diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/ValidateLogin.js b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/ValidateLogin.js index 934990f3..5bfd17bb 100644 --- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/ValidateLogin.js +++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/ValidateLogin.js @@ -46,20 +46,20 @@ wtv-visit: client:hangupphone` } } - if (user_id && !request_headers.query.initial_login && !request_headers.query.user_login) { + if (user_id != null && !request_headers.query.initial_login && !request_headers.query.user_login) { if (request_headers.query.password == "") { - headers = `500 Please enter your password and try again + headers = `403 Please enter your password and try again minisrv-no-mail-count: true `; } else if (ssid_sessions[socket.ssid].validateUserPassword(request_headers.query.password)) { - ssid_sessions[socket.ssid].setSessionData('password_valid', true) + ssid_sessions[socket.ssid].setUserLoggedIn(true); headers = `200 OK minisrv-no-mail-count: true Content-Type: text/html wtv-visit: ${gourl} `; } else { - headers = `500 The password you entered was incorrect. Please retype it and try again. + headers = `403 The password you entered was incorrect. Please retype it and try again. minisrv-no-mail-count: true `; } diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js index 6a52b1dc..5f0ebf51 100644 --- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js +++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js @@ -2,6 +2,7 @@ var minisrv_service_file = true; var gourl = null; if (!ssid_sessions[socket.ssid].isRegistered() && (!request_headers.query.guest_login || !minisrv_config.config.allow_guests)) gourl = "wtv-register:/splash?"; +var home_url = "wtv-home:/home?"; if (gourl) { headers = `200 OK @@ -30,8 +31,8 @@ else { var userid = '1' + Math.floor(Math.random() * 1000000000000000000); var messenger_enabled = 0; var messenger_authorized = 0; - if (request_headers.query.skip_splash) var home_url = "wtv-home:/home?"; - else var home_url = "wtv-home:/splash?"; + if (request_headers.query.skip_splash) gourl = "wtv-home:/home?"; + else gourl = "wtv-home:/splash?"; } else if (!ssid_sessions[socket.ssid].getSessionData("registered")) { var errpage = wtvshared.doErrorPage(400); headers = errpage[0]; @@ -42,10 +43,10 @@ else { var human_name = ssid_sessions[socket.ssid].getSessionData("subscriber_name") || nickname; var messenger_enabled = ssid_sessions[socket.ssid].getSessionData("messenger_enabled") || 0; var messenger_authorized = ssid_sessions[socket.ssid].getSessionData("messenger_authorized") || 0; - var home_url = "wtv-home:/splash?"; + var gourl = "wtv-home:/splash?"; } var limitedLogin = ssid_sessions[socket.ssid].lockdown; - var limitedLoginRegistered = (limitedLogin || (ssid_sessions[socket.ssid].isRegistered() && !ssid_sessions[socket.ssid].getSessionData('password_valid'))); + var limitedLoginRegistered = (limitedLogin || (ssid_sessions[socket.ssid].isRegistered() && !ssid_sessions[socket.ssid].isUserLoggedIn())); var offline_user_list = null; if (ssid_sessions[socket.ssid].isRegistered() && ssid_sessions[socket.ssid].user_id == 0) { var accounts = ssid_sessions[socket.ssid].listPrimaryAccountUsers(); @@ -61,7 +62,10 @@ else { offline_user_list = CryptoJS.enc.Latin1.parse(offline_user_list_str).toString(CryptoJS.enc.Base64); } - if (limitedLoginRegistered) var home_url = "wtv-head-waiter:/password?"; + if (limitedLoginRegistered) { + home_url = "wtv-head-waiter:/password?"; + gourl = home_url; + } data = ''; @@ -70,7 +74,7 @@ Connection: Keep-Alive wtv-expire-all: wtv-head-waiter: `; - if (!limitedLogin) { + if (!limitedLogin && !limitedLoginRegistered) { headers += `wtv-client-time-zone: GMT -0000 wtv-client-time-dst-rule: GMT wtv-client-date: `+ strftime("%a, %d %b %Y %H:%M:%S", new Date(new Date().toUTCString())) + ` GMT @@ -84,7 +88,7 @@ wtv-smartcard-inserted-message: Contacting service wtv-ssl-timeout: 240 wtv-login-timeout: 7200 `; - if (!limitedLogin) { + if (!limitedLogin && !limitedLoginRegistered) { ssid_sessions[socket.ssid].assignMailStore(); headers += getServiceString('all', { "exceptions": ["wtv-register"] }); if (offline_user_list) headers += "wtv-offline-user-list: " + offline_user_list + "\n"; @@ -109,7 +113,7 @@ wtv-messenger-enable: 0 wtv-ssl-log-url: wtv-log:/log `; - if (!limitedLogin) { + if (!limitedLogin && !limitedLoginRegistered) { headers += `wtv-bypass-proxy: false user-id: ${userid} wtv-human-name: ${human_name} @@ -134,7 +138,7 @@ wtv-inactive-timeout: 1440 } */ - if (!limitedLogin) { + if (!limitedLogin && !limitedLoginRegistered) { headers += "\nwtv-relogin-url: wtv-head-waiter:/relogin?relogin=true"; if (request_headers.query.guest_login) headers += "&guest_login=true"; @@ -146,10 +150,10 @@ wtv-inactive-timeout: 1440 headers += "\nwtv-home-url: " + home_url; } - if (ssid_sessions[socket.ssid].get('wtv-need-upgrade') != 'true' && !request_headers.query.reconnect && !limitedLogin) + if (ssid_sessions[socket.ssid].get('wtv-need-upgrade') != 'true' && !request_headers.query.reconnect && !limitedLogin && !limitedLoginRegistered) headers += "\nwtv-settings-url: wtv-setup:/get\n"; - if (!limitedLogin) { + if (!limitedLogin && !limitedLoginRegistered) { headers += `wtv-force-lightweight-targets: webtv.net:/ wtv-show-time-enabled: true wtv-allow-dsc: true @@ -161,6 +165,6 @@ wtv-wink-deferrer-retries: 3 wtv-name-server: 8.8.8.8`; } } - if (!request_headers.query.reconnect) headers += "\nwtv-visit: " + home_url; + if (!request_headers.query.reconnect) headers += "\nwtv-visit: " + gourl; headers += "\nContent-Type: text/html"; } \ No newline at end of file diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login.js b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login.js index 784284dc..706221e4 100644 --- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login.js +++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login.js @@ -1,4 +1,5 @@ var minisrv_service_file = true; +ssid_sessions[socket.ssid].setUserLoggedIn(false); var challenge_response, challenge_header = ""; if (socket.ssid !== null) ssid_sessions[socket.ssid].switchUserID(0); diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/relogin.js b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/relogin.js index 23bfa01d..27c69bfe 100644 --- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/relogin.js +++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/relogin.js @@ -1,4 +1,5 @@ var minisrv_service_file = true; +ssid_sessions[socket.ssid].setUserLoggedIn(false); var gourl = "wtv-1800:/preregister?"; if (request_headers.query.relogin) gourl += "relogin=true"; diff --git a/zefie_wtvp_minisrv/WTVClientSessionData.js b/zefie_wtvp_minisrv/WTVClientSessionData.js index e218e22d..12077a35 100644 --- a/zefie_wtvp_minisrv/WTVClientSessionData.js +++ b/zefie_wtvp_minisrv/WTVClientSessionData.js @@ -45,9 +45,10 @@ class WTVClientSessionData { "wtv-head-waiter:/relogin", "wtv-head-waiter:/ROMCache/Spacer.gif", "wtv-head-waiter:/ROMCache/NameStrip.gif", + "wtv-head-waiter:/images/PasswordBanner.gif", + "wtv-head-waiter:/ROMCache/UtilityBullet.gif", "wtv-head-waiter:/images/NameBanner.gif", "wtv-head-waiter:/bad-disk", - "wtv-head-waiter:/images/PasswordBanner.gif", "wtv-log:/log", ]; this.lockdownWhitelist.push(minisrv_config.config.unauthorized_url); @@ -402,10 +403,14 @@ class WTVClientSessionData { isUserLoggedIn() { if (!this.getUserPasswordEnabled()) return true; // no password is set so always validate - var password_valid = this.getSessionData("password_valid"); + var password_valid = this.get("password_valid"); return (password_valid); } + setUserLoggedIn(value) { + return this.set("password_valid", value); + } + saveSessionData(force_write = false, skip_merge = false) { if (this.isRegistered()) { if (!skip_merge) { diff --git a/zefie_wtvp_minisrv/app.js b/zefie_wtvp_minisrv/app.js index 93232518..c5621e30 100644 --- a/zefie_wtvp_minisrv/app.js +++ b/zefie_wtvp_minisrv/app.js @@ -412,7 +412,7 @@ async function processURL(socket, request_headers) { return; } - if (ssid_sessions[socket.ssid].isRegistered() && !ssid_sessions[socket.ssid].getSessionData('password_valid')) { + if (ssid_sessions[socket.ssid].isRegistered() && !ssid_sessions[socket.ssid].isUserLoggedIn()) { if (!ssid_sessions[socket.ssid].isAuthorized(shortURL,'login')) { // user is not fully logged in, and URL not authorized headers = "300 Unauthorized\n"; @@ -1112,7 +1112,7 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq ssid_sessions[socket.ssid].switchUserID(ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_store.user_id, true, false); } } else { - if (ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_b64 != headers["wtv-ticket"]) + if (ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_b64 != headers["wtv-ticket"]) { if (!ssid_sessions[socket.ssid].data_store.wtvsec_login.update_ticket) { if (minisrv_config.config.debug_flags.debug) console.log(" # New ticket from client"); ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_b64 = headers["wtv-ticket"]; @@ -1123,6 +1123,7 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq switchUserID(ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_store.user_id, true, false); } } + } } } }