Almost completed registration

* added missing bits of serverside code;
 * added fronted in client;
 * removed demo python scripts;

servatrice/scripts/mk_pypb.sh

@@ -1,10 +0,0 @@
-#!/bin/bash
-
-SRC_DIR=../../common/pb/
-DST_DIR=./pypb
-
-rm -rf "$DST_DIR"
-mkdir -p "$DST_DIR"
-protoc -I=$SRC_DIR --python_out=$DST_DIR $SRC_DIR/*.proto
-touch "$DST_DIR/__init__.py"
-

servatrice/scripts/register.py

@@ -1,73 +0,0 @@
-#!/usr/bin/env python
-
-import socket, sys, struct, time
-
-from pypb.server_message_pb2 import ServerMessage
-from pypb.session_commands_pb2 import Command_Register as Reg
-from pypb.commands_pb2 import CommandContainer as Cmd
-from pypb.event_server_identification_pb2 import Event_ServerIdentification as ServerId
-from pypb.response_pb2 import Response
-
-HOST = "localhost"
-PORT = 4747
-
-CMD_ID = 1
-
-def build_reg():
-    global CMD_ID
-    cmd = Cmd()
-    sc = cmd.session_command.add()
-
-    reg = sc.Extensions[Reg.ext]
-    reg.user_name = "testUser"
-    reg.email = "test@example.com"
-    reg.password = "password"
-
-    cmd.cmd_id = CMD_ID
-    CMD_ID += 1
-    return cmd
-
-def send(msg):
-    packed = struct.pack('>I', len(msg))
-    sock.sendall(packed)
-    sock.sendall(msg)
-
-def print_resp(resp):
-    print "<<<"
-    print repr(resp)
-    m = ServerMessage()
-    m.ParseFromString(bytes(resp))
-    print m
-
-def recv(sock):
-    print "< header"
-    header = sock.recv(4)
-    msg_size = struct.unpack('>I', header)[0]
-    print "< ", msg_size
-    raw_msg = sock.recv(msg_size)
-    print_resp(raw_msg)
-
-if __name__ == "__main__":
-    address = (HOST, PORT)
-    sock = socket.socket()
-
-    print "Connecting to server ", address
-    sock.connect(address)
-
-    # hack for old xml clients - server expects this and discards first message
-    print ">>> xml hack"
-    xmlClientHack = Cmd().SerializeToString()
-    send(xmlClientHack)
-    print sock.recv(60)
-
-    recv(sock)
-
-    print ">>> register"
-    r = build_reg()
-    print r
-    msg = r.SerializeToString()
-    send(msg)
-    recv(sock)
-
-    print "Done"
-

servatrice/servatrice.ini.example

@@ -59,9 +59,11 @@ regonly=0
 ; Servatrice can process registration requests to add new users on the fly.
 ; Enable this feature? Default false.
 ;enabled=false
+
 ; Require users to provide an email address in order to register. Default true.
 ;requireemail=true
 
+
 [database]
 
 ; Database type. Valid values are:

servatrice/src/passwordhasher.cpp

@@ -8,6 +8,8 @@
     #include <QCryptographicHash>
 #endif
 
+#include "rng_sfmt.h"
+
 void PasswordHasher::initialize()
 {
 #if QT_VERSION < 0x050000
@@ -51,3 +53,20 @@ QString PasswordHasher::computeHash(const QString &password, const QString &salt
     return hashedPass;
 }
 #endif
+
+QString PasswordHasher::generateRandomSalt(const int len)
+{
+    static const char alphanum[] =
+        "0123456789"
+        "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+        "abcdefghijklmnopqrstuvwxyz";
+
+    QString ret;
+    int size = sizeof(alphanum) - 1;
+
+    for (int i = 0; i < len; ++i) {
+        ret.append(alphanum[rng->rand(0, size)]);
+    }
+
+    return ret;
+}

servatrice/src/passwordhasher.h

@@ -7,6 +7,7 @@ class PasswordHasher {
 public:
 	static void initialize();
 	static QString computeHash(const QString &password, const QString &salt);
+	static QString generateRandomSalt(const int len = 16);
 };
 
 #endif

servatrice/src/servatrice_database_interface.cpp

@@ -130,7 +130,6 @@ bool Servatrice_DatabaseInterface::registerUser(const QString &userName, const Q
 
     if (!execSqlQuery(query)) {
         qDebug() << "Failed to insert user: " << query->lastError() << " sql: " << query->lastQuery();
-        // TODO handle duplicate insert error
         return false;
     }
 
@@ -172,7 +171,6 @@ AuthenticationResult Servatrice_DatabaseInterface::checkUserPassword(Server_Prot
         if (checkUserIsBanned(handler->getAddress(), user, reasonStr, banSecondsLeft))
             return UserIsBanned;
         
-        QSqlQuery *passwordQuery = prepareQuery("select password_sha512 from {prefix}_users where name = :name and active = 1");
         passwordQuery->bindValue(":name", user);
         if (!execSqlQuery(passwordQuery)) {
             qDebug("Login denied: SQL error");
@@ -270,7 +268,6 @@ bool Servatrice_DatabaseInterface::checkUserIsIpBanned(const QString &ipAddress,
     return false;
 }
 
-bool Servatrice_DatabaseInterface::userExists(const QString &user)
 {
     if (server->getAuthenticationMethod() == Servatrice::AuthenticationSql) {
         checkSql();

servatrice/src/servatrice_database_interface.h

@@ -4,7 +4,7 @@
 #include <QObject>
 #include <QSqlDatabase>
 #include <QHash>
-#include <qchar.h>
+#include <QChar>
 
 #include "server.h"
 #include "server_database_interface.h"
@@ -41,6 +41,7 @@ public:
 	bool execSqlQuery(QSqlQuery *query);
 	const QSqlDatabase &getDatabase() { return sqlDatabase; }
 
+	bool activeUserExists(const QString &user);
 	bool userExists(const QString &user);
 	int getUserIdInDB(const QString &name);
 	QMap<QString, ServerInfo_User> getBuddyList(const QString &name);
@@ -63,7 +64,7 @@ public:
 	bool userSessionExists(const QString &userName);
 
 	bool getRequireRegistration();
-	bool registerUser(const QString &userName, const QString &realName, ServerInfo_User_Gender const &gender, const QString &passwordSha512, const QString &emailAddress, const QString &country, bool active = false);
+	bool registerUser(const QString &userName, const QString &realName, ServerInfo_User_Gender const &gender, const QString &password, const QString &emailAddress, const QString &country, bool active = false);
 
     void logMessage(const int senderId, const QString &senderName, const QString &senderIp, const QString &logMessage, LogMessage_TargetType targetType, const int targetId, const QString &targetName);
 };