JlSonic/login.jl

using MD5
using HTTP
function getlogin(app, req)
    query = HTTP.URIs.queryparams(req[:query])
    username = string(get(query, "u", ""))
    token = get(query, "t", "")
    salt = get(query, "s", "")
    password = get(query, "p", "")
    req[:login] = Dict(:name => username,
                       :token => token,
                       :salt => salt,
                       :password => password,
                       :login => false)
    return app(req)
end

function checkpassword(app, req)
    # FIXME: do not hardcode the password here!
    password = "test"
    # @show bytes2hex(MD5.md5(string(password, salt)))
    # @show req[:login][:token]
    # @show req[:login][:salt]
    if !isempty(req[:login][:salt])
        if bytes2hex(MD5.md5(string(password, req[:login][:salt]))) ==
            req[:login][:token]
            req[:login][:login] = true
        end
    elseif !isempty(req[:login][:password])
        if startswith(req[:login][:password], "enc:")
            req[:login][:login] =
                String(hex2bytes(split(req[:login][:password], ":")[2])) == password
        else
            req[:login][:login] = password == req[:login][:password]
        end
    end
    return app(req)
end

sonic_login = stack(getlogin, checkpassword)
working 2019-05-17 20:22:01 +02:00			`using MD5`
			`using HTTP`
			`function getlogin(app, req)`
			`query = HTTP.URIs.queryparams(req[:query])`
			`username = string(get(query, "u", ""))`
			`token = get(query, "t", "")`
			`salt = get(query, "s", "")`
			`password = get(query, "p", "")`
			`req[:login] = Dict(:name => username,`
			`:token => token,`
			`:salt => salt,`
			`:password => password,`
			`:login => false)`
			`return app(req)`
			`end`

			`function checkpassword(app, req)`
			`# FIXME: do not hardcode the password here!`
			`password = "test"`
			`# @show bytes2hex(MD5.md5(string(password, salt)))`
			`# @show req[:login][:token]`
			`# @show req[:login][:salt]`
			`if !isempty(req[:login][:salt])`
			`if bytes2hex(MD5.md5(string(password, req[:login][:salt]))) ==`
			`req[:login][:token]`
			`req[:login][:login] = true`
			`end`
			`elseif !isempty(req[:login][:password])`
			`if startswith(req[:login][:password], "enc:")`
			`req[:login][:login] =`
			`String(hex2bytes(split(req[:login][:password], ":")[2])) == password`
			`else`
			`req[:login][:login] = password == req[:login][:password]`
			`end`
			`end`
			`return app(req)`
			`end`

			`sonic_login = stack(getlogin, checkpassword)`