Support cow-token in browser-login modeHEADmaster

1 files changed, 8 insertions, 4 deletions

diff --git a/src/webview.cpp b/src/webview.cpp
index 54d19eb..9ebc1ba 100644
--- a/src/webview.cpp
+++ b/src/webview.cpp
@@ -15,9 +15,6 @@
 #include <QRegularExpression>
 #include <QWebPage>
 
-static QRegularExpression R_USER("^[a-z_A-Z][a-zA-Z0-9_@.-]{1,32}$");
-static QRegularExpression R_PASS("^[a-z0-9]{1,32}$");
-
 static QRegularExpression urlListToRegExp(const QStringList &list);
 
 // Override user-agent to make it appear mobile
@@ -137,6 +134,7 @@ void WebView::onLoadFinished(bool ok)
 	auto pass = this->page()->mainFrame()->documentElement().findFirst("#bwlp-password");
 	auto err = this->page()->mainFrame()->documentElement().findFirst("#bwlp-error");
 	auto hash = this->page()->mainFrame()->documentElement().findFirst("#bwlp-hash");
+	auto adminToken = this->page()->mainFrame()->documentElement().findFirst("#bwlp-cow-token");
 	if (!user.isNull() && !pass.isNull() && !hash.isNull()) {
 		if (hash.toPlainText() != QCryptographicHash::hash(_token.toLatin1(), QCryptographicHash::Md5).toHex()) {
 			qDebug() << " *** Invalid security hash ***";
@@ -145,8 +143,14 @@ void WebView::onLoadFinished(bool ok)
 		}
 		auto ustr = user.toPlainText();
 		auto upass = pass.toPlainText();
-		if (ustr.contains('@') && R_USER.match(ustr).hasMatch() && R_PASS.match(upass).hasMatch()) {
+		if (Global::isValidShibCreds(ustr, upass)) {
+			QString token = adminToken.toPlainText();
+			if (!token.isEmpty()) {
+				Global::writeCowToken(ustr, token);
+			}
 			emit startAuthentication(ustr, "shib=" + _token + upass);
+		} else {
+			emit triggerReset("Invalid user or passhash format");
 		}
 	} else if (!err.isNull()) {
 		this->stop();