDEFINED;
|
|
||||||
|
|
||||||
sqlite3* db = tf_ssb_acquire_db_writer(ssb);
|
|
||||||
sqlite3_stmt* statement = NULL;
|
|
||||||
if (sqlite3_prepare(db, "SELECT value FROM properties WHERE id = 'auth' AND key = 'users'", -1, &statement, NULL) == SQLITE_OK)
|
|
||||||
{
|
|
||||||
if (sqlite3_step(statement) == SQLITE_ROW)
|
|
||||||
{
|
|
||||||
users_array = JS_ParseJSON(context, (const char*)sqlite3_column_text(statement, 0), sqlite3_column_bytes(statement, 0), NULL);
|
|
||||||
}
|
|
||||||
sqlite3_finalize(statement);
|
|
||||||
}
|
|
||||||
if (JS_IsUndefined(users_array))
|
|
||||||
{
|
|
||||||
users_array = JS_NewArray(context);
|
|
||||||
}
|
|
||||||
int length = tf_util_get_length(context, users_array);
|
|
||||||
JS_SetPropertyUint32(context, users_array, length, JS_NewString(context, name));
|
|
||||||
|
|
||||||
JSValue json = JS_JSONStringify(context, users_array, JS_NULL, JS_NULL);
|
|
||||||
JS_FreeValue(context, users_array);
|
|
||||||
size_t value_length = 0;
|
|
||||||
const char* value = JS_ToCStringLen(context, &value_length, json);
|
|
||||||
if (sqlite3_prepare(db, "INSERT OR REPLACE INTO properties (id, key, value) VALUES ('auth', 'users', ?)", -1, &statement, NULL) == SQLITE_OK)
|
|
||||||
{
|
|
||||||
if (sqlite3_bind_text(statement, 1, value, value_length, NULL) == SQLITE_OK)
|
|
||||||
{
|
|
||||||
result = sqlite3_step(statement) == SQLITE_DONE;
|
|
||||||
}
|
|
||||||
sqlite3_finalize(statement);
|
|
||||||
}
|
|
||||||
JS_FreeCString(context, value);
|
|
||||||
JS_FreeValue(context, json);
|
|
||||||
|
|
||||||
result = result && _set_account_password(context, db, name, password);
|
|
||||||
|
|
||||||
tf_ssb_release_db_writer(ssb, db);
|
|
||||||
return result;
|
|
||||||
}
|
|
||||||
|
|
||||||
static void _visit_auth_identity(const char* identity, void* user_data)
|
static void _visit_auth_identity(const char* identity, void* user_data)
|
||||||
{
|
{
|
||||||
if (!*(char*)user_data)
|
if (!*(char*)user_data)
|
||||||
@ -1275,47 +1172,6 @@ static bool _verify_password(const char* password, const char* hash)
|
|||||||
return out_hash && strcmp(hash, out_hash) == 0;
|
return out_hash && strcmp(hash, out_hash) == 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static const char* _get_property(tf_ssb_t* ssb, const char* id, const char* key)
|
|
||||||
{
|
|
||||||
char* result = NULL;
|
|
||||||
sqlite3* db = tf_ssb_acquire_db_reader(ssb);
|
|
||||||
sqlite3_stmt* statement = NULL;
|
|
||||||
if (sqlite3_prepare(db, "SELECT value FROM properties WHERE id = ? AND key = ?", -1, &statement, NULL) == SQLITE_OK)
|
|
||||||
{
|
|
||||||
if (sqlite3_bind_text(statement, 1, id, -1, NULL) == SQLITE_OK && sqlite3_bind_text(statement, 2, key, -1, NULL) == SQLITE_OK)
|
|
||||||
{
|
|
||||||
if (sqlite3_step(statement) == SQLITE_ROW)
|
|
||||||
{
|
|
||||||
size_t length = sqlite3_column_bytes(statement, 0);
|
|
||||||
result = tf_malloc(length + 1);
|
|
||||||
memcpy(result, sqlite3_column_text(statement, 0), length);
|
|
||||||
result[length] = '\0';
|
|
||||||
}
|
|
||||||
}
|
|
||||||
sqlite3_finalize(statement);
|
|
||||||
}
|
|
||||||
tf_ssb_release_db_reader(ssb, db);
|
|
||||||
return result;
|
|
||||||
}
|
|
||||||
|
|
||||||
static bool _set_property(tf_ssb_t* ssb, const char* id, const char* key, const char* value)
|
|
||||||
{
|
|
||||||
bool result = false;
|
|
||||||
sqlite3* db = tf_ssb_acquire_db_writer(ssb);
|
|
||||||
sqlite3_stmt* statement = NULL;
|
|
||||||
if (sqlite3_prepare(db, "INSERT OR REPLACE INTO properties (id, key, value) VALUES (?, ?, ?)", -1, &statement, NULL) == SQLITE_OK)
|
|
||||||
{
|
|
||||||
if (sqlite3_bind_text(statement, 1, id, -1, NULL) == SQLITE_OK && sqlite3_bind_text(statement, 2, key, -1, NULL) == SQLITE_OK &&
|
|
||||||
sqlite3_bind_text(statement, 3, value, -1, NULL) == SQLITE_OK)
|
|
||||||
{
|
|
||||||
result = sqlite3_step(statement) == SQLITE_DONE;
|
|
||||||
}
|
|
||||||
sqlite3_finalize(statement);
|
|
||||||
}
|
|
||||||
tf_ssb_release_db_writer(ssb, db);
|
|
||||||
return result;
|
|
||||||
}
|
|
||||||
|
|
||||||
static void _httpd_endpoint_login(tf_http_request_t* request)
|
static void _httpd_endpoint_login(tf_http_request_t* request)
|
||||||
{
|
{
|
||||||
tf_task_t* task = request->user_data;
|
tf_task_t* task = request->user_data;
|
||||||
@ -1362,11 +1218,11 @@ static void _httpd_endpoint_login(tf_http_request_t* request)
|
|||||||
const char* change = _form_data_get(post_form_data, "change");
|
const char* change = _form_data_get(post_form_data, "change");
|
||||||
const char* form_register = _form_data_get(post_form_data, "register");
|
const char* form_register = _form_data_get(post_form_data, "register");
|
||||||
char account_passwd[256] = { 0 };
|
char account_passwd[256] = { 0 };
|
||||||
bool have_account = _read_account(ssb, _form_data_get(post_form_data, "name"), account_passwd, sizeof(account_passwd));
|
bool have_account = tf_ssb_db_get_account_password_hash(ssb, _form_data_get(post_form_data, "name"), account_passwd, sizeof(account_passwd));
|
||||||
|
|
||||||
if (form_register && strcmp(form_register, "1") == 0)
|
if (form_register && strcmp(form_register, "1") == 0)
|
||||||
{
|
{
|
||||||
if (!have_account && _is_name_valid(account_name) && password && confirm && strcmp(password, confirm) == 0 && _register_account(ssb, account_name, password))
|
if (!have_account && _is_name_valid(account_name) && password && confirm && strcmp(password, confirm) == 0 && tf_ssb_db_register_account(ssb, account_name, password))
|
||||||
{
|
{
|
||||||
tf_free((void*)send_session);
|
tf_free((void*)send_session);
|
||||||
send_session = _make_session_jwt(ssb, account_name);
|
send_session = _make_session_jwt(ssb, account_name);
|
||||||
@ -1379,9 +1235,8 @@ static void _httpd_endpoint_login(tf_http_request_t* request)
|
|||||||
}
|
}
|
||||||
else if (change && strcmp(change, "1") == 0)
|
else if (change && strcmp(change, "1") == 0)
|
||||||
{
|
{
|
||||||
sqlite3* db = tf_ssb_acquire_db_writer(ssb);
|
|
||||||
if (have_account && _is_name_valid(account_name) && new_password && confirm && strcmp(new_password, confirm) == 0 && _verify_password(password, account_passwd) &&
|
if (have_account && _is_name_valid(account_name) && new_password && confirm && strcmp(new_password, confirm) == 0 && _verify_password(password, account_passwd) &&
|
||||||
_set_account_password(context, db, account_name, new_password))
|
tf_ssb_db_set_account_password(ssb, account_name, new_password))
|
||||||
{
|
{
|
||||||
tf_free((void*)send_session);
|
tf_free((void*)send_session);
|
||||||
send_session = _make_session_jwt(ssb, account_name);
|
send_session = _make_session_jwt(ssb, account_name);
|
||||||
@ -1390,7 +1245,6 @@ static void _httpd_endpoint_login(tf_http_request_t* request)
|
|||||||
{
|
{
|
||||||
login_error = "Error changing password.";
|
login_error = "Error changing password.";
|
||||||
}
|
}
|
||||||
tf_ssb_release_db_writer(ssb, db);
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@ -1438,7 +1292,7 @@ static void _httpd_endpoint_login(tf_http_request_t* request)
|
|||||||
{
|
{
|
||||||
tf_http_request_ref(request);
|
tf_http_request_ref(request);
|
||||||
|
|
||||||
const char* settings = _get_property(ssb, "core", "settings");
|
const char* settings = tf_ssb_db_get_property(ssb, "core", "settings");
|
||||||
JSValue settings_value = settings ? JS_ParseJSON(context, settings, strlen(settings), NULL) : JS_UNDEFINED;
|
JSValue settings_value = settings ? JS_ParseJSON(context, settings, strlen(settings), NULL) : JS_UNDEFINED;
|
||||||
JSValue code_of_conduct_value = JS_GetPropertyStr(context, settings_value, "code_of_conduct");
|
JSValue code_of_conduct_value = JS_GetPropertyStr(context, settings_value, "code_of_conduct");
|
||||||
const char* code_of_conduct = JS_ToCString(context, code_of_conduct_value);
|
const char* code_of_conduct = JS_ToCString(context, code_of_conduct_value);
|
||||||
@ -1494,7 +1348,7 @@ static void _httpd_endpoint_login(tf_http_request_t* request)
|
|||||||
|
|
||||||
JSValue settings_json = JS_JSONStringify(context, settings_value, JS_NULL, JS_NULL);
|
JSValue settings_json = JS_JSONStringify(context, settings_value, JS_NULL, JS_NULL);
|
||||||
const char* settings_string = JS_ToCString(context, settings_json);
|
const char* settings_string = JS_ToCString(context, settings_json);
|
||||||
_set_property(ssb, "core", "settings", settings_string);
|
tf_ssb_db_set_property(ssb, "core", "settings", settings_string);
|
||||||
JS_FreeCString(context, settings_string);
|
JS_FreeCString(context, settings_string);
|
||||||
JS_FreeValue(context, settings_json);
|
JS_FreeValue(context, settings_json);
|
||||||
}
|
}
|
||||||
|
143
src/ssb.db.c
143
src/ssb.db.c
@ -6,6 +6,7 @@
|
|||||||
#include "trace.h"
|
#include "trace.h"
|
||||||
#include "util.js.h"
|
#include "util.js.h"
|
||||||
|
|
||||||
|
#include "ow-crypt.h"
|
||||||
#include "sodium/crypto_hash_sha256.h"
|
#include "sodium/crypto_hash_sha256.h"
|
||||||
#include "sodium/crypto_sign.h"
|
#include "sodium/crypto_sign.h"
|
||||||
#include "sqlite3.h"
|
#include "sqlite3.h"
|
||||||
@ -1592,3 +1593,145 @@ void tf_ssb_db_forget_stored_connection(tf_ssb_t* ssb, const char* address, int
|
|||||||
}
|
}
|
||||||
tf_ssb_release_db_writer(ssb, db);
|
tf_ssb_release_db_writer(ssb, db);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool tf_ssb_db_get_account_password_hash(tf_ssb_t* ssb, const char* name, char* out_password, size_t password_size)
|
||||||
|
{
|
||||||
|
bool result = false;
|
||||||
|
sqlite3* db = tf_ssb_acquire_db_reader(ssb);
|
||||||
|
sqlite3_stmt* statement = NULL;
|
||||||
|
if (sqlite3_prepare(db, "SELECT value ->> '$.password' FROM properties WHERE id = 'auth' AND key = 'user:' || ?", -1, &statement, NULL) == SQLITE_OK)
|
||||||
|
{
|
||||||
|
if (sqlite3_bind_text(statement, 1, name, -1, NULL) == SQLITE_OK)
|
||||||
|
{
|
||||||
|
if (sqlite3_step(statement) == SQLITE_ROW)
|
||||||
|
{
|
||||||
|
snprintf(out_password, password_size, "%s", (const char*)sqlite3_column_text(statement, 0));
|
||||||
|
result = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
sqlite3_finalize(statement);
|
||||||
|
}
|
||||||
|
tf_ssb_release_db_reader(ssb, db);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
bool tf_ssb_db_set_account_password(tf_ssb_t* ssb, const char* name, const char* password)
|
||||||
|
{
|
||||||
|
JSContext* context = tf_ssb_get_context(ssb);
|
||||||
|
bool result = false;
|
||||||
|
static const int k_salt_length = 12;
|
||||||
|
|
||||||
|
char buffer[16];
|
||||||
|
size_t bytes = uv_random(tf_ssb_get_loop(ssb), &(uv_random_t) { 0 }, buffer, sizeof(buffer), 0, NULL) == 0 ? sizeof(buffer) : 0;
|
||||||
|
char output[7 + 22 + 1];
|
||||||
|
char* salt = crypt_gensalt_rn("$2b$", k_salt_length, buffer, bytes, output, sizeof(output));
|
||||||
|
char hash_output[7 + 22 + 31 + 1];
|
||||||
|
char* hash = crypt_rn(password, salt, hash_output, sizeof(hash_output));
|
||||||
|
|
||||||
|
JSValue user_entry = JS_NewObject(context);
|
||||||
|
JS_SetPropertyStr(context, user_entry, "password", JS_NewString(context, hash));
|
||||||
|
JSValue user_json = JS_JSONStringify(context, user_entry, JS_NULL, JS_NULL);
|
||||||
|
size_t user_length = 0;
|
||||||
|
const char* user_string = JS_ToCStringLen(context, &user_length, user_json);
|
||||||
|
|
||||||
|
sqlite3* db = tf_ssb_acquire_db_writer(ssb);
|
||||||
|
sqlite3_stmt* statement = NULL;
|
||||||
|
if (sqlite3_prepare(db, "INSERT OR REPLACE INTO properties (id, key, value) VALUES ('auth', 'user:' || ?, ?)", -1, &statement, NULL) == SQLITE_OK)
|
||||||
|
{
|
||||||
|
if (sqlite3_bind_text(statement, 1, name, -1, NULL) == SQLITE_OK && sqlite3_bind_text(statement, 2, user_string, user_length, NULL) == SQLITE_OK)
|
||||||
|
{
|
||||||
|
result = sqlite3_step(statement) == SQLITE_DONE;
|
||||||
|
}
|
||||||
|
sqlite3_finalize(statement);
|
||||||
|
}
|
||||||
|
tf_ssb_release_db_writer(ssb, db);
|
||||||
|
|
||||||
|
JS_FreeCString(context, user_string);
|
||||||
|
JS_FreeValue(context, user_json);
|
||||||
|
JS_FreeValue(context, user_entry);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
bool tf_ssb_db_register_account(tf_ssb_t* ssb, const char* name, const char* password)
|
||||||
|
{
|
||||||
|
bool result = false;
|
||||||
|
JSContext* context = tf_ssb_get_context(ssb);
|
||||||
|
JSValue users_array = JS_UNDEFINED;
|
||||||
|
|
||||||
|
sqlite3* db = tf_ssb_acquire_db_writer(ssb);
|
||||||
|
sqlite3_stmt* statement = NULL;
|
||||||
|
if (sqlite3_prepare(db, "SELECT value FROM properties WHERE id = 'auth' AND key = 'users'", -1, &statement, NULL) == SQLITE_OK)
|
||||||
|
{
|
||||||
|
if (sqlite3_step(statement) == SQLITE_ROW)
|
||||||
|
{
|
||||||
|
users_array = JS_ParseJSON(context, (const char*)sqlite3_column_text(statement, 0), sqlite3_column_bytes(statement, 0), NULL);
|
||||||
|
}
|
||||||
|
sqlite3_finalize(statement);
|
||||||
|
}
|
||||||
|
if (JS_IsUndefined(users_array))
|
||||||
|
{
|
||||||
|
users_array = JS_NewArray(context);
|
||||||
|
}
|
||||||
|
int length = tf_util_get_length(context, users_array);
|
||||||
|
JS_SetPropertyUint32(context, users_array, length, JS_NewString(context, name));
|
||||||
|
|
||||||
|
JSValue json = JS_JSONStringify(context, users_array, JS_NULL, JS_NULL);
|
||||||
|
JS_FreeValue(context, users_array);
|
||||||
|
size_t value_length = 0;
|
||||||
|
const char* value = JS_ToCStringLen(context, &value_length, json);
|
||||||
|
if (sqlite3_prepare(db, "INSERT OR REPLACE INTO properties (id, key, value) VALUES ('auth', 'users', ?)", -1, &statement, NULL) == SQLITE_OK)
|
||||||
|
{
|
||||||
|
if (sqlite3_bind_text(statement, 1, value, value_length, NULL) == SQLITE_OK)
|
||||||
|
{
|
||||||
|
result = sqlite3_step(statement) == SQLITE_DONE;
|
||||||
|
}
|
||||||
|
sqlite3_finalize(statement);
|
||||||
|
}
|
||||||
|
JS_FreeCString(context, value);
|
||||||
|
JS_FreeValue(context, json);
|
||||||
|
tf_ssb_release_db_writer(ssb, db);
|
||||||
|
|
||||||
|
result = result && tf_ssb_db_set_account_password(ssb, name, password);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
const char* tf_ssb_db_get_property(tf_ssb_t* ssb, const char* id, const char* key)
|
||||||
|
{
|
||||||
|
char* result = NULL;
|
||||||
|
sqlite3* db = tf_ssb_acquire_db_reader(ssb);
|
||||||
|
sqlite3_stmt* statement = NULL;
|
||||||
|
if (sqlite3_prepare(db, "SELECT value FROM properties WHERE id = ? AND key = ?", -1, &statement, NULL) == SQLITE_OK)
|
||||||
|
{
|
||||||
|
if (sqlite3_bind_text(statement, 1, id, -1, NULL) == SQLITE_OK && sqlite3_bind_text(statement, 2, key, -1, NULL) == SQLITE_OK)
|
||||||
|
{
|
||||||
|
if (sqlite3_step(statement) == SQLITE_ROW)
|
||||||
|
{
|
||||||
|
size_t length = sqlite3_column_bytes(statement, 0);
|
||||||
|
result = tf_malloc(length + 1);
|
||||||
|
memcpy(result, sqlite3_column_text(statement, 0), length);
|
||||||
|
result[length] = '\0';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
sqlite3_finalize(statement);
|
||||||
|
}
|
||||||
|
tf_ssb_release_db_reader(ssb, db);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
bool tf_ssb_db_set_property(tf_ssb_t* ssb, const char* id, const char* key, const char* value)
|
||||||
|
{
|
||||||
|
bool result = false;
|
||||||
|
sqlite3* db = tf_ssb_acquire_db_writer(ssb);
|
||||||
|
sqlite3_stmt* statement = NULL;
|
||||||
|
if (sqlite3_prepare(db, "INSERT OR REPLACE INTO properties (id, key, value) VALUES (?, ?, ?)", -1, &statement, NULL) == SQLITE_OK)
|
||||||
|
{
|
||||||
|
if (sqlite3_bind_text(statement, 1, id, -1, NULL) == SQLITE_OK && sqlite3_bind_text(statement, 2, key, -1, NULL) == SQLITE_OK &&
|
||||||
|
sqlite3_bind_text(statement, 3, value, -1, NULL) == SQLITE_OK)
|
||||||
|
{
|
||||||
|
result = sqlite3_step(statement) == SQLITE_DONE;
|
||||||
|
}
|
||||||
|
sqlite3_finalize(statement);
|
||||||
|
}
|
||||||
|
tf_ssb_release_db_writer(ssb, db);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
47
src/ssb.db.h
47
src/ssb.db.h
@ -311,6 +311,53 @@ tf_ssb_db_stored_connection_t* tf_ssb_db_get_stored_connections(tf_ssb_t* ssb, i
|
|||||||
*/
|
*/
|
||||||
void tf_ssb_db_forget_stored_connection(tf_ssb_t* ssb, const char* address, int port, const char* pubkey);
|
void tf_ssb_db_forget_stored_connection(tf_ssb_t* ssb, const char* address, int port, const char* pubkey);
|
||||||
|
|
||||||
|
/**
|
||||||
|
** Retrieve a user's hashed password from the database.
|
||||||
|
** @param ssb The SSB instance.
|
||||||
|
** @param name The username.
|
||||||
|
** @param[out] out_password Populated with the password.
|
||||||
|
** @param password_size The size of the out_password buffer.
|
||||||
|
** @return true if the password hash was successfully retrieved.
|
||||||
|
*/
|
||||||
|
bool tf_ssb_db_get_account_password_hash(tf_ssb_t* ssb, const char* name, char* out_password, size_t password_size);
|
||||||
|
|
||||||
|
/**
|
||||||
|
** Insert or update a user's hashed password in the database.
|
||||||
|
** @param ssb The SSB instance.
|
||||||
|
** @param name The username.
|
||||||
|
** @param password The raw password.
|
||||||
|
** @return true if the hash of the password was successfully stored.
|
||||||
|
*/
|
||||||
|
bool tf_ssb_db_set_account_password(tf_ssb_t* ssb, const char* name, const char* password);
|
||||||
|
|
||||||
|
/**
|
||||||
|
** Add a user account to the database.
|
||||||
|
** @param ssb The SSB instance.
|
||||||
|
** @param name The username to add.
|
||||||
|
** @param password The user's raw password.
|
||||||
|
** @return true If the user was added successfully.
|
||||||
|
*/
|
||||||
|
bool tf_ssb_db_register_account(tf_ssb_t* ssb, const char* name, const char* password);
|
||||||
|
|
||||||
|
/**
|
||||||
|
** Get an entry from the properties table.
|
||||||
|
** @param ssb The SSB instance.
|
||||||
|
** @param id The user.
|
||||||
|
** @param key The property key.
|
||||||
|
** @return The property value or null. Free with tf_free().
|
||||||
|
*/
|
||||||
|
const char* tf_ssb_db_get_property(tf_ssb_t* ssb, const char* id, const char* key);
|
||||||
|
|
||||||
|
/**
|
||||||
|
** Store an entry in the properties table.
|
||||||
|
** @param ssb The SSB instance.
|
||||||
|
** @param id The user.
|
||||||
|
** @param key The property key.
|
||||||
|
** @param value The property value.
|
||||||
|
** @return true if the property was stored successfully.
|
||||||
|
*/
|
||||||
|
bool tf_ssb_db_set_property(tf_ssb_t* ssb, const char* id, const char* key, const char* value);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
** An SQLite authorizer callback. See https://www.sqlite.org/c3ref/set_authorizer.html for use.
|
** An SQLite authorizer callback. See https://www.sqlite.org/c3ref/set_authorizer.html for use.
|
||||||
** @param user_data User data registered with the authorizer.
|
** @param user_data User data registered with the authorizer.
|
||||||
|
Loading…
Reference in New Issue
Block a user