summaryrefslogtreecommitdiffstats
path: root/src/webview.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/webview.cpp')
-rw-r--r--src/webview.cpp14
1 files changed, 9 insertions, 5 deletions
diff --git a/src/webview.cpp b/src/webview.cpp
index b178d73..9ebc1ba 100644
--- a/src/webview.cpp
+++ b/src/webview.cpp
@@ -15,9 +15,6 @@
#include <QRegularExpression>
#include <QWebPage>
-static QRegularExpression R_USER("^[a-z_A-Z][a-zA-Z0-9_@.-]{1,32}$");
-static QRegularExpression R_PASS("^[a-z0-9]{1,32}$");
-
static QRegularExpression urlListToRegExp(const QStringList &list);
// Override user-agent to make it appear mobile
@@ -137,6 +134,7 @@ void WebView::onLoadFinished(bool ok)
auto pass = this->page()->mainFrame()->documentElement().findFirst("#bwlp-password");
auto err = this->page()->mainFrame()->documentElement().findFirst("#bwlp-error");
auto hash = this->page()->mainFrame()->documentElement().findFirst("#bwlp-hash");
+ auto adminToken = this->page()->mainFrame()->documentElement().findFirst("#bwlp-cow-token");
if (!user.isNull() && !pass.isNull() && !hash.isNull()) {
if (hash.toPlainText() != QCryptographicHash::hash(_token.toLatin1(), QCryptographicHash::Md5).toHex()) {
qDebug() << " *** Invalid security hash ***";
@@ -145,8 +143,14 @@ void WebView::onLoadFinished(bool ok)
}
auto ustr = user.toPlainText();
auto upass = pass.toPlainText();
- if (ustr.contains('@') && R_USER.match(ustr).hasMatch() && R_PASS.match(upass).hasMatch()) {
+ if (Global::isValidShibCreds(ustr, upass)) {
+ QString token = adminToken.toPlainText();
+ if (!token.isEmpty()) {
+ Global::writeCowToken(ustr, token);
+ }
emit startAuthentication(ustr, "shib=" + _token + upass);
+ } else {
+ emit triggerReset("Invalid user or passhash format");
}
} else if (!err.isNull()) {
this->stop();
@@ -171,7 +175,7 @@ void WebView::reset(const QString baseUrl)
input.append((const char*)this, sizeof(*this));
input.append(QString().sprintf("%d %d", QCursor::pos().x(), QCursor::pos().y()));
input.append(QString::number(QDateTime::currentMSecsSinceEpoch()));
- _token = QCryptographicHash::hash(input, QCryptographicHash::Md5).chopped(8).toHex();
+ _token = QCryptographicHash::hash(input, QCryptographicHash::Md5).left(8).toHex();
q.addQueryItem("token", _token);
url.setQuery(q);
_urls.clear();
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-05-17 23:27:43 +0200