swift
databaseauthentication.cpp
1 // SPDX-FileCopyrightText: Copyright (C) 2015 swift Project Community / Contributors
2 // SPDX-License-Identifier: GPL-3.0-or-later OR LicenseRef-swift-pilot-client-1
3 
4 #include "core/db/databaseauthentication.h"
5 
6 #include <QByteArray>
7 #include <QJsonObject>
8 #include <QNetworkReply>
9 #include <QNetworkRequest>
10 #include <QScopedPointer>
11 #include <QScopedPointerDeleteLater>
12 #include <QString>
13 #include <QUrl>
14 #include <QUrlQuery>
15 
16 #include "core/application.h"
17 #include "core/data/globalsetup.h"
18 #include "misc/json.h"
19 #include "misc/logcategories.h"
20 #include "misc/logmessage.h"
21 #include "misc/network/authenticateduser.h"
22 #include "misc/network/networkutils.h"
23 #include "misc/network/rolelist.h"
24 #include "misc/network/url.h"
25 #include "misc/statusmessage.h"
26 
27 using namespace swift::misc;
28 using namespace swift::misc::network;
29 
30 namespace swift::core::db
31 {
32  const QStringList &CDatabaseAuthenticationService::getLogCategories()
33  {
34  static const QStringList cats { CLogCategories::swiftDbWebservice() };
35  return cats;
36  }
37 
38  CDatabaseAuthenticationService::CDatabaseAuthenticationService(QObject *parent) : QObject(parent)
39  {
40  // void
41  }
42 
43  void CDatabaseAuthenticationService::gracefulShutdown()
44  {
45  if (m_shutdown) { return; }
46  m_shutdown = true;
47  this->logoff();
48  }
49 
50  CAuthenticatedUser CDatabaseAuthenticationService::getDbUser() const { return m_swiftDbUser.get(); }
51 
52  bool CDatabaseAuthenticationService::isUserAuthenticated() const
53  {
54  const CAuthenticatedUser user(this->getDbUser());
55  return user.isAuthenticated();
56  }
57 
58  CStatusMessageList CDatabaseAuthenticationService::login(const QString &username, const QString &password)
59  {
60  CStatusMessageList msgs;
61  static const CLogCategoryList cats(CLogCategoryList(this).withValidation());
62 
63  if (!sApp || m_shutdown)
64  {
65  msgs.push_back(CStatusMessage(cats, CStatusMessage::SeverityError, u"Shutdown in progress"));
66  return msgs;
67  }
68 
69  const QString un(username.trimmed());
70  const QString pw(password.trimmed());
71  if (un.isEmpty()) { msgs.push_back(CStatusMessage(cats, CStatusMessage::SeverityError, u"No user name/id")); }
72  if (pw.isEmpty()) { msgs.push_back(CStatusMessage(cats, CStatusMessage::SeverityError, u"No password")); }
73  if (!msgs.isEmpty()) { return msgs; }
74 
75  const CUrl url(sApp->getGlobalSetup().getDbLoginServiceUrl());
76  QString msg;
77  if (!CNetworkUtils::canConnect(url, msg))
78  {
79  msgs.push_back(CStatusMessage(cats, CStatusMessage::SeverityError, msg));
80  return msgs;
81  }
82 
83  QUrlQuery params;
84  params.addQueryItem("username", un);
85  params.addQueryItem("password", pw);
86  if (sApp->getGlobalSetup().dbDebugFlag()) { CNetworkUtils::addDebugFlag(params); }
87 
88  const QString query = params.toString();
89  const QNetworkRequest request(CNetworkUtils::getSwiftNetworkRequest(url, CNetworkUtils::PostUrlEncoded,
90  sApp->getApplicationNameAndVersion()));
91  sApp->postToNetwork(request, CApplication::NoLogRequestId, query.toUtf8(),
92  { this, &CDatabaseAuthenticationService::parseServerResponse });
93  static const QString rm("Sent request to authentication server '%1'");
94  msgs.push_back(CStatusMessage(cats, CStatusMessage::SeverityInfo, rm.arg(url.toQString())));
95  return msgs;
96  }
97 
98  void CDatabaseAuthenticationService::logoff()
99  {
100  if (!sApp) { return; }
101  CUrl url(sApp->getGlobalSetup().getDbLoginServiceUrl());
102  url.setQuery("logoff=true");
103  QNetworkRequest request(CNetworkUtils::getSwiftNetworkRequest(url));
104  sApp->getFromNetwork(request, { this, &CDatabaseAuthenticationService::parseServerResponse });
105  m_swiftDbUser.set(CAuthenticatedUser());
106  }
107 
108  void CDatabaseAuthenticationService::parseServerResponse(QNetworkReply *nwReplyPtr)
109  {
110  // always cleanup reply
111  QScopedPointer<QNetworkReply, QScopedPointerDeleteLater> nwReply(nwReplyPtr);
112 
113  if (m_shutdown) { return; }
114  QString urlString(nwReply->url().toString());
115  if (urlString.contains("logoff", Qt::CaseInsensitive))
116  {
117  sApp->deleteAllCookies();
118  emit this->logoffFinished();
119  return;
120  }
121 
122  if (nwReply->error() == QNetworkReply::NoError)
123  {
124  const QString json(nwReply->readAll().trimmed());
125  if (json.isEmpty())
126  {
127  CLogMessage(this).error(u"Authentication failed, no response from '%1'") << urlString;
128  return;
129  }
130  if (!json::looksLikeJson(json))
131  {
132  CLogMessage(this).error(u"Illegal JSON object: %1")
133  << CNetworkUtils::removeHtmlPartsFromPhpErrorMessage(json);
134  return;
135  }
136 
137  static const CLogCategoryList cats(CLogCategoryList(this).withValidation());
138  const QJsonObject jsonObj(json::jsonObjectFromString(json));
139  CAuthenticatedUser user =
140  CAuthenticatedUser::fromDatabaseJson(jsonObj.contains("user") ? jsonObj["user"].toObject() : jsonObj);
141  CStatusMessageList msgs;
142  if (jsonObj.contains("messages"))
143  {
144  msgs = CStatusMessageList::fromDatabaseJson(jsonObj["messages"].toArray());
145  msgs.setCategories(cats);
146  }
147 
148  // allow auto enabled for SSO users
149  if (user.isValid() && !user.isEnabled())
150  {
151  if (user.getRoles().hasRole("VATSIMUSER"))
152  {
153  user.setEnabled(true);
154  msgs.push_back(CStatusMessage(cats, CStatusMessage::SeverityInfo, u"Auto enabled SSO user"));
155  }
156  }
157 
158  if (!user.isAuthenticated() || !user.isValid())
159  {
160  if (!msgs.hasErrorMessages())
161  {
162  msgs.push_back(
163  CStatusMessage(cats, CStatusMessage::SeverityError, u"Cannot login, user or password wrong"));
164  }
165  }
166  else
167  {
168  if (!user.isEnabled())
169  {
170  msgs.push_back(CStatusMessage(cats, CStatusMessage::SeverityError, u"User is disabled"));
171  }
172  if (user.getRoles().isEmpty())
173  {
174  msgs.push_back(CStatusMessage(cats, CStatusMessage::SeverityError, u"User has no roles"));
175  }
176  }
177  m_swiftDbUser.set(user);
178  emit userAuthenticationFinished(user, msgs);
179  }
180  else
181  {
182  CLogMessage(this).error(u"Authentication failed, %1") << nwReply->errorString();
183  return;
184  }
185  }
186 
187  void CDatabaseAuthenticationService::userChanged()
188  {
189  // this->logoff();
190  }
191 } // namespace swift::core::db
sApp
SWIFT_CORE_EXPORT swift::core::CApplication * sApp
Single instance of application object.
Definition: application.cpp:71
swift::core::CApplication::getFromNetwork
QNetworkReply * getFromNetwork(const swift::misc::network::CUrl &url, const CallbackSlot &callback, int maxRedirects=DefaultMaxRedirects)
Request to get network reply.
Definition: application.cpp:476
swift::core::CApplication::getGlobalSetup
data::CGlobalSetup getGlobalSetup() const
Global setup.
Definition: application.cpp:260
swift::core::CApplication::NoLogRequestId
static constexpr int NoLogRequestId
network request without logging
Definition: application.h:413
swift::core::CApplication::postToNetwork
QNetworkReply * postToNetwork(const QNetworkRequest &request, int logId, const QByteArray &data, const CallbackSlot &callback)
Post to network.
Definition: application.cpp:531
swift::core::CApplication::deleteAllCookies
void deleteAllCookies()
Delete all cookies from cookie manager.
Definition: application.cpp:614
swift::core::CApplication::getApplicationNameAndVersion
const QString & getApplicationNameAndVersion() const
Application name and version.
Definition: application.cpp:248
swift::core::data::CGlobalSetup::dbDebugFlag
bool dbDebugFlag() const
Debug flag.
Definition: globalsetup.cpp:68
swift::core::data::CGlobalSetup::getDbLoginServiceUrl
swift::misc::network::CUrl getDbLoginServiceUrl() const
Login service.
Definition: globalsetup.cpp:61
swift::core::db::CDatabaseAuthenticationService::userAuthenticationFinished
void userAuthenticationFinished(const swift::misc::network::CAuthenticatedUser &user, const swift::misc::CStatusMessageList &loginStatus)
User authenticated.
swift::core::db::CDatabaseAuthenticationService::login
swift::misc::CStatusMessageList login(const QString &id, const QString &password)
Try to login to authentication web service.
Definition: databaseauthentication.cpp:58
swift::core::db::CDatabaseAuthenticationService::getDbUser
swift::misc::network::CAuthenticatedUser getDbUser() const
DB user.
Definition: databaseauthentication.cpp:50
swift::misc::CCached::get
T get() const
Get a copy of the current value.
Definition: valuecache.h:408
swift::misc::CData::set
CStatusMessage set(const typename Trait::type &value, qint64 timestamp=0)
Write a new value. Must be called from the thread in which the owner lives.
Definition: datacache.h:350
swift::misc::CLogCategories::swiftDbWebservice
static const QString & swiftDbWebservice()
Webservice with swift DB.
Definition: logcategories.h:227
swift::misc::CLogCategoryList
A sequence of log categories.
Definition: logcategorylist.h:35
swift::misc::CLogMessage
Class for emitting a log message.
Definition: logmessage.h:27
swift::misc::CMessageBase::error
Derived & error(const char16_t(&format)[N])
Set the severity to error, providing a format string.
Definition: statusmessage.h:234
swift::misc::CSequence::push_back
void push_back(const T &value)
Appends an element at the end of the sequence.
Definition: sequence.h:305
swift::misc::CSequence::isEmpty
bool isEmpty() const
Synonym for empty.
Definition: sequence.h:285
swift::misc::CStatusMessage
Streamable status message, e.g.
Definition: statusmessage.h:394
swift::misc::CStatusMessage::SeverityError
constexpr static auto SeverityError
Status severities.
Definition: statusmessage.h:402
swift::misc::CStatusMessage::SeverityInfo
constexpr static auto SeverityInfo
Status severities.
Definition: statusmessage.h:400
swift::misc::CStatusMessageList
Status messages, e.g. from Core -> GUI.
Definition: statusmessagelist.h:33
swift::misc::CStatusMessageList::setCategories
void setCategories(const CLogCategoryList &categories)
Reset the categories of all messages in the list.
swift::misc::CStatusMessageList::hasErrorMessages
bool hasErrorMessages() const
Error messages.
swift::misc::CStatusMessageList::fromDatabaseJson
static CStatusMessageList fromDatabaseJson(const QJsonArray &array)
From our database JSON format.
swift::misc::mixin::String::toQString
QString toQString(bool i18n=false) const
Cast as QString.
Definition: mixinstring.h:76
swift::misc::network::CAuthenticatedUser
Value object encapsulating information of an authentiated user.
Definition: authenticateduser.h:33
swift::misc::network::CAuthenticatedUser::isAuthenticated
bool isAuthenticated() const
Authenticated.
Definition: authenticateduser.cpp:99
swift::misc::network::CAuthenticatedUser::getRoles
const CRoleList & getRoles() const
Roles.
Definition: authenticateduser.h:103
swift::misc::network::CAuthenticatedUser::isValid
bool isValid() const
Valid user object?
Definition: authenticateduser.h:76
swift::misc::network::CRoleList::hasRole
bool hasRole(const QString &roleName) const
Has role?
Definition: rolelist.cpp:16
swift::misc::network::CUrl
Value object encapsulating information of a location, kind of simplified CValueObject compliant versi...
Definition: url.h:27
swift::misc::network::CUrl::setQuery
void setQuery(const QString &query)
Set query.
Definition: url.cpp:58
swift::misc::json::jsonObjectFromString
QJsonObject jsonObjectFromString(const QString &json, bool acceptCacheFormat)
JSON Object from string.
Definition: json.cpp:413
swift::core::db
Classes interacting with the swift database (aka "datastore").
Definition: airportdatareader.cpp:23
swift::misc
Free functions in swift::misc.
Definition: aircraftmatcher.h:22
Generated on Mon Mar 24 2025 16:42:19 for swift by doxygen 1.9.1