Skip to content

Commit

Permalink
schema bump to version 2, auth codes now stored alongside the browser…
Browse files Browse the repository at this point in the history 
… user-agent that authed them. addresses issue #6
  • Loading branch information
@RJ
RJ committed Jun 8, 2009
1 parent 535d15f commit 9c39475
Show file tree
Hide file tree
Showing 8 changed files with 40 additions and 32 deletions.
13 changes: 13 additions & 0 deletions deps/moost_http/include/moost/http/request.hpp
View file
Expand Up @@ -30,6 +30,19 @@ struct request
}
return result;
}

/// we need a const way to grab headers too:
const std::string header_value(const std::string & header_name) const
{
std::vector<header>::const_iterator result;
for (result = headers.begin(); result != headers.end(); ++result)
{
if (boost::algorithm::iequals(result->name, header_name)) return result->value;
}
return "";
}


};

}} // moost::http
Expand Down
4 changes: 3 additions & 1 deletion etc/schema.sql
View file
Expand Up @@ -78,10 +78,12 @@ CREATE INDEX file_join_track ON file_join(track);

-- HTTP Authentication

DROP TABLE IF EXISTS playdar_auth;
CREATE TABLE IF NOT EXISTS playdar_auth (
token TEXT NOT NULL PRIMARY KEY,
website TEXT NOT NULL,
name TEXT NOT NULL,
ua TEXT NOT NULL,
mtime INTEGER NOT NULL,
permissions TEXT NOT NULL
);
Expand All @@ -92,7 +94,7 @@ CREATE TABLE IF NOT EXISTS playdar_system (
key TEXT NOT NULL PRIMARY KEY,
value TEXT NOT NULL DEFAULT ''
);
INSERT INTO playdar_system(key,value) VALUES('schema_version', '1');
INSERT INTO playdar_system(key,value) VALUES('schema_version', '2');

-- Settings NOT USED

Expand Down
14 changes: 8 additions & 6 deletions includes/playdar/auth.hpp
View file
Expand Up @@ -53,12 +53,13 @@ class auth
{
boost::mutex::scoped_lock lock(m_mut);
std::vector< std::map<std::string,std::string> > ret;
sqlite3pp::query qry(m_db, "SELECT token, website, name FROM playdar_auth ORDER BY mtime DESC");
sqlite3pp::query qry(m_db, "SELECT token, website, name, ua FROM playdar_auth ORDER BY mtime DESC");
for(sqlite3pp::query::iterator i = qry.begin(); i!=qry.end(); ++i){
std::map<std::string,std::string> m;
m["token"] = std::string((*i).get<const char *>(0));
m["website"] = std::string((*i).get<const char *>(1));
m["name"] = std::string((*i).get<const char *>(2));
m["ua"] = std::string((*i).get<const char *>(3));
ret.push_back( m );
}
return ret;
Expand All @@ -74,18 +75,19 @@ class auth
cmd.execute();
}

void create_new(std::string token, std::string website, std::string name)
void create_new(const std::string &token, const std::string &website, const std::string &name, const std::string &ua )
{
boost::mutex::scoped_lock lock(m_mut);
std::string sql = "INSERT INTO playdar_auth "
"(token, website, name, mtime, permissions) "
"VALUES(?, ?, ?, ?, ?)";
"(token, website, name, ua, mtime, permissions) "
"VALUES(?, ?, ?, ?, ?, ?)";
sqlite3pp::command cmd(m_db, sql.c_str());
cmd.bind(1, token.c_str(), true);
cmd.bind(2, website.c_str(), true);
cmd.bind(3, name.c_str(), true);
cmd.bind(4, 0);
cmd.bind(5, "*", true);
cmd.bind(4, ua.c_str(), true);
cmd.bind(5, 0);
cmd.bind(6, "*", true);
cmd.execute();
}

Expand Down
3 changes: 2 additions & 1 deletion includes/playdar/playdar_request.h
View file
Expand Up @@ -41,13 +41,14 @@ class playdar_request {
const std::string getvar( const std::string& s ) const{ return m_getvars.find(s)->second; }
const std::string postvar( const std::string& s ) const{ return m_postvars.find(s)->second; }
const std::vector<std::string>& parts() const{ return m_parts; }

const std::string& useragent() const { return m_useragent; }
private:

void collect_parts( const std::string & url, std::vector<std::string>& parts );
int collect_params(const std::string & url, std::map<std::string,std::string> & vars);

std::string m_url;
std::string m_useragent;
std::vector<std::string> m_parts;
std::map<std::string, std::string> m_getvars;
std::map<std::string, std::string> m_postvars;
Expand Down
5 changes: 4 additions & 1 deletion resolvers/local/library.cpp
View file
Expand Up @@ -66,9 +66,12 @@ Library::check_db()
cout << "Database schema detected as version " << val << endl;
// check the schema version is what we expect
// TODO auto-upgrade to newest schema version as needed.
if( val != "1" )
if( val != "2" )
{
cerr << "Schema version too old. TODO handle auto-upgrades" << endl;
cerr << "To upgrade from 1->2, run this: alter table playdar_auth add column ua text not null default \"\"; update playdar_system set value=\"2\" where key=\"schema_version\";"
<< endl;

throw; // not caught here
}
// OK.
Expand Down
24 changes: 4 additions & 20 deletions resolvers/local/library_sql.h
View file
@@ -1,23 +1,5 @@
/*
Playdar - music content resolver
Copyright (C) 2009 Richard Jones
Copyright (C) 2009 Last.fm Ltd.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
This file was automatically generated from schema.sql on Fri May 29 11:06:27 GMTDT 2009.
This file was automatically generated from ./schema.sql on Mon Jun 8 15:53:47 BST 2009.
*/
namespace playdar {

Expand Down Expand Up @@ -78,18 +60,20 @@ static const char * playdar_schema_sql =
" album INTEGER REFERENCES album(id) ON DELETE CASCADE ON UPDATE CASCADE"
");"
"CREATE INDEX file_join_track ON file_join(track);"
"DROP TABLE IF EXISTS playdar_auth;"
"CREATE TABLE IF NOT EXISTS playdar_auth ("
" token TEXT NOT NULL PRIMARY KEY,"
" website TEXT NOT NULL,"
" name TEXT NOT NULL,"
" ua TEXT NOT NULL,"
" mtime INTEGER NOT NULL,"
" permissions TEXT NOT NULL"
");"
"CREATE TABLE IF NOT EXISTS playdar_system ("
" key TEXT NOT NULL PRIMARY KEY,"
" value TEXT NOT NULL DEFAULT ''"
");"
"INSERT INTO playdar_system(key,value) VALUES('schema_version', '1');"
"INSERT INTO playdar_system(key,value) VALUES('schema_version', '2');"
;

const char * get_playdar_sql()
Expand Down
2 changes: 2 additions & 0 deletions src/playdar_request.cpp
View file
Expand Up @@ -46,6 +46,8 @@ playdar_request::playdar_request( const moost::http::request& req )

collect_parts( m_url, m_parts );

m_useragent = req.header_value("User-Agent");

// get rid of cruft from leading/trailing "/" and split:
if(m_parts.size() && m_parts[0]=="") m_parts.erase(m_parts.begin());
}
Expand Down
7 changes: 4 additions & 3 deletions src/playdar_request_handler.cpp
View file
Expand Up @@ -175,7 +175,7 @@ playdar_request_handler::handle_auth2( const playdar_request& req, moost::http::
if(m_pauth->consume_formtoken(req.postvar("formtoken")))
{
string tok = app()->resolver()->gen_uuid();
m_pauth->create_new(tok, req.postvar("website"), req.postvar("name"));
m_pauth->create_new(tok, req.postvar("website"), req.postvar("name"), req.useragent() );
if( !req.postvar_exists("receiverurl") ||
req.postvar("receiverurl")=="" )
{
Expand Down Expand Up @@ -416,7 +416,7 @@ playdar_request_handler::handle_settings( const playdar_request& req,
<< "<tr style=\"font-weight:bold;\">"
<< "<td>Name</td>"
<< "<td>Website</td>"
<< "<td>Auth Code</td>"
<< "<td>Auth Code / User-Agent</td>"
<< "<td>Options</td>"
<< "</tr>"
<< endl;
Expand All @@ -428,7 +428,8 @@ playdar_request_handler::handle_settings( const playdar_request& req,
os << "<tr style=\"background-color:" << ((i++%2==0)?"#ccc":"") << ";\">"
<< "<td>" << m["name"] << "</td>"
<< "<td>" << m["website"] << "</td>"
<< "<td>" << m["token"] << "</td>"
<< "<td>" << m["token"] << "<br/><small>"
<< m["ua"] << "</small></td>"
<< "<td><a href=\"/settings/auth/?revoke="
<< m["token"] <<"\">Revoke</a>"
<< "</td>"
Expand Down

0 comments on commit 9c39475

Please sign in to comment.