diff --git a/crow_test/data/db/users.sqlite b/crow_test/data/db/users.sqlite index 4656b89..3b5d3a3 100644 Binary files a/crow_test/data/db/users.sqlite and b/crow_test/data/db/users.sqlite differ diff --git a/crow_test/data/session/.expirations b/crow_test/data/session/.expirations index 586609d..f6e0594 100644 --- a/crow_test/data/session/.expirations +++ b/crow_test/data/session/.expirations @@ -1,2 +1 @@ -wDTvp2olKnTzXs0q 1692378069 -vUJR5OaiqtXupR8v 1692378591 +l5yQfzNDLXuq6Ic1 1692481044 diff --git a/crow_test/data/session/l5yQfzNDLXuq6Ic1.json b/crow_test/data/session/l5yQfzNDLXuq6Ic1.json new file mode 100644 index 0000000..21f31f4 --- /dev/null +++ b/crow_test/data/session/l5yQfzNDLXuq6Ic1.json @@ -0,0 +1 @@ +{"clientID":"50a21c33-66c4-5a0f-902f-9434632025e6","clientToken":"qJNyHpcA1b1EY6/so2rH3FhBilMKDDnCJSliaeytHMh4V0kj2yy4Mb1UEO7dW/uYdgfNWn73dwCrioovCe1NHg=="} \ No newline at end of file diff --git a/crow_test/data/session/vUJR5OaiqtXupR8v.json b/crow_test/data/session/vUJR5OaiqtXupR8v.json deleted file mode 100644 index 002b57e..0000000 --- a/crow_test/data/session/vUJR5OaiqtXupR8v.json +++ /dev/null @@ -1 +0,0 @@ -{"clientID":"50a21c33-66c4-5a0f-902f-9434632025e6","clientToken":"yfuMydsUxrYprB6ykuXBcJe3SDuu17W7OrZns1nweWBUnSUUdsHszJN/YAKTVYsPjsEVd8rGCpUly5VsYfx6FA=="} \ No newline at end of file diff --git a/crow_test/data/session/wDTvp2olKnTzXs0q.json b/crow_test/data/session/wDTvp2olKnTzXs0q.json deleted file mode 100644 index 7b1454e..0000000 --- a/crow_test/data/session/wDTvp2olKnTzXs0q.json +++ /dev/null @@ -1 +0,0 @@ -{"clientID":"50a21c33-66c4-5a0f-902f-9434632025e6","clientToken":"6Ft+YVGtURGwMwi9yTemzakVoVpwkE3iRzshpUn/u58X6BWECdBZvE6nDCg4v628MLqHLwui59GIVyxc9HN0ww=="} \ No newline at end of file diff --git a/include/crowsite/sql_helper.h b/include/crowsite/sql_helper.h index db7fcb1..396328c 100644 --- a/include/crowsite/sql_helper.h +++ b/include/crowsite/sql_helper.h @@ -61,7 +61,7 @@ namespace cs::sql statement* set(const T& t, int column) { // make api consistent - column = column - 1; + column = column + 1; if constexpr (std::is_floating_point_v) { err = sqlite3_bind_double(stmt, column, t); diff --git a/src/crowsite/requests/jellyfin.cpp b/src/crowsite/requests/jellyfin.cpp index 14f125f..32bf465 100644 --- a/src/crowsite/requests/jellyfin.cpp +++ b/src/crowsite/requests/jellyfin.cpp @@ -98,7 +98,7 @@ namespace cs::jellyfin return auth_response::ERROR; } - const client_data& jellyfin::getUserData(const std::string& username) + const client_data& getUserData(const std::string& username) { return GLOBALS.user_ids[username]; } diff --git a/src/crowsite/site/auth.cpp b/src/crowsite/site/auth.cpp index a40783d..29535b0 100644 --- a/src/crowsite/site/auth.cpp +++ b/src/crowsite/site/auth.cpp @@ -86,13 +86,16 @@ namespace cs bool storeUserData(const std::string& username, const std::string& useragent, const cookie_data& tokens) { - sql::statement insertStmt{ + sql::statement insertStmt { user_database, "INSERT OR REPLACE INTO user_sessions (clientID, username, useragent, token) VALUES (?, ?, ?, ?);" }; if (insertStmt.fail()) + { + BLT_WARN("Failed to create insert user data %d : %s", insertStmt.error(), sqlite3_errstr(insertStmt.error())); return false; + } insertStmt.set(tokens.clientID, 0); insertStmt.set(username, 1); @@ -100,19 +103,43 @@ namespace cs insertStmt.set(tokens.clientToken, 3); if (!insertStmt.execute()) + { + BLT_WARN("Failed to insert user data %d : %s", insertStmt.error(), sqlite3_errstr(insertStmt.error())); return false; + } - sql::statement insertAuth { + sql::statement hasUser { user_database, - "INSERT OR REPLACE INTO user_permissions (username, permission) VALUES (?, ?);" + "SELECT permission FROM user_permissions WHERE username=?;" }; - if (insertAuth.fail()) - return false; - insertStmt.set(username, 0); - insertStmt.set(PERM_DEFAULT | (jellyfin::getUserData(username).isAdmin ? PERM_ADMIN : 0), 1); - if (!insertAuth.execute()) + hasUser.set(username, 0); + + if (!hasUser.fail() && hasUser.execute()) { + if (!hasUser.hasRow()){ + sql::statement insertAuth { + user_database, + "INSERT INTO user_permissions (username, permission) VALUES (?, ?);" + }; + if (insertAuth.fail()) + { + BLT_WARN("Failed to create insert user perms %d : %s", insertAuth.error(), sqlite3_errstr(insertAuth.error())); + return false; + } + insertAuth.set(username, 0); + insertAuth.set(PERM_DEFAULT | (jellyfin::getUserData(username).isAdmin ? PERM_ADMIN : 0), 1); + + if (!insertAuth.execute()) + { + BLT_WARN("Failed to insert user perms %d : %s", insertAuth.error(), sqlite3_errstr(insertAuth.error())); + return false; + } + } + } else + { + BLT_WARN("Failed to insert has user %d : %s", hasUser.error(), sqlite3_errstr(hasUser.error())); return false; + } return true; } @@ -121,7 +148,7 @@ namespace cs { sql::statement stmt { user_database, - "SELECT username FROM user_sessions WHERE clientID='?' AND token='?';" + "SELECT username FROM user_sessions WHERE clientID=? AND token=?;" }; if (stmt.fail()) return false; @@ -140,7 +167,7 @@ namespace cs { sql::statement stmt { user_database, - "SELECT username FROM user_sessions WHERE clientID='?';" + "SELECT username FROM user_sessions WHERE clientID=?;" }; if (stmt.fail()) return ""; @@ -152,7 +179,7 @@ namespace cs { sql::statement stmt { user_database, - "SELECT permission FROM user_permissions WHERE username='?';" + "SELECT permission FROM user_permissions WHERE username=?;" }; if (stmt.fail()) return 0; diff --git a/src/main.cpp b/src/main.cpp index 43717cd..17fb101 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -161,7 +161,9 @@ int main(int argc, const char** argv) if (cs::checkUserAuthorization(pp)) { cs::cookie_data data = cs::createUserAuthTokens(pp, user_agent); - cs::storeUserData(pp["username"], user_agent, data); + if (!cs::storeUserData(pp["username"], user_agent, data)){ + BLT_ERROR("Failed to update user data"); + } session.set("clientID", data.clientID); session.set("clientToken", data.clientToken);