diff options
author | Simon Rettberg | 2024-05-13 16:53:02 +0200 |
---|---|---|
committer | Simon Rettberg | 2024-05-13 16:53:02 +0200 |
commit | 1f49778cb04027b5b0d043f95561cb44c69b80f3 (patch) | |
tree | 2140f6fd1e26ef89316c5f636e9dd77b0c7411df /src/webview.cpp | |
parent | Handle cow-token on QRCode login (diff) | |
download | slxgreeter-master.tar.gz slxgreeter-master.tar.xz slxgreeter-master.zip |
Diffstat (limited to 'src/webview.cpp')
-rw-r--r-- | src/webview.cpp | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/src/webview.cpp b/src/webview.cpp index 54d19eb..9ebc1ba 100644 --- a/src/webview.cpp +++ b/src/webview.cpp @@ -15,9 +15,6 @@ #include <QRegularExpression> #include <QWebPage> -static QRegularExpression R_USER("^[a-z_A-Z][a-zA-Z0-9_@.-]{1,32}$"); -static QRegularExpression R_PASS("^[a-z0-9]{1,32}$"); - static QRegularExpression urlListToRegExp(const QStringList &list); // Override user-agent to make it appear mobile @@ -137,6 +134,7 @@ void WebView::onLoadFinished(bool ok) auto pass = this->page()->mainFrame()->documentElement().findFirst("#bwlp-password"); auto err = this->page()->mainFrame()->documentElement().findFirst("#bwlp-error"); auto hash = this->page()->mainFrame()->documentElement().findFirst("#bwlp-hash"); + auto adminToken = this->page()->mainFrame()->documentElement().findFirst("#bwlp-cow-token"); if (!user.isNull() && !pass.isNull() && !hash.isNull()) { if (hash.toPlainText() != QCryptographicHash::hash(_token.toLatin1(), QCryptographicHash::Md5).toHex()) { qDebug() << " *** Invalid security hash ***"; @@ -145,8 +143,14 @@ void WebView::onLoadFinished(bool ok) } auto ustr = user.toPlainText(); auto upass = pass.toPlainText(); - if (ustr.contains('@') && R_USER.match(ustr).hasMatch() && R_PASS.match(upass).hasMatch()) { + if (Global::isValidShibCreds(ustr, upass)) { + QString token = adminToken.toPlainText(); + if (!token.isEmpty()) { + Global::writeCowToken(ustr, token); + } emit startAuthentication(ustr, "shib=" + _token + upass); + } else { + emit triggerReset("Invalid user or passhash format"); } } else if (!err.isNull()) { this->stop(); |