diff --git a/include/znc/HTTPSock.h b/include/znc/HTTPSock.h index 5971914e..1858d82f 100644 --- a/include/znc/HTTPSock.h +++ b/include/znc/HTTPSock.h @@ -38,7 +38,7 @@ public: // Hooks virtual bool ForceLogin(); - virtual bool OnLogin(const CString& sUser, const CString& sPass); + virtual bool OnLogin(const CString& sUser, const CString& sPass, bool bBasic); virtual void OnPageRequest(const CString& sURI) = 0; virtual bool PrintFile(const CString& sFileName, CString sContentType = ""); // !Hooks diff --git a/include/znc/WebModules.h b/include/znc/WebModules.h index 55c0a021..e5d941a4 100644 --- a/include/znc/WebModules.h +++ b/include/znc/WebModules.h @@ -121,9 +121,9 @@ public: CWebSock(const CString& sURIPrefix); virtual ~CWebSock(); - virtual bool ForceLogin(); - virtual bool OnLogin(const CString& sUser, const CString& sPass); - virtual void OnPageRequest(const CString& sURI); + bool ForceLogin() override; + bool OnLogin(const CString& sUser, const CString& sPass, bool bBasic) override; + void OnPageRequest(const CString& sURI) override; EPageReqResult PrintTemplate(const CString& sPageName, CString& sPageRet, CModule* pModule = NULL); EPageReqResult PrintStaticFile(const CString& sPath, CString& sPageRet, CModule* pModule = NULL); diff --git a/src/HTTPSock.cpp b/src/HTTPSock.cpp index 06f67c87..2557466e 100644 --- a/src/HTTPSock.cpp +++ b/src/HTTPSock.cpp @@ -122,7 +122,7 @@ void CHTTPSock::ReadLine(const CString& sData) { sLine.Token(2).Base64Decode(sUnhashed); m_sUser = sUnhashed.Token(0, false, ":"); m_sPass = sUnhashed.Token(1, true, ":"); - m_bLoggedIn = OnLogin(m_sUser, m_sPass); + m_bLoggedIn = OnLogin(m_sUser, m_sPass, true); } else if (sName.Equals("Content-Length:")) { m_uPostLen = sLine.Token(1).ToULong(); if (m_uPostLen > MAX_POST_SIZE) @@ -664,7 +664,7 @@ bool CHTTPSock::ForceLogin() { return false; } -bool CHTTPSock::OnLogin(const CString& sUser, const CString& sPass) { +bool CHTTPSock::OnLogin(const CString& sUser, const CString& sPass, bool bBasic) { return false; } diff --git a/src/WebModules.cpp b/src/WebModules.cpp index 7014f3b3..88554ffd 100644 --- a/src/WebModules.cpp +++ b/src/WebModules.cpp @@ -50,7 +50,7 @@ static CSessionManager Sessions; class CWebAuth : public CAuthBase { public: - CWebAuth(CWebSock* pWebSock, const CString& sUsername, const CString& sPassword); + CWebAuth(CWebSock* pWebSock, const CString& sUsername, const CString& sPassword, bool bBasic); virtual ~CWebAuth() {} void SetWebSock(CWebSock* pWebSock) { m_pWebSock = pWebSock; } @@ -60,6 +60,7 @@ public: private: protected: CWebSock* m_pWebSock; + bool m_bBasic; }; void CWebSock::FinishUserSessions(const CUser& User) { @@ -107,9 +108,10 @@ void CWebSession::UpdateLastActive() { bool CWebSession::IsAdmin() const { return IsLoggedIn() && m_pUser->IsAdmin(); } -CWebAuth::CWebAuth(CWebSock* pWebSock, const CString& sUsername, const CString& sPassword) +CWebAuth::CWebAuth(CWebSock* pWebSock, const CString& sUsername, const CString& sPassword, bool bBasic) : CAuthBase(sUsername, sPassword, pWebSock) { m_pWebSock = pWebSock; + m_bBasic = bBasic; } void CWebSession::ClearMessageLoops() { @@ -159,7 +161,9 @@ void CWebAuth::AcceptedLogin(CUser& User) { m_pWebSock->SetLoggedIn(true); m_pWebSock->UnPauseRead(); - m_pWebSock->Redirect("/?cookie_check=true"); + if (!m_bBasic) { + m_pWebSock->Redirect("/?cookie_check=true"); + } DEBUG("Successful login attempt ==> USER [" + User.GetUserName() + "] ==> SESSION [" + spSession->GetId() + "]"); } @@ -628,7 +632,7 @@ CWebSock::EPageReqResult CWebSock::OnPageRequestInternal(const CString& sURI, CS if (GetParam("submitted").ToBool()) { m_sUser = GetParam("user"); m_sPass = GetParam("pass"); - m_bLoggedIn = OnLogin(m_sUser, m_sPass); + m_bLoggedIn = OnLogin(m_sUser, m_sPass, false); // AcceptedLogin()/RefusedLogin() will call Redirect() return PAGE_DEFERRED; @@ -868,9 +872,9 @@ CString CWebSock::GetCSRFCheck() { return pSession->GetId().MD5(); } -bool CWebSock::OnLogin(const CString& sUser, const CString& sPass) { - DEBUG("=================== CWebSock::OnLogin()"); - m_spAuth = std::make_shared(this, sUser, sPass); +bool CWebSock::OnLogin(const CString& sUser, const CString& sPass, bool bBasic) { + DEBUG("=================== CWebSock::OnLogin(), basic auth? " << std::boolalpha << bBasic); + m_spAuth = std::make_shared(this, sUser, sPass, bBasic); // Some authentication module could need some time, block this socket // until then. CWebAuth will UnPauseRead().