login works and same config file from front and back

633532d4 · Francesc Guasch · e5964b57 · 633532d4 · 633532d4 · 633532d4
Commit 633532d4 authored Apr 29, 2016 by Francesc Guasch
--- a/README.md
+++ b/README.md
@@ -13,7 +13,12 @@ To run it in development mode issue those commands in two different terminals:
    $ morbo ./rvd_front.pl
    $ sudo ./bin/rvd_back.pl

+Connect to the server with a web browser at http://servername:3000/
+
 ### Production

 See docs/production.md

+### Operation
+
+See docs/operation.md
--- a/docs/INSTALL.md
+++ b/docs/INSTALL.md
@@ -18,19 +18,35 @@ Clone the sources:
 - libvirt-bin
 - libsys-virt-perl
 - libxml-libxml-perl
- cpanminus

+##Old debian
+
+In old debians and ubuntus Mojolicious is too outdated. Remove libmojolicious-perl and install the cpan release:
+
+    $ sudo apt-get purge libmojolicious-perl
+    $ sudo apt-get install cpanminus
    $ sudo cpanm Mojolicious

 #Mysql Database

-Create a database named "ravada". Review and run the sql files from the sql dir.
+Create a database named "ravada". 
+
+Grant all permissions to your user:
+
+    $ mysql -u root -p
+    mysql> grant all on ravada.* to frankie@'localhost' identified by 'figure a password';
+
+Review and run the sql files from the sql dir.

    $ mysqladmin create ravada
    $ cd sql
-    $ cat *.sql | mysql ravada
+    $ cat *.sql | mysql -p ravada

 #KVM backend

 Install KVM and virt-manager. Create new virtual machines (called domains) there.
 See docs/operation.md
+
+#Next
+
+Read docs/operation.md
--- a/docs/operation.md
+++ b/docs/operation.md
+
+#First run
+
+When the server is running connect it at http://servername:3000/
+
+Start creating a domain base for the users. As long as there are no, it will show this:
+
+    No base domains available
+
 #Domain Bases

 Domain bases are used to create virtual hosts. Build systems in the Hypervisor, then

--- a/lib/Ravada/Auth/SQL.pm
+++ b/lib/Ravada/Auth/SQL.pm
@@ -29,8 +29,16 @@ sub login {
    $sth->execute($login, sha1_hex($password));
    my ($found) = $sth->fetchrow;
    $sth->finish;
-    return if !$found;
-    return $found;
+    return $found   if $found;
+
+    $sth = $CON->dbh->prepare(
+       "SELECT name FROM users WHERE name=? AND password=password(?)");
+    $sth->execute($login, $password);
+    ($found) = $sth->fetchrow;
+    $sth->finish;
+    return $found   if $found;
+
+    return;
 }

 1;

--- a/rvd_front.pl
+++ b/rvd_front.pl
@@ -2,16 +2,18 @@
 use warnings;
 use strict;

+use Carp qw(confess);
 use Data::Dumper;
 use DBIx::Connector;
 use Getopt::Long;
 use Mojolicious::Lite;
+use YAML qw(LoadFile);

 use lib 'lib';

 use Ravada::Auth;

-my $FILE_CONFIG = "/etc/ravada_front.conf";
+my $FILE_CONFIG = "/etc/ravada.conf";
 my $help;
 GetOptions(
        config => \$FILE_CONFIG
@@ -23,12 +25,10 @@ if ($help) {
    exit;
 }

-our $CON = DBIx::Connector->new("DBI:mysql:ravada"
-                        ,undef,undef,{RaiseError => 1
-                        , PrintError=> 0 }) or die "I can't connect";
+our $CONFIG = LoadFile($FILE_CONFIG);
+our $CON;

 our $TIMEOUT = 120;
-my $config = plugin Config => {file => $FILE_CONFIG} if -e $FILE_CONFIG;

 init();
 ############################################################################3
@@ -41,7 +41,7 @@ any '/' => sub {

 any '/login' => sub {
    my $c = shift;
-    $c->render(data => "TODO");
+    return login($c);
 };

 any '/logout' => sub {
@@ -57,6 +57,34 @@ sub _logged_in {
    return 1 if $c->session('login');
 }

+sub login {
+    my $c = shift;
+
+    return quick_start($c)    if _logged_in($c);
+
+    my $login = $c->param('login');
+    my $password = $c->param('password');
+    my @error =();
+    if ($c->param('submit') && $login) {
+        push @error,("Empty login name")  if !length $login;
+        push @error,("Empty password")  if !length $password;
+    }
+
+    if ( $login && $password ) {
+        if (Ravada::Auth::login($login, $password)) {
+            $c->session('login' => $login);
+        } else {
+            push @error,("Access denied");
+        }
+    }
+    $c->render(
+                    template => 'bootstrap/login' 
+                      ,login => $login 
+                      ,error => \@error
+    );
+
+}
+
 sub quick_start {
    my $c = shift;

@@ -80,7 +108,7 @@ sub quick_start {
        }
    }
    return show_link($c, $id_base, $login)
-        if $c->param('submit') && _logged_in($c);
+        if $c->param('submit') && _logged_in($c) && defined $id_base;

    $c->render(
                    template => 'bootstrap/start' 
@@ -222,7 +250,7 @@ sub show_link {
    my $c = shift;
    my ($id_base, $name) = @_;

-    die "Empty id_base" if !$id_base;
+    confess "Empty id_base" if !$id_base;

    my $base_name = base_name($id_base)
        or die "Unkown id_base '$id_base'";
@@ -254,8 +282,19 @@ sub list_bases {
    return \%base;
 }

+sub _init_db {
+    my $db_user = ($CONFIG->{db}->{user} or getpwnam($>));;
+    my $db_password = ($CONFIG->{db}->{password} or undef);
+    $CON = DBIx::Connector->new("DBI:mysql:ravada"
+                        ,$db_user,$db_password,{RaiseError => 1
+                        , PrintError=> 0 }) or die "I can't connect";
+
+
+}
+
 sub init {
-    Ravada::Auth::init($config,$CON);
+    _init_db();
+    Ravada::Auth::init($CONFIG,$CON);
 }

 app->start;

--- a/sql/users.sql
+++ b/sql/users.sql
@@ -2,6 +2,9 @@ CREATE TABLE `users` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `name` char(255) NOT NULL,
  `password` char(255) DEFAULT NULL,
+  `change_password` char(1) DEFAULT 'N',
  PRIMARY KEY (`id`),
  UNIQUE KEY `name` (`name`)
 );
+
+INSERT INTO users (name,password,change_password) VALUES ( 'root',password('root'),'y');
--- a/templates/bootstrap/login.html.ep
+++ b/templates/bootstrap/login.html.ep
+
+<!DOCTYPE html>
+<html>
+%= include 'bootstrap/header'
+<body role="document">
+    %= include 'bootstrap/navigation'
+    <div class="container theme-showcase" role="main">
+    <div class="jumbotron">
+        <h2>Welcome to SPICE !</h2>
+        <form method="post">
+            User Name: <input name="login" value ="<%= $login %>" 
+                        type="text"><br/>
+            Password: <input type="password" name="password" value=""><br/>
+    
+            <input type="submit" name="submit" value="launch">
+        </form>
+% if (scalar @$error) {
+        <ul>
+%       for my $i (@$error) {
+            <li><%= $i %></li>
+%       }
+        </ul>
+% }
+
+    </div>
+    </div>
+    %= include 'bootstrap/scripts'
+</body>
+</html>
--- a/templates/bootstrap/start.html.ep
+++ b/templates/bootstrap/start.html.ep
@@ -13,13 +13,17 @@
                        type="text"><br/>
                Password: <input type="password" name="password" value=""><br/>
 %           }
-            Base: <select name="id_base">
-%           for my $option (sort keys %$base) {
-                <option value="<%= $option %>"><%= $base->{$option} %></option>
+%           if (keys %$base) {
+                Base: <select name="id_base">
+%               for my $option (sort keys %$base) {
+                    <option value="<%= $option %>"><%= $base->{$option} %></option>
+%               }
+                </select><br/>
+%           } else {
+                <b>Error :</b>  No base domains available.
 %           }
-            </select><br/>
+                <input type="submit" name="submit" value="launch">
    
-            <input type="submit" name="submit" value="launch">
        </form>
 % if (scalar @$error) {
        <ul>