mirror/yacreader
1
0
Fork 0
mirror of https://github.com/YACReader/yacreader synced 2025-05-28 03:10:27 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

Move from session based state to client side tokens.

Browse Source 
YACReaderHttpSession is still used, but it is not a http session anymore.
This commit is contained in:
Luis Ángel San Martín 2018-04-25 22:20:03 +02:00
parent 701817d76b
commit 630a5c94a0
9 changed files with 75 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
YACReaderLibrary/server/controllers/v2/comiccontroller_v2.cpp
View File

@ -17,10 +17,16 @@
ComicControllerV2::ComicControllerV2() {}
void ComicControllerV2::service(HttpRequest& request, HttpResponse& response)
{
HttpSession session=Static::sessionStore->getSession(request,response,false);
YACReaderHttpSession *ySession = Static::yacreaderSessionStore->getYACReaderSessionHttpSession(session.getId());
{
QByteArray token = request.getHeader("x-request-id");
YACReaderHttpSession *ySession = Static::yacreaderSessionStore->getYACReaderSessionHttpSession(token);
if (ySession == nullptr) {
response.setStatus(404,"not found");
response.write("404 not found",true);
return;
}
QString path = QUrl::fromPercentEncoding(request.getPath()).toUtf8();
QStringList pathElements = path.split('/');
qulonglong libraryId = pathElements.at(3).toLongLong();
@ -45,9 +51,6 @@ void ComicControllerV2::service(HttpRequest& request, HttpResponse& response)
ComicDB comic = DBHelper::getComicInfo(libraryId, comicId);
if(!remoteComic)
ySession->setDownloadedComic(comic.info.hash);
Comic * comicFile = FactoryComic::newComic(libraries.getPath(libraryId)+comic.path);
if(comicFile != NULL)

5
YACReaderLibrary/server/controllers/v2/covercontroller_v2.cpp
View File

@ -10,9 +10,6 @@ CoverControllerV2::CoverControllerV2() {}
void CoverControllerV2::service(HttpRequest& request, HttpResponse& response)
{
HttpSession session=Static::sessionStore->getSession(request,response,false);
YACReaderHttpSession *ySession = Static::yacreaderSessionStore->getYACReaderSessionHttpSession(session.getId());
response.setHeader("Content-Type", "image/jpeg");
response.setHeader("Connection","close");
//response.setHeader("Content-Type", "plain/text; charset=ISO-8859-1");
@ -24,8 +21,6 @@ void CoverControllerV2::service(HttpRequest& request, HttpResponse& response)
QString libraryName = DBHelper::getLibraryName(pathElements.at(3).toInt());
QString fileName = pathElements.at(5);
bool folderCover = request.getParameter("folderCover").length()>0;
//response.writeText(path+"<br/>");
//response.writeText(libraryName+"<br/>");
//response.writeText(libraries.value(libraryName)+"/.yacreaderlibrary/covers/"+fileName+"<br/>");

2
YACReaderLibrary/server/controllers/v2/librariescontroller_v2.cpp
View File

@ -11,8 +11,6 @@ LibrariesControllerV2::LibrariesControllerV2() {}
void LibrariesControllerV2::service(HttpRequest& request, HttpResponse& response)
{
HttpSession session=Static::sessionStore->getSession(request,response,false);
response.setHeader("Content-Type", "application/json");
response.setHeader("Connection","close");

14
YACReaderLibrary/server/controllers/v2/pagecontroller_v2.cpp
View File

@ -16,10 +16,16 @@
PageControllerV2::PageControllerV2() {}
void PageControllerV2::service(HttpRequest& request, HttpResponse& response)
{
HttpSession session=Static::sessionStore->getSession(request,response,false);
YACReaderHttpSession *ySession = Static::yacreaderSessionStore->getYACReaderSessionHttpSession(session.getId());
{
QByteArray token = request.getHeader("x-request-id");
YACReaderHttpSession *ySession = Static::yacreaderSessionStore->getYACReaderSessionHttpSession(token);
if (ySession == nullptr) {
response.setStatus(404,"not found");
response.write("404 not found",true);
return;
}
QString path = QUrl::fromPercentEncoding(request.getPath()).toUtf8();
bool remote = path.endsWith("remote");

2
YACReaderLibrary/server/controllers/v2/updatecomiccontroller_v2.cpp
View File

@ -15,8 +15,6 @@ UpdateComicControllerV2::UpdateComicControllerV2(){}
void UpdateComicControllerV2::service(HttpRequest &request, HttpResponse &response)
{
HttpSession session=Static::sessionStore->getSession(request,response,false);
QString path = QUrl::fromPercentEncoding(request.getPath()).toUtf8();
QStringList pathElements = path.split('/');
qulonglong libraryId = pathElements.at(3).toULongLong();

11
YACReaderLibrary/server/lib/httpserver/staticfilecontroller.cpp
View File

@ -68,9 +68,14 @@ void StaticFileController::service(HttpRequest& request, HttpResponse& response)
QString fileName = paths.last();
stringPath.remove(fileName);
HttpSession session=Static::sessionStore->getSession(request,response,false);
YACReaderHttpSession *ySession = Static::yacreaderSessionStore->getYACReaderSessionHttpSession(session.getId());
QString device = ySession->getDeviceType();
QString display = ySession->getDisplayType();
YACReaderHttpSession *ySession = Static::yacreaderSessionStore->getYACReaderSessionHttpSession(session.getId());
QString device = "ipad";
QString display = "@2x";
if (ySession != nullptr) {
device = ySession->getDeviceType();
display = ySession->getDisplayType();
}
if(fileName.endsWith(".png"))
fileName = getDeviceAwareFileName(fileName, device, display, request.getHeader("Accept-Language"), stringPath);
else

50
YACReaderLibrary/server/requestmapper.cpp
View File

@ -44,12 +44,17 @@
#include "yacreader_http_session.h"
#include "QsLog.h"
QMutex RequestMapper::mutex;
RequestMapper::RequestMapper(QObject* parent)
:HttpRequestHandler(parent) {}
void RequestMapper::loadSession(HttpRequest & request, HttpResponse& response)
{
void RequestMapper::loadSessionV1(HttpRequest & request, HttpResponse& response)
{
QMutexLocker locker(&mutex);
HttpSession session=Static::sessionStore->getSession(request,response);
if(session.contains("ySession")) //session is already alive check if it is needed to update comics
{
@ -112,11 +117,33 @@ void RequestMapper::loadSession(HttpRequest & request, HttpResponse& response)
}
}
}
void RequestMapper::loadSessionV2(HttpRequest & request, HttpResponse& response)
{
QMutexLocker locker(&mutex);
QByteArray token = request.getHeader("x-request-id");
if (token.isEmpty()) {
return;
}
YACReaderHttpSession *yRecoveredSession = Static::yacreaderSessionStore->getYACReaderSessionHttpSession(token);
if(yRecoveredSession == nullptr) //session is already alive check if it is needed to update comics
{
YACReaderHttpSession *ySession = new YACReaderHttpSession(this);
Static::yacreaderSessionStore->addYACReaderHttpSession(token, ySession);
}
}
void RequestMapper::service(HttpRequest& request, HttpResponse& response) {
QByteArray path=request.getPath();
qDebug("RequestMapper: path=%s",path.data());
QByteArray path=request.getPath();
QLOG_TRACE() << "RequestMapper: path=" << path.data();
QLOG_TRACE() << "X-Request-Id: " << request.getHeader("x-request-id");
if (path.startsWith("/v2"))
{
@ -150,7 +177,7 @@ void RequestMapper::serviceV1(HttpRequest& request, HttpResponse& response)
path = QUrl::fromPercentEncoding(path).toUtf8();
if(!sync.exactMatch(path)) //no session is needed for syncback info, until security will be added
loadSession(request, response);
loadSessionV1(request, response);
//primera petición, se ha hecho un post, se sirven las bibliotecas si la seguridad mediante login no está habilitada
if(path == "/") //Don't send data to the server using '/' !!!!
@ -221,7 +248,7 @@ void RequestMapper::serviceV2(HttpRequest& request, HttpResponse& response)
QRegExp comicDownloadInfo("/v2/library/.+/comic/[0-9]+/?"); //get comic info (basic/download info)
QRegExp comicOpenForDownloading("/v2/library/.+/comic/[0-9]+/info/?"); //get comic info (full info + opening)
QRegExp comicOpenForRemoteReading("/v2/library/.+/comic/[0-9]+/remote/?"); //the server will open for reading the comic
QRegExp comicFullInfo("/v2/library/.+/comic/[0-9]+/fullinfo/?"); //get comic info (full info + opening)
QRegExp comicFullInfo("/v2/library/.+/comic/[0-9]+/fullinfo/?"); //get comic info
QRegExp comicUpdate("/v2/library/.+/comic/[0-9]+/update/?"); //get comic info
QRegExp comicClose("/v2/library/.+/comic/[0-9]+/close/?"); //the server will close the comic and free memory
QRegExp cover("/v2/library/.+/cover/[0-9a-f]+.jpg"); //get comic cover (navigation)
@ -243,7 +270,7 @@ void RequestMapper::serviceV2(HttpRequest& request, HttpResponse& response)
path = QUrl::fromPercentEncoding(path).toUtf8();
if(!sync.exactMatch(path)) //no session is needed for syncback info, until security will be added
loadSession(request, response);
loadSessionV2(request, response);
//primera petición, se ha hecho un post, se sirven las bibliotecas si la seguridad mediante login no está habilitada
if(path == "/v2/libraries") //Don't send data to the server using '/' !!!!
@ -262,10 +289,6 @@ void RequestMapper::serviceV2(HttpRequest& request, HttpResponse& response)
}
else
{
//se comprueba que la sesión sea la correcta con el fin de evitar accesos no autorizados
HttpSession session=Static::sessionStore->getSession(request,response,false);
if(!session.isNull() && session.contains("ySession"))
{
if(library.indexIn(path)!=-1 && DBHelper::getLibraries().contains(library.cap(1).toInt()) )
{
if (folderInfo.exactMatch(path))
@ -328,11 +351,6 @@ void RequestMapper::serviceV2(HttpRequest& request, HttpResponse& response)
//response.writeText(library.cap(1));
Static::staticFileController->service(request, response);
}
}
else //acceso no autorizado, redirección
{
ErrorControllerV2(300).service(request,response);
}
}
}
}

5
YACReaderLibrary/server/requestmapper.h
View File

@ -17,11 +17,14 @@ public:
RequestMapper(QObject* parent=0);
void service(HttpRequest& request, HttpResponse& response);
void loadSession(HttpRequest & request, HttpResponse& response);
void loadSessionV1(HttpRequest & request, HttpResponse& response);
void loadSessionV2(HttpRequest & request, HttpResponse& response);
private:
void serviceV1(HttpRequest& request, HttpResponse& response);
void serviceV2(HttpRequest& request, HttpResponse& response);
static QMutex mutex;
};
#endif // REQUESTMAPPER_H

15
YACReaderLibrary/server/yacreader_http_session_store.cpp
View File

@ -8,9 +8,11 @@
YACReaderHttpSessionStore::YACReaderHttpSessionStore(HttpSessionStore *sessionStore, QObject *parent)
: QObject(parent), sessionStore(sessionStore)
{
connect(&cleanupTimer,SIGNAL(timeout()),this,SLOT(sessionTimerEvent()));
cleanupTimer.start(60000);
{
//sessions are no longer http sessions in v2, we need another mechanism for cleaning
//connect(&cleanupTimer,SIGNAL(timeout()),this,SLOT(sessionTimerEvent()));
//cleanupTimer.start(60000);
}
void YACReaderHttpSessionStore::addYACReaderHttpSession(const QByteArray &httpSessionId, YACReaderHttpSession *yacreaderHttpSession)
@ -28,8 +30,9 @@ YACReaderHttpSession *YACReaderHttpSessionStore::getYACReaderSessionHttpSession(
}
void YACReaderHttpSessionStore::sessionTimerEvent()
{
QMutexLocker locker(&mutex);
{
//sessions are no longer http sessions in v2, we are using a token, so sessionStore->getSession(id).isNull() is always true.
/*QMutexLocker locker(&mutex);
for(const QByteArray &id : sessions.keys())
{
if(sessionStore->getSession(id).isNull())
@ -40,5 +43,5 @@ void YACReaderHttpSessionStore::sessionTimerEvent()
sessions.remove(id);
}
}
}*/
}