added csrf token module

cppHusky · cppHusky · commit cadbb9e127c4 · 2025-02-26T14:31:40.000+08:00
modified:   uploader/CMakeLists.txt
modified:   uploader/include/wiki.hpp
modified:   uploader/lib/libwiki.cpp
new file:   uploader/test/csrf.cpp
modified:   uploader/test/login.cpp
modified:   uploader/test/token.cpp
diff --git a/uploader/CMakeLists.txt b/uploader/CMakeLists.txt
@@ -10,13 +10,16 @@ file(GLOB_RECURSE HeaderFileList "include/*")
 file(GLOB_RECURSE LibraryFileList "lib/*")
 include_directories(include /usr/include /usr/local/include)
 link_directories(lib /usr/lib /usr/local/lib)
-add_library(wikibot ${HeaderFileList} ${LibraryFileList})
+add_library(wiki ${HeaderFileList} ${LibraryFileList})
 find_package(curlpp NAMES curlpp curl)
 find_package(nlohmann_json 3.11.3 REQUIRED)
-target_link_libraries(wikibot PUBLIC nlohmann_json::nlohmann_json curlpp curl)
+target_link_libraries(wiki PUBLIC nlohmann_json::nlohmann_json curlpp curl)
 add_executable(.token test/token.cpp)
-target_link_libraries(.token wikibot)
+target_link_libraries(.token wiki)
 add_test(NAME token COMMAND .token)
 add_executable(.login test/login.cpp)
-target_link_libraries(.login wikibot)
+target_link_libraries(.login wiki)
 add_test(NAME login COMMAND .login)
+add_executable(.csrf test/csrf.cpp)
+target_link_libraries(.csrf wiki)
+add_test(NAME csrf COMMAND .csrf)
diff --git a/uploader/include/wiki.hpp b/uploader/include/wiki.hpp
@@ -6,7 +6,7 @@
 namespace wiki{
 std::string get(curlpp::Easy &request);
 std::string get(const std::string &url,const std::list<std::string> &header={});
-std::string get(const std::string &url,const std::string &cookiejar_path,const std::list<std::string> &header={});
-std::string get_token(const std::string &url,const std::string &cookiejar_path,const std::list<std::string> &header={});
-std::string login(const std::string &url,const std::string &cookie_path,const std::string &username,const std::string &password,const std::string &login_token,const std::list<std::string> &header={});
+std::string get_login_token(const std::string &api,const std::string &cookiejar_path,const std::list<std::string> &header={});
+std::string get_csrf_token(const std::string &api,const std::string &cookie_path,const std::list<std::string> &header={});
+std::string login(const std::string &api,const std::string &cookie_path,const std::string &username,const std::string &password,const std::string &login_token,const std::list<std::string> &header={});
 }
diff --git a/uploader/lib/libwiki.cpp b/uploader/lib/libwiki.cpp
@@ -20,21 +20,27 @@ std::string wiki::get(const std::string &url,const std::list<std::string> &heade
 	request.setOpt<curlpp::Options::HttpHeader>(header);
 	return get(request);
 }
-std::string wiki::get(const std::string &url,const std::string &cookiejar_path,const std::list<std::string> &header){
+std::string wiki::get_login_token(const std::string &api,const std::string &cookiejar_path,const std::list<std::string> &header){
 	curlpp::Easy request;
-	request.setOpt<curlpp::Options::Url>(url);
+	request.setOpt<curlpp::Options::Url>(api+"?format=json&action=query&meta=tokens&type=login");
 	request.setOpt<curlpp::Options::CookieJar>(cookiejar_path);
 	request.setOpt<curlpp::Options::HttpHeader>(header);
-	return get(request);
-}
-std::string wiki::get_token(const std::string &url,const std::string &cookiejar_path,const std::list<std::string> &header){
-	nlohmann::json response=nlohmann::json::parse(wiki::get(url,cookiejar_path,header));
+	nlohmann::json response=nlohmann::json::parse(wiki::get(request));
 	const std::string token=response["query"]["tokens"]["logintoken"];
 	return token;
 }
-std::string wiki::login(const std::string &url,const std::string &cookie_path,const std::string &username,const std::string &password,const std::string &login_token,const std::list<std::string> &header){
+std::string wiki::get_csrf_token(const std::string &api,const std::string &cookie_path,const std::list<std::string> &header){
 	curlpp::Easy request;
-	request.setOpt<curlpp::Options::Url>(url);
+	request.setOpt<curlpp::Options::Url>(api+"?format=json&action=query&meta=tokens&type=csrf");
+	request.setOpt<curlpp::Options::CookieFile>(cookie_path);
+	request.setOpt<curlpp::Options::HttpHeader>(header);
+	nlohmann::json response=nlohmann::json::parse(wiki::get(request));
+	const std::string token=response["query"]["tokens"]["csrftoken"];
+	return token;
+}
+std::string wiki::login(const std::string &api,const std::string &cookie_path,const std::string &username,const std::string &password,const std::string &login_token,const std::list<std::string> &header){
+	curlpp::Easy request;
+	request.setOpt<curlpp::Options::Url>(api+"?format=json&action=login");
 	request.setOpt<curlpp::Options::CookieFile>(cookie_path);
 	request.setOpt<curlpp::Options::CookieJar>(cookie_path);
 	curlpp::Forms form;
diff --git a/uploader/test/csrf.cpp b/uploader/test/csrf.cpp
@@ -0,0 +1,27 @@
+#include<cstdlib>
+#include<exception>
+#include<format>
+#include<iostream>
+#include<string>
+#include<nlohmann/json.hpp>
+#include"wiki.hpp"
+int main(){
+	try{
+		const std::string api="http://localhost/api.php";
+		const std::string login_token=wiki::get_login_token(api,"/tmp/wiki_login_cookies");
+		const nlohmann::json result=nlohmann::json::parse(wiki::login(api,"/tmp/wiki_login_cookies","CppHusky@uploader",std::getenv("WIKIPASS_UPLOADER"),login_token));
+		const std::string csrf_token=wiki::get_csrf_token(api,"/tmp/wiki_login_cookies");
+		std::clog<<csrf_token<<std::endl;
+		assert(csrf_token.length()==42);
+		assert(csrf_token.ends_with("+\\"));
+	}catch(const curlpp::RuntimeError &e){
+		std::cerr<<e.what()<<std::endl;
+		assert(false);
+	}catch(const curlpp::LogicError &e){
+		std::cerr<<e.what()<<std::endl;
+		assert(false);
+	}catch(const std::exception &e){
+		std::cerr<<e.what()<<std::endl;
+		assert(false);
+	}
+}
diff --git a/uploader/test/login.cpp b/uploader/test/login.cpp
@@ -7,9 +7,10 @@
 #include"wiki.hpp"
 int main(){
 	try{
-		const std::string api="http://localhost/api.php?";
-		const std::string login_token=wiki::get_token(api+"format=json&action=query&meta=tokens&type=login","/tmp/wiki_login_token");
-		const nlohmann::json result=nlohmann::json::parse(wiki::login(api+"format=json&action=login","/tmp/wiki_login_token","CppHusky@uploader",std::getenv("WIKIPASS_UPLOADER"),login_token));
+		const std::string api="http://localhost/api.php";
+		const std::string login_token=wiki::get_login_token(api,"/tmp/wiki_login_cookies");
+		const nlohmann::json result=nlohmann::json::parse(wiki::login(api,"/tmp/wiki_login_cookies","CppHusky@uploader",std::getenv("WIKIPASS_UPLOADER"),login_token));
+		std::clog<<result<<std::endl;
 		assert(result["login"]["result"]=="Success");
 	}catch(const curlpp::RuntimeError &e){
 		std::cerr<<e.what()<<std::endl;
diff --git a/uploader/test/token.cpp b/uploader/test/token.cpp
@@ -1,14 +1,15 @@
+#include<cstdlib>
 #include<exception>
 #include<format>
 #include<iostream>
-#include<list>
 #include<string>
 #include<nlohmann/json.hpp>
 #include"wiki.hpp"
 int main(){
 	try{
-		const std::string api="http://localhost/api.php?";
-		const std::string login_token=wiki::get_token(api+"format=json&action=query&meta=tokens&type=*","/tmp/wiki_login_token");
+		const std::string api="https://wiki.byrdocs.org/api.php";
+		const std::list<std::string> header{std::format("X-Byrdocs-Token:{}",std::getenv("WIKITOKEN"))};
+		const std::string login_token=wiki::get_login_token(api,"/tmp/wiki_login_cookies",header);
 		std::clog<<login_token<<std::endl;
 		assert(login_token.length()==42);
 		assert(login_token.ends_with("+\\"));
