mirror of
https://github.com/wavelog/wavelog.git
synced 2026-03-22 18:27:16 +00:00
Merge pull request #1360 from int2001/lotw_cred_check
Adding ability to check LoTW-Credentials
This commit is contained in:
Joerg (DJ7NT)
@@ -469,7 +469,7 @@ class Lotw extends CI_Controller {
|
||||
private function loadFromFile($filepath, $station_ids, $display_view = "TRUE") {
|
||||
|
||||
// Figure out how we should be marking QSLs confirmed via LoTW
|
||||
$query = $query = $this->db->query('SELECT lotw_rcvd_mark FROM config');
|
||||
$query = $this->db->query('SELECT lotw_rcvd_mark FROM config');
|
||||
$q = $query->row();
|
||||
$config['lotw_rcvd_mark'] = $q->lotw_rcvd_mark;
|
||||
|
||||
@@ -723,6 +723,89 @@ class Lotw extends CI_Controller {
|
||||
}
|
||||
}
|
||||
|
||||
public function check_lotw_credentials () {
|
||||
$this->load->model('user_model');
|
||||
if(!$this->user_model->authorize(2)) {
|
||||
$this->session->set_flashdata('error', __("You're not allowed to do that!"));
|
||||
redirect('dashboard');
|
||||
exit();
|
||||
}
|
||||
$ret=[];
|
||||
$ret['status']='';
|
||||
|
||||
|
||||
$raw = file_get_contents("php://input");
|
||||
try {
|
||||
$obj = json_decode($raw,true);
|
||||
} catch (Exception $e) {
|
||||
$ret['status']='failed_wrongcall';
|
||||
log_message("Error",$ret['status']);
|
||||
} finally {
|
||||
$lotw_user=$obj['lotw_user'] ?? '';
|
||||
$lotw_pass=$obj['lotw_pass'] ?? '';
|
||||
}
|
||||
$raw='';
|
||||
|
||||
$pw_placeholder = '**********';
|
||||
if ($lotw_pass == $pw_placeholder) { // User comes with unaltered credentials - take them from database
|
||||
$query = $this->user_model->get_by_id($this->session->userdata('user_id'));
|
||||
$q = $query->row();
|
||||
$data['user_lotw_name'] = urlencode($q->user_lotw_name ?? '');
|
||||
$data['user_lotw_password'] = urlencode($q->user_lotw_password ?? '');
|
||||
} else {
|
||||
$data['user_lotw_name'] = urlencode($lotw_user ?? '');
|
||||
$data['user_lotw_password'] = urlencode($lotw_pass ?? '');
|
||||
}
|
||||
|
||||
if ((($data['user_lotw_name'] ?? '') != '') && (($data['user_lotw_password'] ?? '') != '') && ($ret['status'] != 'failed_wrongcall')) {
|
||||
|
||||
// Get URL for downloading LoTW
|
||||
$query = $query = $this->db->query('SELECT lotw_login_url FROM config');
|
||||
$q = $query->row();
|
||||
$lotw_url = $q->lotw_login_url;
|
||||
|
||||
// Validate that LoTW credentials are not empty
|
||||
// TODO: We don't actually see the error message
|
||||
if ($data['user_lotw_name'] == '' || $data['user_lotw_password'] == '') {
|
||||
$ret='No Creds set';
|
||||
}
|
||||
|
||||
// Build URL for LoTW report file
|
||||
$lotw_url .= "?";
|
||||
$lotw_url .= "login=" . $data['user_lotw_name'];
|
||||
$lotw_url .= "&password=" . $data['user_lotw_password'];
|
||||
|
||||
$ch = curl_init();
|
||||
curl_setopt($ch, CURLOPT_URL, $lotw_url);
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
|
||||
$content = curl_exec($ch);
|
||||
if ($content) {
|
||||
if(curl_errno($ch)) {
|
||||
$ret['status']='failed';
|
||||
$ret['details']== sprintf(__("LoTW login failed for user %s: %s."), $data['user_lotw_name'], curl_strerror(curl_errno($ch))." (".curl_errno($ch).")");
|
||||
} else if (str_contains($content,"Username/password incorrect</I>")) {
|
||||
$ret['status']='failed_wrong_creds';
|
||||
$ret['details']= sprintf(__("LoTW login failed for user %s: %s."), $data['user_lotw_name'], __("Username/password incorrect"));
|
||||
} else {
|
||||
$ret['status']='OK';
|
||||
$ret['details']= __("LoTW login OK!");
|
||||
}
|
||||
} else {
|
||||
$ret['status']='failed_na';
|
||||
$ret['details']= __("LoTW currently not available. Try again later.");
|
||||
}
|
||||
} else {
|
||||
if (($ret['status'] ?? '') == '') {
|
||||
$ret['status']='failed_nocred';
|
||||
$ret['details']= __("No LoTW credentials provided.");
|
||||
}
|
||||
}
|
||||
header("Content-type: application/json");
|
||||
echo json_encode($ret);
|
||||
return $ret;
|
||||
}
|
||||
|
||||
public function import() { // Is only called via frontend. Cron uses "upload". within download the download is called
|
||||
$this->load->model('user_model');
|
||||
$this->load->model('Stations');
|
||||
|
||||
@@ -706,16 +706,18 @@
|
||||
<div class="card-body">
|
||||
<div class="mb-3">
|
||||
<label><?= __("Logbook of The World (LoTW) Username"); ?></label>
|
||||
<input class="form-control" type="text" name="user_lotw_name" value="<?php if(isset($user_lotw_name)) { echo $user_lotw_name; } ?>" />
|
||||
<input class="form-control" type="text" name="user_lotw_name" id="user_lotw_name" value="<?php if(isset($user_lotw_name)) { echo $user_lotw_name; } ?>" />
|
||||
<?php if(isset($userlotwname_error)) { echo "<small class=\"badge bg-danger\">".$userlotwname_error."</small>"; } ?>
|
||||
</div>
|
||||
|
||||
<div class="mb-3">
|
||||
<label><?= __("Logbook of The World (LoTW) Password"); ?></label>
|
||||
<div class="input-group">
|
||||
<input class="form-control" type="password" name="user_lotw_password" value="<?php if(isset($user_lotw_password)) { echo $user_lotw_password; } ?>" />
|
||||
<input class="form-control" type="password" id="user_lotw_password" name="user_lotw_password" value="<?php if(isset($user_lotw_password)) { echo $user_lotw_password; } ?>" />
|
||||
<span class="input-group-btn"><button class="btn btn-default btn-pwd-showhide" type="button"><i class="fa fa-eye-slash"></i></button></span>
|
||||
<button class="btn btn-secondary" type="button" id="lotw_test_btn"><?= __("Test Login"); ?></button>
|
||||
</div>
|
||||
<div class="alert mt-3" style="display: none;" id="lotw_test_txt"></div>
|
||||
<?php if(isset($lotwpassword_error)) {
|
||||
echo "<small class=\"badge bg-danger\">".$lotwpassword_error."</small>";
|
||||
} else if (!isset($user_add)) { ?>
|
||||
|
||||
@@ -57,6 +57,44 @@ $(document).ready(function(){
|
||||
}, 300);
|
||||
});
|
||||
|
||||
$('#lotw_test_btn').click(function() {
|
||||
var btn_div = $('#lotw_test_btn');
|
||||
var msg_div = $('#lotw_test_txt');
|
||||
|
||||
msg_div.hide();
|
||||
msg_div.removeClass('alert-success alert-danger')
|
||||
btn_div.hide();
|
||||
btn_div.removeClass('alert-success alert-danger')
|
||||
|
||||
$.ajax({
|
||||
url: base_url + 'index.php/lotw/check_lotw_credentials',
|
||||
type: 'POST',
|
||||
contentType: "application/json",
|
||||
data: JSON.stringify({lotw_user: $("#user_lotw_name").val(), lotw_pass: $("#user_lotw_password").val()}),
|
||||
success: function(res) {
|
||||
if(res.status == 'OK') {
|
||||
btn_div.addClass('alert-success');
|
||||
msg_div.addClass('alert-success');
|
||||
msg_div.text(res.details);
|
||||
msg_div.show();
|
||||
btn_div.show();
|
||||
} else {
|
||||
btn_div.addClass('alert-danger');
|
||||
msg_div.addClass('alert-danger');
|
||||
msg_div.text('Error: '+res.details);
|
||||
msg_div.show();
|
||||
btn_div.show();
|
||||
}
|
||||
},
|
||||
error: function(res) {
|
||||
msg_div.addClass('alert-danger');
|
||||
msg_div.text('ERROR');
|
||||
msg_div.show();
|
||||
btn_div.show();
|
||||
},
|
||||
})
|
||||
});
|
||||
|
||||
$('.admin_pwd_reset').click(function() {
|
||||
var pwd_reset_user_name = $(this).data('username');
|
||||
var pwd_reset_user_callsign = $(this).data('callsign');
|
||||
|
||||
Reference in New Issue
Block a user