shithub: werc

ref: 6a11fe86feaaf80529add6f1e54705237bbf054f
dir: /bin/werclib.rc/

View raw version
fn get_lib_file {
    if(! ~ $#sitedir 0 && test -f $sitedir/_werc/lib/$1)
        echo -n $sitedir/_werc/lib/$1
    if not if(! ~ $#masterSite 0 && test -f $sitesdir/$masterSite/_werc/lib/$1)
        echo -n $sitesdir/$masterSite/_werc/lib/$1
    if not if(test -f lib/$1)
        echo -n lib/$1
    if not if(~ $#* 2)
        echo -n $2
    if not
        status='Can''t find lib file: '$1
}

fn template { awk -f bin/template.awk $* | rc $rcargs }

# Auth code
# TODO: check http://cookies.lcs.mit.edu/pubs/webauth:tr.pdf
allowed_user_chars='[a-zA-Z0-9_]'
# Cookie format: WERC_USER: name:timestamp:hash(name.timestamp.password)
# login_user can't be used from a template because it sets a cookie 
fn login_user {
    # Note: we set the cookie even if it is already there.
    if(get_user $*)
        set_cookie werc_user $"logged_user^':0:'^$"logged_password
}

# Check login status, if called with group arg we check membership too
fn check_user {
    get_user
    g=($* admin)
    _status=$status
    if(! ~ $"_status '')
        _status=(Not logged in: $"_status)
    if not if(! ~ $#* 0 && ! ~ $logged_user $* && ! grep -s '^'^$logged_user^'$' $werc_root/etc/users/$g/members >[2]/dev/null)
        _status=(User $logged_user not in: $*)
    status=$_status
}

# If not logged in, try to get user login info from POST or from cookie
fn get_user {
    if(~ $#logged_user 0) {
        if(~ $#* 2) {
            user_name=$1 
            user_password=$2
        }
        if not if(~ $REQUEST_METHOD POST)
            get_post_args user_name user_password

        if(~ $#user_name 0) { 
            ifs=':' { cu=`{ifs=$difs {get_cookie werc_user} | tr -d $NEW_LINE} }
            if(! ~ $#cu 0) {
                user_name=$cu(1) 
                user_password=$cu(3)
            }
        }
        auth_user $user_name $user_password
    }
    if not
        status=()
}

# Check if user_name and user_password represent a valid user account
# If valid, 'log in' by setting logged_user
fn auth_user {
    user_name=$1
    user_password=$2

    pfile=$werc_root/etc/users/$"user_name/password
    if(~ $#user_name 0 || ~ $#user_password 0)
        status=('Auth: missing user name or pass: '^$"user_name^' / '^$"user_password)
    if not if(! test -f $pfile)
        status=('Auth: cant find '^$pfile)
    if not if(! test -s $pfile || ! ~ $user_password `{cat $pfile})
        status=('Auth: Pass '$user_password' doesnt match '^`{cat $pfile})
    if not {
        logged_user=$user_name
        logged_password=$user_password
        dprint Auth: success
        status=()
    }
}

fn user_controls {
    echo User: $"logged_user
}


# .md '(meta-)data' extract
fn get_md_file_attr {
    sed -n '/^\* '$2': /p; /^\* '$2': /q; /^$/q' < $1
}

##########################################################################
##########################################################################
#app_blog_methods = ( _post index.rss )
#fn app_blog__post {
#    echo
#}
#
#app_blog___default {
#    if (~ $blog)
#    call_app blogpost
#}
#
## --
#app_blogpost_methods = ( comment  _edit )
#
#fn app_blogpost_comment {
#    call_app comments
#}
#
## --
#app_comments_methods = ( _post _edit )
#
#fn app_comments___default {
#
#}