From d5fa489b9cef1535a89cf0f09da9defd79d0c8e0 Mon Sep 17 00:00:00 2001
From: zefie <zefie@zefie.net>
Date: Sat, 7 Aug 2021 19:41:33 -0400
Subject: [PATCH] some more fixes to the registration/login system

---
 .../wtv-head-waiter/login-stage-two.js        | 35 ++++++++-----------
 .../wtv-register/FinishRegistration.js        |  2 +-
 zefie_wtvp_minisrv/app.js                     |  1 +
 3 files changed, 16 insertions(+), 22 deletions(-)

diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js
index 60e8ce45..e8e7df13 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js
@@ -12,29 +12,22 @@ if (socket.ssid != null && !ssid_sessions[socket.ssid].get("wtvsec_login")) {
 
 if (socket.ssid !== null) {
 	if (wtvsec_login.ticket_b64 == null) {
-		if (request_headers["wtv-ticket"]) {
-			if (request_headers["wtv-ticket"].length > 8) {
-				wtvsec_login.DecodeTicket(request_headers["wtv-ticket"]);
-				wtvsec_login.ticket_b64 = request_headers["wtv-ticket"];
+		challenge_response = wtvsec_login.challenge_response;
+		var client_challenge_response = request_headers["wtv-challenge-response"] || null;
+		if (challenge_response && client_challenge_response) {
+			if (challenge_response.toString(CryptoJS.enc.Base64) == client_challenge_response) {
+				console.log(" * wtv-challenge-response success for " + filterSSID(socket.ssid));
+				wtvsec_login.PrepareTicket();
+				if (!ssid_sessions[socket.ssid].getSessionData("registered") && !request_headers.query.guest_login) gourl = "wtv-register:/splash";
+
+			} else {
+				console.log(" * wtv-challenge-response FAILED for " + filterSSID(socket.ssid));
+				if (zdebug) console.log("Response Expected:", challenge_response.toString(CryptoJS.enc.Base64));
+				if (zdebug) console.log("Response Received:", client_challenge_response)
+				gourl = "wtv-head-waiter:/login?reissue_challenge=true";
 			}
 		} else {
-			challenge_response = wtvsec_login.challenge_response;
-			var client_challenge_response = request_headers["wtv-challenge-response"] || null;
-			if (challenge_response && client_challenge_response) {		
-				if (challenge_response.toString(CryptoJS.enc.Base64) == client_challenge_response) {
-					console.log(" * wtv-challenge-response success for " + filterSSID(socket.ssid));
-					wtvsec_login.PrepareTicket();
-					if (!ssid_sessions[socket.ssid].getSessionData("registered") && !request_headers.query.guest_login) gourl = "wtv-register:/splash";
-
-				} else {
-					console.log(" * wtv-challenge-response FAILED for " + filterSSID(socket.ssid));
-					if (zdebug) console.log("Response Expected:", challenge_response.toString(CryptoJS.enc.Base64));
-					if (zdebug) console.log("Response Received:", client_challenge_response)
-					gourl = "wtv-head-waiter:/login?reissue_challenge=true";
-				}
-			} else {
-				gourl = "wtv-head-waiter:/login?no_response=true";
-			}
+			gourl = "wtv-head-waiter:/login?no_response=true";
 		}
 	}
 }
diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-register/FinishRegistration.js b/zefie_wtvp_minisrv/ServiceVault/wtv-register/FinishRegistration.js
index 386398ff..1b4eb3b2 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-register/FinishRegistration.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-register/FinishRegistration.js
@@ -10,4 +10,4 @@ ${getServiceString('wtv-star')}
 wtv-relogin-url: wtv-1800:/preregister?relogin=true
 wtv-reconnect-url: wtv-1800:/preregister?reconnect=true
 wtv-boot-url: wtv-1800:/preregister?relogin=true
-Location: wtv-1800:/preregister?relogin=true`;
+Location: client:relogin`;
diff --git a/zefie_wtvp_minisrv/app.js b/zefie_wtvp_minisrv/app.js
index 78fce63d..b2c4071f 100644
--- a/zefie_wtvp_minisrv/app.js
+++ b/zefie_wtvp_minisrv/app.js
@@ -892,6 +892,7 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
                             if (zdebug) console.log(" # New ticket from client");
                             ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_b64 = headers["wtv-ticket"];
                             ssid_sessions[socket.ssid].data_store.wtvsec_login.DecodeTicket(ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_b64);
+                            ssid_sessions[socket.ssid].data_store.wtvsec_login.set_incarnation(headers["wtv-incarnation"]);
                         }
                     }
                 }