/***************************************************************************
- * Copyright (C) 2005-2013 by the Quassel Project *
+ * Copyright (C) 2005-2016 by the Quassel Project *
* devel@quassel-irc.org *
* *
* This program is free software; you can redistribute it and/or modify *
# include <QTcpServer>
#endif
+#include "authenticator.h"
#include "bufferinfo.h"
#include "message.h"
#include "oidentdconfiggenerator.h"
#include "storage.h"
#include "types.h"
+class CoreAuthHandler;
class CoreSession;
-class RemotePeer;
struct NetworkInfo;
class SessionThread;
class SignalProxy;
/*** Storage access ***/
// These methods are threadsafe.
+ //! Validate user
+ /**
+ * \param userName The user's login name
+ * \param password The user's uncrypted password
+ * \return The user's ID if valid; 0 otherwise
+ */
+ static inline UserId validateUser(const QString &userName, const QString &password) {
+ return instance()->_storage->validateUser(userName, password);
+ }
+
+ //! Authenticate user against auth backend
+ /**
+ * \param userName The user's login name
+ * \param password The user's uncrypted password
+ * \return The user's ID if valid; 0 otherwise
+ */
+ static inline UserId authenticateUser(const QString &userName, const QString &password) {
+ return instance()->_authenticator->validateUser(userName, password);
+ }
+
+ //! Add a new user, exposed so auth providers can call this without being the storage.
+ /**
+ * \param userName The user's login name
+ * \param password The user's uncrypted password
+ * \param authenticator The name of the auth provider service used to log the user in, defaults to "Database".
+ * \return The user's ID if valid; 0 otherwise
+ */
+ static inline UserId addUser(const QString &userName, const QString &password, const QString &authenticator = "Database") {
+ return instance()->_storage->addUser(userName, password, authenticator);
+ }
+
+ //! Does a comparison test against the authenticator in the database and the authenticator currently in use for a UserID.
+ /**
+ * \param userid The user's ID (note: not login name).
+ * \param authenticator The name of the auth provider service used to log the user in, defaults to "Database".
+ * \return True if the userid was configured with the passed authenticator, false otherwise.
+ */
+ static inline bool checkAuthProvider(const UserId userid, const QString &authenticator) {
+ return instance()->_storage->getUserAuthenticator(userid) == authenticator;
+ }
+
+ //! Change a user's password
+ /**
+ * \param userId The user's ID
+ * \param password The user's unencrypted new password
+ * \return true, if the password change was successful
+ */
+ static bool changeUserPassword(UserId userId, const QString &password);
+
+ //! Check if we can change a user password.
+ /**
+ * \param userID The user's ID
+ * \return true, if we can change their password, false otherwise
+ */
+ static bool canChangeUserPassword(UserId userId);
+
//! Store a user setting persistently
/**
* \param userId The users Id
}
- const QDateTime &startTime() const { return _startTime; }
+ static inline QDateTime startTime() { return instance()->_startTime; }
+ static inline bool isConfigured() { return instance()->_configured; }
+ static bool sslSupported();
+
+ /**
+ * Reloads SSL certificates used for connection with clients
+ *
+ * @return True if certificates reloaded successfully, otherwise false.
+ */
+ static bool reloadCerts();
+
+ static QVariantList backendInfo();
+ static QVariantList authenticatorInfo();
+
+ /**
+ * Checks if a storage backend is the default storage backend. This
+ * hardcodes this information into the core (not the client).
+ *
+ * \param backend The backend to check.
+ *
+ * @return True if storage backend is default, false otherwise.
+ */
+ static inline bool isStorageBackendDefault(const Storage *backend)
+ {
+ return (backend->displayName() == "SQLite") ? true : false;
+ }
+
+ static QString setup(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authenticator, const QVariantMap &authSetupMap);
static inline QTimer &syncTimer() { return instance()->_storageSyncTimer; }
*/
void syncStorage();
void setupInternalClientSession(InternalPeer *clientConnection);
+ QString setupCore(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authenticator, const QVariantMap &authSetupMap);
signals:
//! Sent when a BufferInfo is updated in storage.
void bufferInfoUpdated(UserId user, const BufferInfo &info);
- //! Relay From CoreSession::sessionState(const QVariant &). Used for internal connection only
- void sessionState(const QVariant &);
+ //! Relay from CoreSession::sessionState(). Used for internal connection only
+ void sessionState(const Protocol::SessionState &sessionState);
protected:
virtual void customEvent(QEvent *event);
void incomingConnection();
void clientDisconnected();
- bool initStorage(const QString &backend, QVariantMap settings, bool setup = false);
- bool initStorage(QVariantMap dbSettings, bool setup = false);
+ bool initStorage(const QString &backend, const QVariantMap &settings, bool setup = false);
+ bool initAuthenticator(const QString &backend, const QVariantMap &settings, bool setup = false);
-#ifdef HAVE_SSL
- void sslErrors(const QList<QSslError> &errors);
-#endif
- void socketError(QAbstractSocket::SocketError);
+ void socketError(QAbstractSocket::SocketError err, const QString &errorString);
+ void setupClientSession(RemotePeer *, UserId);
- void processClientMessage(const QVariant &data);
+ bool changeUserPass(const QString &username);
private:
Core();
void init();
static Core *instanceptr;
- SessionThread *createSession(UserId userId, bool restoreState = false);
- void setupClientSession(RemotePeer *peer, UserId uid);
+ SessionThread *sessionForUser(UserId userId, bool restoreState = false);
void addClientHelper(RemotePeer *peer, UserId uid);
//void processCoreSetup(QTcpSocket *socket, QVariantMap &msg);
QString setupCoreForInternalUsage();
- QString setupCore(QVariantMap setupData);
void registerStorageBackends();
bool registerStorageBackend(Storage *);
void unregisterStorageBackends();
void unregisterStorageBackend(Storage *);
+
+ void registerAuthenticators();
+ bool registerAuthenticator(Authenticator *);
+ void unregisterAuthenticators();
+ void unregisterAuthenticator(Authenticator *);
+
bool selectBackend(const QString &backend);
- void createUser();
- void changeUserPass(const QString &username);
- void saveBackendSettings(const QString &backend, const QVariantMap &settings);
+ bool selectAuthenticator(const QString &backend);
+ bool createUser();
+
+ bool saveBackendSettings(const QString &backend, const QVariantMap &settings);
+ void saveAuthenticatorSettings(const QString &backend, const QVariantMap &settings);
+
QVariantMap promptForSettings(const Storage *storage);
+ QVariantMap promptForSettings(const Authenticator *authenticator);
+ QVariantMap promptForSettings(QStringList keys, QVariantMap defaults);
- QHash<UserId, SessionThread *> sessions;
+private:
+ QSet<CoreAuthHandler *> _connectingClients;
+ QHash<UserId, SessionThread *> _sessions;
+
+ // Have both a storage backend and an authenticator backend.
Storage *_storage;
+ Authenticator *_authenticator;
QTimer _storageSyncTimer;
#ifdef HAVE_SSL
OidentdConfigGenerator *_oidentdConfigGenerator;
- QHash<RemotePeer *, QVariantMap> clientInfo;
-
QHash<QString, Storage *> _storageBackends;
+ QHash<QString, Authenticator *> _authenticators;
QDateTime _startTime;