aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/NOTES.txt (renamed from src/sledjchisl/NOTES.txt)172
1 files changed, 172 insertions, 0 deletions
diff --git a/src/sledjchisl/NOTES.txt b/src/NOTES.txt
index e80b8d9..93ed815 100644
--- a/src/sledjchisl/NOTES.txt
+++ b/src/NOTES.txt
@@ -477,3 +477,175 @@ Update / upgrade / downgrade
477Yeah I hate things that have their own packaging system, for needing to 477Yeah I hate things that have their own packaging system, for needing to
478step outside the operating systems packaging system, and adding to the too 478step outside the operating systems packaging system, and adding to the too
479long list of stuff I have to deal with manually, and now I are one. lol 479long list of stuff I have to deal with manually, and now I are one. lol
480
481
482-------------------------------------------------------------------
483
484Time for a restructure of the web page / field / database stuff.
485
486Will need to include a "what page is this" cookie, or maybe query ?mode=add
487
488
489
490old validate UUID
491 define the UUID based UserAccounts db static dbRequest, fill it if needed.
492 if create
493 try to find an unused UUID
494 fill Rd->stuff with UUID
495 if confirm
496 check it's length
497 otherwise
498 check it's length
499 look it up, bitch if not found
500 If we found it, put level into Rd->database
501 fill Rd->stuff with UUID
502
503old validateName
504 define the name based UserAccounts db static dbRequest, fill it if needed.
505 Do the Lua file lookup, fill a tnm hash.
506 Do the database lookup, fill rows.
507 if login
508 convert tnm to Rd->database, or dbPull(rows)
509 fill Rd->stuff with name, UUID, and level
510 if create
511 complain if we found a record
512 try to find an unused UUID
513 fill Rd->database with new data
514 fill Rd->stuff with name, UUID, and level
515
516old validatePassword
517 define the UUID based auth db static dbRequest, fill it if needed.
518 if login
519 do the database lookup, fill rows
520 check if the name validation found us a UUID, fail login if it didn't
521 do the pasword+salt hash and compare
522 fill Rd->stuff with passwordHash and passwordSalt
523 if create
524 fill Rd->stuff with paswordHash and passwordSalt
525 if confirm
526 check if password hashess are the same
527
528
529
530
531
532freeSesh(Rd, linky, wipe)
533 linky - Rd->shs or Rd->lnk
534 %s/sessions/%s.lua or %s/sessions/%s.linky
535 wipe - wipe or delete session
536 wiping means remove session stuff from Rd->stuff
537 Which happens on - session failing to write, redirecting login form, showing login form if not confirm, vegOut (session timeout, bitchSession)
538
539newSesh(Rd, linky)
540 linky - old Rd->shs or a new Rd->lnk
541 setToken_n_munchie(Rd, linky); Only caller of setToken_n_munchie(Rd, linky);
542
543
544setToken_n_munchie(Rd, linky)
545 linky - Rd->shs or Rd->lnk
546 %s/sessions/%s.lua or %s/sessions/%s.linky
547 !linky - actually set the cookies.
548 if error writing session file - freeSesh(Rd, linky, TRUE);
549
550
551//validateSesh()
552sessionValidate()
553 bitchSession() for bad session things.
554 sets chillOut for validated session linky.
555 Rd->chillOut = TRUE;
556 freeSesh(Rd, linky, FALSE);
557 Rd->func = (pageBuildFunction) loginPage;
558 Rd->doit = "logout";
559 sets vegOut if the session timed out.
560
561//validatePassword()
562 sets chillOut for validated password on create.
563
564bitchSession() called if there's anything wrong with the session trackers, if we can't load / run the users Lua file,
565 sets vegOut
566
567account_HTML()
568 sets chillOut for POST confirm
569 createUser(Rd);
570 newSesh(Rd, TRUE);
571 Rd->chillOut = TRUE;
572 sets chillOut for POST login
573 Rd->chillOut = TRUE;
574
575
576 POST with no errors will
577 form == accountLogin freeSesh(Rd, FALSE, TRUE)
578 doit == login chillOut = TRUE
579 vegOut freeSesh(Rd, FALSE, TRUE);
580 else chillOut freeSesh(Rd, FALSE, FALSE); newSesh(Rd, FALSE);
581 else no Rd->shs.leaf newSesh(Rd, FALSE);
582 redirect to GET
583 otherwise
584 form == accountLogin
585 doit == confirm freeSesh(Rd, FALSE, TRUE)
586 newSesh(Rd, FALSE)
587 else if errors reeSesh(Rd, FALSE, FALSE) newSesh(Rd, FALSE)
588 show page
589
590
591
592LOGGED IN means that the session stored on disk has a valid UUID.
593 When creating a new user, we create a new UUID firstish.
594
595
596accountLoginWeb() / accountOut()
597 freeSesh(Rd, FALSE, TRUE)
598 newSesh(Rd, FALSE)
599
600accountView()
601 freeSesh(Rd, FALSE, FALSE)
602 newSesh(Rd, FALSE)
603
604accountAdd()
605 Note that this is in two parts, first they click "create" on login page, then "confirm" on the account creation page.
606
607
608
609Account creation
610 accountLoginWeb()
611 "create" ->
612 Show accountCreateWeb and await confirmation.
613 accountCreateWeb()
614 "confirm" -> accountAdd()
615 create UUID
616 create user
617 store user
618 wipe old session
619 store new session with UUID, user is logged in now
620 create linky
621 email linky
622 Show usual logged in page.
623 "cancel" ->
624
625
626-------------------------------------------------------------------
627
628
629Maybe - /opt/opensim_SC/var/cache/sessions/uuid-uuid-uuid-uuid.logged symlink to session.
630
631https://localhost/sledjchisl.fcgi/account.html?user=account_name
632https://localhost/sledjchisl.fcgi/account.html/users/account_name
633 logged in user is in the sesion, but they can view / vouch / edit / delete any other user depending on their access level
634
635
636For logged in user, at the top show their name as linky to their accountView http://localhost/sledjchisl.fcgi/account.html/users/account_name
637 That accountView offers edit / logout button, etc.
638 Display account stuff, but not edit it until they hit the edit button.
639
640When showing other users
641 accountView, with edit / delete buttons if logged in user is high enough level.
642
643-------------------------------------------------------------------
644-------------------------------------------------------------------
645-------------------------------------------------------------------
646
647
648BUGS!
649-----
650Redo the santize(), though that needs extensive changes each time we read Rd->cookies, Rd->queries, and Rd->body
651