bwb jwtVerify

Author: 0WAQ

file_controller.cc

@@ -1,21 +1,29 @@
 #include "file_controller.h"
+#include "jwt_controller.h"
+#include <json/json.h>
+#include <stdio.h>
+
+#include <chrono>
 #include <iostream>
 #include <stdexcept>
-#include <stdio.h>
 #include <string>
-#include <json/json.h>
 
-
-std::string shell_commons(const char* cmd) {
+std::string shell_commons(const char *cmd)
+{
     char buffer[128];
     std::string result = "";
-    FILE* pipe = popen(cmd, "r");
-    if (!pipe) throw std::runtime_error("popen() failed!");
-    try {
-        while (fgets(buffer, sizeof buffer, pipe) != NULL) {
+    FILE *pipe = popen(cmd, "r");
+    if (!pipe)
+        throw std::runtime_error("popen() failed!");
+    try
+    {
+        while (fgets(buffer, sizeof buffer, pipe) != NULL)
+        {
             result += buffer;
         }
-    } catch (...) {
+    }
+    catch (...)
+    {
         pclose(pipe);
         throw;
     }
@@ -25,43 +33,118 @@ std::string shell_commons(const char* cmd) {
 
 void genTree(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
 {
-    char *pathvar;
-    pathvar = getenv("PWD");
-    std::string result = shell_commons(("cd "+std::string(pathvar)+"/.. " + "&&"+"tree -J root" ).c_str()) ;
     auto res = HttpResponse::newHttpResponse();
-    res->addHeader("Access-Control-Allow-Origin", "*");
-    res ->setBody(result);  
-    callback(res);
+    if (jwtVerify(req))
+    {
+        char *pathvar;
+        pathvar = getenv("PWD");
+        std::string result = shell_commons(("cd " + std::string(pathvar) + "/.. " + "&&" + "tree -J root").c_str());
+        res->addHeader("Access-Control-Allow-Origin", "*");
+        res->setBody(result);
+        callback(res);
+    }
+    else{
+        res->setBody("No Authorization");
+    }
 }
+
 void catFile(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
 {
-    char *pathvar;
-    pathvar = getenv("PWD");
-    std::string path = req->getParameter("path");
-    std::string result = shell_commons(("cat "+std::string(pathvar)+"/../root/"+path).c_str()) ;
     auto res = HttpResponse::newHttpResponse();
-    res->addHeader("Access-Control-Allow-Origin", "*");
-    res ->setBody(result);  
-    callback(res);
+    if (jwtVerify(req))
+    {
+        char *pathvar;
+        pathvar = getenv("PWD");
+        std::string path = req->getParameter("path");
+        std::string result = shell_commons(("cat " + std::string(pathvar) + "/../root/" + path).c_str());
+
+        res->addHeader("Access-Control-Allow-Origin", "*");
+        res->setBody(result);
+
+        callback(res);
+    }
+    else
+    {
+        res->setBody("No Authorization");
+    }
 }
+
 void saveFile(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
 {
-    auto body = req->getBody();
-    Json::Value req_json;
-    Json::Reader reader;
-    std::string bodyStr(body);
-    if (!reader.parse(bodyStr, req_json)) {
-        std::cout<<"parse failed"<<std::endl;
-        callback(HttpResponse::newHttpResponse());
-        return;
-    }
-    char *pathvar;
-    pathvar = getenv("PWD");
-    std::string filename = req_json["filename"].asString();
-    std::string content = req_json["content"].asString();
-    std::string result = shell_commons(("echo '"+content+"'>"+std::string(pathvar)+"/../root/"+filename).c_str()) ;
     auto res = HttpResponse::newHttpResponse();
-    res->addHeader("Access-Control-Allow-Origin", "*");
-    res ->setBody("success");  
-    callback(res);
+    if (jwtVerify(req))
+    {
+        auto body = req->getBody();
+        Json::Value req_json;
+        Json::Reader reader;
+        std::string bodyStr(body);
+        if (!reader.parse(bodyStr, req_json))
+        {
+            std::cout << "parse failed" << std::endl;
+            callback(HttpResponse::newHttpResponse());
+            return;
+        }
+        char *pathvar;
+        pathvar = getenv("PWD");
+        std::string filename = req_json["filename"].asString();
+        std::string content = req_json["content"].asString();
+        std::string result = shell_commons(("echo '" + content + "'>" + std::string(pathvar) + "/../root/" + filename).c_str());
+
+        res->addHeader("Access-Control-Allow-Origin", "*");
+        res->setBody("success");
+        callback(res);
+    }
+    else
+    {
+        res->setBody("No Authorization");
+    }
+}
+
+void imageUpload(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+{
+    auto resp = HttpResponse::newHttpResponse();
+    if (jwtVerify(req))
+    {
+        MultiPartParser fileUpload;
+        if (fileUpload.parse(req) != 0 || fileUpload.getFiles().size() != 1)
+        {
+            auto resp = HttpResponse::newHttpResponse();
+            resp->setBody("Must only be one file");
+            resp->setStatusCode(k403Forbidden);
+            callback(resp);
+            return;
+        }
+        auto &file = fileUpload.getFiles()[0];
+        auto now = std::chrono::system_clock::now();
+        auto ms = std::chrono::duration_cast<std::chrono::milliseconds>(now.time_since_epoch()).count();
+        std::string timestamp = std::to_string(ms) + '.' + std::string(file.getFileExtension());
+
+        resp->addHeader("Access-Control-Allow-Origin", "*");
+        resp->setBody(timestamp);
+        file.save();
+        shell_commons(("mv  ./uploads/" + file.getFileName() + " ./uploads/" + timestamp).c_str());
+
+        LOG_INFO << "The uploaded file has been saved to the ./uploads "
+                    "directory";
+        callback(resp);
+    }
+    else
+    {
+        resp->setBody("No Authorization");
+    }
 }
+
+void getPicture(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+{
+    std::string filename = req->getParameter("filename");
+    auto resp = HttpResponse::newFileResponse("./uploads/" + filename);
+    if (jwtVerify(req))
+    {
+        resp->addHeader("Access-Control-Allow-Origin", "*");
+        callback(resp);
+    }
+    else
+    {
+        resp->setBody("No Authorization");
+    }
+}

file_controller.h

@@ -3,9 +3,11 @@
 #include <string>
 #include <drogon/drogon.h>
 using namespace drogon;
-std::string shell_commons(const char* cmd);
+std::string shell_commons(const char *cmd);
 void genTree(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback);
 void catFile(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback);
 void saveFile(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback);
-//std::string 
+void imageUpload(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback);
+void getPicture(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback);
+// std::string
 #endif

jwt_controller.cc

@@ -2,6 +2,7 @@
 #include <drogon/drogon.h>
 #include <jwt-cpp/jwt.h>
 #include <cstring>
+#include <iomanip>
 #include <chrono>
 #include "jwt_controller.h"
 

main.cc

@@ -4,46 +4,40 @@
 #include "user_controller.h"
 #include "file_controller.h"
 #include <drogon/WebSocketController.h>
+
 using namespace drogon;
 std::unordered_map<std::string, WebSocketConnectionPtr> clientTable;
-int main() {
+int main()
+{
     drogon::app().addListener("0.0.0.0", 8081);
     std::cout << "ready" << std::endl;
-    drogon::app().registerHandler("/api/signup", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
-        Handle(req, std::move(callback),registerUser);
-    });
-    drogon::app().registerHandler("/api/login", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
-        Handle(req, std::move(callback),loginUser);
-    });
-    drogon::app().registerHandler("/api/chat", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
-        chat(req, std::move(callback));
-    });
-    drogon::app().registerHandler("/api/check", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
-        check(req, std::move(callback));
-    });
-    drogon::app().registerHandler("/api/nfmgr", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
-        request_processing(req, std::move(callback));
-    });
-    drogon::app().registerHandler("/api/newfriends", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
-        friend_operation(req, std::move(callback));
-    });
-      drogon::app().registerHandler("/api/info", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
-        info(req, std::move(callback));
-    });
+    drogon::app().registerHandler("/api/signup", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+                                  { Handle(req, std::move(callback), registerUser); });
+    drogon::app().registerHandler("/api/login", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+                                  { Handle(req, std::move(callback), loginUser); });
+    drogon::app().registerHandler("/api/chat", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+                                  { chat(req, std::move(callback)); });
+    drogon::app().registerHandler("/api/check", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+                                  { check(req, std::move(callback)); });
+    drogon::app().registerHandler("/api/nfmgr", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+                                  { request_processing(req, std::move(callback)); });
+    drogon::app().registerHandler("/api/newfriends", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+                                  { friend_operation(req, std::move(callback)); });
+    drogon::app().registerHandler("/api/info", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+                                  { info(req, std::move(callback)); });
 
-    drogon::app().registerHandler("/api/file/tree", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
-        genTree(req, std::move(callback));
-    });  
-    drogon::app().registerHandler("/api/file/cat", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
-        catFile(req, std::move(callback));
-    });  
-    drogon::app().registerHandler("/api/file/save", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
-        saveFile(req, std::move(callback));
-    });  
-      drogon::app().registerHandler("/api/avatar", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
-        avatar(req, std::move(callback));
-    });
-    drogon::app().run();
+    drogon::app().registerHandler("/api/file/tree", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+                                  { genTree(req, std::move(callback)); });
+    drogon::app().registerHandler("/api/file/cat", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+                                  { catFile(req, std::move(callback)); });
+    drogon::app().registerHandler("/api/file/save", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+                                  { saveFile(req, std::move(callback)); });
+    drogon::app().registerHandler("/api/avatar", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+                                  { avatar(req, std::move(callback)); });
+    drogon::app().registerHandler("/api/upload", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+                                  { imageUpload(req, std::move(callback)); });
+    drogon::app().registerHandler("/api/file/get", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
+                       { getPicture(req, std::move(callback)); }, {Get});
+    drogon::app().setUploadPath("./uploads").run();
     return 0;
 }
-

msg_controller.cc

@@ -23,7 +23,9 @@ void chat(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)
         std::string sender = jwtDecrypt(req->getHeader("Authorization").substr(7));
         std::string content = req_json["content"].asString();
         std::string receiver = req_json["receiver"].asString();
+
         sql_addhistory(sender, receiver, content, "0");
+        
         std::string msg = req_json["content"].asString();
         auto output = writer.write(res_json);
         res->setBody(output);
@@ -57,10 +59,12 @@ void friend_operation(const HttpRequestPtr &req, std::function<void(const HttpRe
         std::string sender = jwtDecrypt(req->getHeader("Authorization").substr(7));
         std::string receiver = req->getParameter("username");
         std::string operation = req->getParameter("operation");
+
         if (operation == "add")
             sql_addrequest(sender, receiver);
         else
             sql_delete_operation(sender, receiver);
+
         res->setBody("Success");
     } else {
         res->setBody("No Authorization");
@@ -71,15 +75,19 @@ void friend_operation(const HttpRequestPtr &req, std::function<void(const HttpRe
 void request_processing(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
     auto res = HttpResponse::newHttpResponse();
     res->addHeader("Access-Control-Allow-Origin", "*");
+
     if (jwtVerify(req)) {
+
         std::string receiver = jwtDecrypt(req->getHeader("Authorization").substr(7));
         std::string sender = req->getParameter("username");
         std::string attitude = req->getParameter("info");
+
         sql_process_request(sender, receiver, attitude);
         res->setBody("Success");
     } else {
         res->setBody("No Authorization");
     }
+
     callback(res);
 }
 // get chat info
@@ -96,16 +104,20 @@ void info(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)
     Json::FastWriter writer;
     auto res = HttpResponse::newHttpResponse();
     res->addHeader("Access-Control-Allow-Origin", "*");
+
     if (jwtVerify(req)) {
+
         me = jwtDecrypt(req->getHeader("Authorization").substr(7));
         if (req_json["person"].asString() == "") {
             res->setBody(writer.write(get_chat_info(me, "")));
         } else {
             who_send_me = req_json["person"].asString();
             res->setBody(writer.write(get_chat_info(me, who_send_me)));
         }
+        
     } else {
         res->setBody("No Authorization");
     }
+
     callback(res);
 }

mysql.cc

@@ -12,22 +12,17 @@ void process(sql::PreparedStatement *readdatament, std::vector<std::string> s, s
         readdatament->setString(1, s[i]);
         sql::ResultSet *resultSet = readdatament->executeQuery();
         std::string friendlist;
-
         if (resultSet->next())
         {
             friendlist = resultSet->getString("friends");
         }
-
         int pos = friendlist.find(s[i + 1]);
-
         if (pos != std::string::npos && pos != 0)
             friendlist.erase(pos - 1, s[i + 1].length() + 1);
         else if (pos == 0)
             friendlist.erase(pos, s[i + 1].length() + 1);
-
         std::string changedata = "UPDATE users SET friends=? WHERE username =?";
         sql::PreparedStatement *updateStatement = con->prepareStatement(changedata);
-
         updateStatement->setString(1, friendlist);
         updateStatement->setString(2, s[i]);
         updateStatement->execute();
@@ -382,7 +377,7 @@ bool sql_check(std::string user, std::string passwd)
 Json::Value sql_find_my_msg(std::string me)
 
 {
-    std::cout << "login user: " << me << std::endl;
+    // std::cout << "login user: " << me << std::endl;
     try
     {
         sql::mysql::MySQL_Driver *driver = sql::mysql::get_mysql_driver_instance();

root/lgy

@@ -1 +1,4 @@
-123
+ok![](http://127.0.0.1:8081/api/file/get?filename=1695257143488.png)
+
+
+

user_controller.cc

@@ -1,6 +1,7 @@
 #include <drogon/drogon.h>
 #include <json/json.h>
 #include "mysql.h"
+#include <iomanip>
 #include <openssl/sha.h>
 #include "jwt_controller.h"
 #include "msg_controller.h"