Implement login via web.

author: cos <cos> 2016-06-19 20:24:32 +0200
committer: cos <cos> 2016-07-17 20:30:40 +0200
commit: 8459903fa0ab8e61a9a373ef74c2e6c3963b7c78 (patch)
tree: cc0030e0fbf92bc6c8c1753eb48004043b61b6c7
parent: f9131183fcf95f8ffefa513df7014df61fc9147d (diff)
download: mat-8459903fa0ab8e61a9a373ef74c2e6c3963b7c78.zip
5 files changed, 377 insertions, 7 deletions
diff --git a/cgi-bin/lada-20150110 b/cgi-bin/lada-20150110
new file mode 100755
index 0000000..793671a
--- /dev/null
+++ b/cgi-bin/lada-20150110
@@ -0,0 +1,110 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+
+use Config::Simple;
+use CGI::Simple;
+use CGI::Session;
+use DBI;
+
+tie my %Config, "Config::Simple", '/etc/mat.conf';
+
+my $q = new CGI::Simple;
+my $id = $q->param('id');
+my $action = $q->param('action');
+my $storage = $q->param('storage');
+my $session = CGI::Session->new(undef, undef, {Directory =>
+    $Config{'session_directory'}});
+
+sub misconfigured
+{
+  print "Content-Type: text/plain; charset=utf-8\n\r\n\r";
+  print "This system is misconfigured.\n";
+  exit 1;
+}
+
+sub invalid_input()
+{
+  print "Content-Type: text/plain; charset=utf-8\n\r\n\r";
+  print "Invalid input.\n";
+  exit 1;
+}
+
+sub unauthorized()
+{
+  print "Content-Type: text/plain; charset=utf-8\n\r\n\r";
+  print "Not authorized!\n";
+  exit 1;
+}
+
+sub send_cookie()
+{
+  print $session->header(-type => 'text/html', -charset => 'utf8');
+}
+
+sub cmd_view($)
+{
+  my ( $id ) = @_;
+
+  my $db = DBI->connect($Config{'database'}, "", "",
+      {HandleError => \&misconfigured, AutoCommit => 1});
+
+  my $recipe_row = $db->selectrow_arrayref("SELECT name, storage, uri FROM ".
+      "recipes AS r JOIN inventory AS i ON i.recipe_id=r.id WHERE i.id=".$id.
+      ";");
+
+  print $id, "<br />", $$recipe_row[0], "<br />", $$recipe_row[1], "<br />";
+  if(substr($$recipe_row[2], 0, 4) eq "http") {
+    print '<a href="'.$$recipe_row[2].'">'.$$recipe_row[2].'</a>', "<br />";
+  } else {
+    print $$recipe_row[2], "<br />";
+  }
+  if ($session->param('authenticated') eq "yes") {
+    print "<font size=20>\n";
+    for my $store ( split(" ", $Config{'relocate_stores'}) ) {
+      print " <a href=".$Config{'label_id_prefix'}."$id/relocate/$store>".
+          "$store</a> \n";
+    }
+    print "</font>";
+  }
+}
+
+sub cmd_relocate($$)
+{
+  my ( $id, $storage ) = @_;
+
+  my $db = DBI->connect($Config{'database'}, "", "",
+      {HandleError => \&misconfigured, AutoCommit => 1});
+
+  $db->do('UPDATE inventory SET storage="'.$storage.'" WHERE id='.$id);
+
+  cmd_view($id);
+}
+
+### MAIN PROGRAM ##############################################################
+
+misconfigured unless ($Config{'database'});
+misconfigured unless $session;
+invalid_input unless ($id and $action);
+
+invalid_input unless (($id =~ m/^[0-9]+$/) and ($action =~ m/^view|relocate$/) and
+    ($storage =~ /^[a-z0-9]*$/));
+send_cookie;
+
+for ($action) {
+  if    (/^view$/) {
+    cmd_view($id);
+  }
+  elsif (/^relocate$/) {
+    if ($session->param('authenticated') eq "yes") {
+      $session->expire("5y");
+      cmd_relocate($id, $storage);
+    } else {
+      unauthorized();
+    }
+  }
+  else {
+    invalid_input;
+  }
+}
diff --git a/cgi-bin/lada.cgi b/cgi-bin/lada.cgi
new file mode 100755
index 0000000..f3b2554
--- /dev/null
+++ b/cgi-bin/lada.cgi
@@ -0,0 +1,109 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+
+use Config::Simple;
+use CGI::Simple;
+use CGI::Session;
+use DBI;
+
+tie my %Config, "Config::Simple", '/etc/mat.conf';
+
+my $q = new CGI::Simple;
+my $id = $q->param('id');
+my $action = $q->param('action');
+my $storage = $q->param('storage');
+my $session = CGI::Session->new(undef, undef, {Directory =>
+    $Config{'session_directory'}});
+
+sub misconfigured
+{
+  print "Content-Type: text/plain; charset=utf-8\n\r\n\r";
+  print "This system is misconfigured.\n";
+  exit 1;
+}
+
+sub invalid_input()
+{
+  print "Content-Type: text/plain; charset=utf-8\n\r\n\r";
+  print "Invalid input.\n";
+  exit 1;
+}
+
+sub unauthorized()
+{
+  print "Content-Type: text/plain; charset=utf-8\n\r\n\r";
+  print "Not authorized!\n";
+  exit 1;
+}
+
+sub send_cookie()
+{
+  print $session->header(-type => 'text/html', -charset => 'utf8');
+}
+
+sub cmd_view($)
+{
+  my ( $id ) = @_;
+
+  my $db = DBI->connect($Config{'database'}, "", "",
+      {HandleError => \&misconfigured, AutoCommit => 1});
+
+  my $recipe_row = $db->selectrow_arrayref("SELECT name, storage, uri FROM ".
+      "recipes AS r JOIN inventory AS i ON i.recipe_id=r.id WHERE i.id=".$id.
+      ";");
+
+  print $id, "<br />", $$recipe_row[0], "<br />", $$recipe_row[1], "<br />";
+  if(substr($$recipe_row[2], 0, 4) eq "http") {
+    print '<a href="'.$$recipe_row[2].'">'.$$recipe_row[2].'</a>', "<br />";
+  } else {
+    print $$recipe_row[2], "<br />";
+  }
+  if ($session->param('authenticated') eq "yes") {
+    print '<font size="20">';
+    print "<a href=https://mat.netizen.se/portion/$id/relocate/magen>magen</a> ";
+    print "<a href=https://mat.netizen.se/portion/$id/relocate/hemkyl>hemkyl</a> ";
+    print "<a href=https://mat.netizen.se/portion/$id/relocate/jobbfrys>jobbfrys</a> ";
+    print "<a href=https://mat.netizen.se/portion/$id/relocate/jobbkyl>jobbkyl</a>";
+    print '</font>';
+  }
+}
+
+sub cmd_relocate($$)
+{
+  my ( $id, $storage ) = @_;
+
+  my $db = DBI->connect($Config{'database'}, "", "",
+      {HandleError => \&misconfigured, AutoCommit => 1});
+
+  $db->do('UPDATE inventory SET storage="'.$storage.'" WHERE id='.$id);
+
+  cmd_view($id);
+}
+
+### MAIN PROGRAM ##############################################################
+
+misconfigured unless ($Config{'database'});
+misconfigured unless $session;
+invalid_input unless ($id and $action);
+
+invalid_input unless (($id =~ m/^[0-9]+$/) and ($action =~ m/^view|relocate$/) and
+    ($storage =~ /^[a-z0-9]*$/));
+send_cookie;
+
+for ($action) {
+  if    (/^view$/) {
+    cmd_view($id);
+  }
+  elsif (/^relocate$/) {
+    if ($session->param('authenticated') eq "yes") {
+      cmd_relocate($id, $storage);
+    } else {
+      unauthorized();
+    }
+  }
+  else {
+    invalid_input;
+  }
+}
diff --git a/cgi-bin/mat.cgi b/cgi-bin/mat.cgi
index 52239d5..d8845f7 100755
--- a/cgi-bin/mat.cgi
+++ b/cgi-bin/mat.cgi
@@ -14,6 +14,7 @@ my $q = new CGI::Simple;
 my $id = $q->param('id');
 my $action = $q->param('action');
 my $storage = $q->param('storage');
+my $password = $q->param('password');
 my $session = CGI::Session->new(undef, undef, {Directory =>
     $Config{'session_directory'}});
 
@@ -85,29 +86,51 @@ sub cmd_relocate($$)
   cmd_view($id);
 }
 
+sub cmd_login($)
+{
+  my ( $password ) = @_;
+
+  if ( $password and ($password eq $Config{'password'} )) {
+    $session->param('authenticated', "yes");
+    print "welcome.";
+  } else {
+    print "<form>\n";
+    print "<input name=password>\n";
+    print "<input type=submit>\n";
+    print "</form>\n";
+  }
+}
+
 ### MAIN PROGRAM ##############################################################
 
 misconfigured unless ($Config{'database'});
 misconfigured unless $session;
-invalid_input unless ($id and $action);
+invalid_input unless $action;
+
+if ($action eq "view") {
+  invalid_input unless ($id and $id =~ m/^[0-9]+$/);
+} elsif ($action eq "relocate") {
+  invalid_input unless (($id =~ m/^[0-9]+$/) and ($storage =~ /^[a-z0-9]*$/));
+} elsif ($action eq "login") {
+} else {
+  invalid_input;
+}
 
-invalid_input unless (($id =~ m/^[0-9]+$/)
-    and ($action =~ m/^view|relocate$/) and ($storage =~ /^[a-z0-9]*$/));
 send_cookie;
 
 for ($action) {
   if    (/^view$/) {
     cmd_view($id);
-  }
-  elsif (/^relocate$/) {
+  } elsif (/^relocate$/) {
     if ($session->param('authenticated') eq "yes") {
       $session->expire("5y");
       cmd_relocate($id, $storage);
     } else {
       unauthorized();
     }
-  }
-  else {
+  } elsif (/^login$/) {
+    cmd_login($password);
+  } else {
     invalid_input;
   }
 }
diff --git a/cgi-bin/mat.cgi-package b/cgi-bin/mat.cgi-package
new file mode 100755
index 0000000..15ad893
--- /dev/null
+++ b/cgi-bin/mat.cgi-package
@@ -0,0 +1,125 @@
+#!/usr/bin/perl
+
+package cgi::mat;
+
+require Exporter;
+@ISA = qw(Exporter);
+@EXPORT = qw(misconfigured);
+
+use strict;
+use warnings;
+
+use Config::Simple;
+use CGI::Simple;
+use CGI::Session;
+use DBI;
+
+tie my %Config, "Config::Simple", '/etc/mat.conf';
+
+my $q = new CGI::Simple;
+my $id = $q->param('id');
+my $action = $q->param('action');
+my $storage = $q->param('storage');
+my $session = CGI::Session->new(undef, undef, {Directory =>
+    $Config{'session_directory'}});
+
+sub misconfigured
+{
+  print "Content-Type: text/plain; charset=utf-8\n\r\n\r";
+  print "This system is misconfigured.\n";
+  exit 1;
+}
+
+sub invalid_input()
+{
+  print "Content-Type: text/plain; charset=utf-8\n\r\n\r";
+  print "Invalid input.\n";
+  exit 1;
+}
+
+sub unauthorized()
+{
+  print "Content-Type: text/plain; charset=utf-8\n\r\n\r";
+  print "Not authorized!\n";
+  exit 1;
+}
+
+sub send_cookie()
+{
+  print $session->header(-type => 'text/html', -charset => 'utf8');
+}
+
+sub cmd_view($)
+{
+  my ( $id ) = @_;
+
+  my $db = DBI->connect($Config{'database'}, "", "",
+      {HandleError => \&misconfigured, AutoCommit => 1});
+
+  my $recipe_row = $db->selectrow_arrayref("SELECT name, storage, uri, ".
+      "amount, energy FROM recipes AS r JOIN inventory AS i ".
+      "ON i.recipe_id=r.id WHERE i.id=".$id.";");
+
+  print $id, "<br />", $$recipe_row[0], "<br />", $$recipe_row[1], "<br />";
+  print $$recipe_row[3] ? $$recipe_row[3]." g<br />" : "", "<br />";
+  print $$recipe_row[4] ? $$recipe_row[4]." kJ<br />" : "", "<br />";
+  if(substr($$recipe_row[2], 0, 4) eq "http") {
+    print '<a href="'.$$recipe_row[2].'">'.$$recipe_row[2].'</a>', "<br />";
+  } else {
+    print $$recipe_row[2], "<br />";
+  }
+  if ($session->param('authenticated') eq "yes") {
+    print "<font size=20>\n";
+    for my $store ( split(" ", $Config{'relocate_stores'}) ) {
+      print " <a href=".$Config{'label_id_prefix'}."$id/relocate/$store>".
+          "$store</a> \n";
+    }
+    print "</font>";
+  }
+}
+
+sub cmd_relocate($$)
+{
+  my ( $id, $storage ) = @_;
+
+  my $db = DBI->connect($Config{'database'}, "", "",
+      {HandleError => \&misconfigured, AutoCommit => 1});
+
+  $db->do('UPDATE inventory SET storage="'.$storage.'" WHERE id='.$id);
+
+  cmd_view($id);
+}
+
+### MAIN PROGRAM ##############################################################
+
+sub run
+{
+  misconfigured unless ($Config{'database'});
+  misconfigured unless $session;
+  invalid_input unless ($id and $action);
+
+  invalid_input unless (($id =~ m/^[0-9]+$/) and ($action =~ m/^view|relocate$/) and
+      ($storage =~ /^[a-z0-9]*$/));
+  send_cookie;
+
+  for ($action) {
+    if    (/^view$/) {
+      cmd_view($id);
+    }
+    elsif (/^relocate$/) {
+      if ($session->param('authenticated') eq "yes") {
+        $session->expire("5y");
+        cmd_relocate($id, $storage);
+      } else {
+        unauthorized();
+      }
+    }
+    else {
+      invalid_input;
+    }
+  }
+}
+
+__PACKAGE__->run( @ARGV ) unless caller();
+
+__END__
diff --git a/cgi-bin/relocatehook.sh b/cgi-bin/relocatehook.sh
new file mode 100755
index 0000000..19cc279
--- /dev/null
+++ b/cgi-bin/relocatehook.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+date "+%s|%Y%m%d %H%M|$1|$2|$3|$4|$5|$6" >> /var/tmp/relocatelogg.txt
author	cos <cos>	2016-06-19 20:24:32 +0200
committer	cos <cos>	2016-07-17 20:30:40 +0200
commit	8459903fa0ab8e61a9a373ef74c2e6c3963b7c78 (patch)
tree	cc0030e0fbf92bc6c8c1753eb48004043b61b6c7
parent	f9131183fcf95f8ffefa513df7014df61fc9147d (diff)
download	mat-8459903fa0ab8e61a9a373ef74c2e6c3963b7c78.zip