diff options
author | Ed Tanous <edtanous@google.com> | 2023-08-08 04:16:25 +0300 |
---|---|---|
committer | Ed Tanous <edtanous@google.com> | 2023-08-25 23:19:04 +0300 |
commit | 0a4776cf59f26dce6eadfbfc792b70fcc907621b (patch) | |
tree | 8339aa727a5bd80e5782e950fd085bbbff694b43 /include | |
parent | 8e73b9064fdd414b9a71806a44f0e0f176b5a88d (diff) | |
download | bmcweb-0a4776cf59f26dce6eadfbfc792b70fcc907621b.tar.xz |
Remove phosphor-rest workarounds
Phosphor-rest is no longer supported by the project, and phosphor-webui,
which required some of these workarounds has been archived a year ago.
There's no reason to keep this login type, given that it was
undocumented.
NOTE: Upon inspection, it looks like webui-vue used the same hack.
[1] https://github.com/openbmc/webui-vue/blob/43e3bd26133b06ed117a3a3f10b2bc09e2c2aafc/src/store/modules/Authentication/AuthenticanStore.js#L41
Tested:
Combined with https://gerrit.openbmc.org/c/openbmc/webui-vue/+/65811
Webui Login succceeds.
Change-Id: Ie42380029e799e44b3a7404d4ec6d285b371402b
Signed-off-by: Ed Tanous <edtanous@google.com>
Diffstat (limited to 'include')
-rw-r--r-- | include/login_routes.hpp | 38 |
1 files changed, 9 insertions, 29 deletions
diff --git a/include/login_routes.hpp b/include/login_routes.hpp index b29abac00d..ae99757ef8 100644 --- a/include/login_routes.hpp +++ b/include/login_routes.hpp @@ -26,8 +26,6 @@ inline void handleLogin(const crow::Request& req, std::string_view username; std::string_view password; - bool looksLikePhosphorRest = false; - // This object needs to be declared at this scope so the strings // within it are not destroyed before we can use them nlohmann::json loginCredentials; @@ -72,7 +70,6 @@ inline void handleLogin(const crow::Request& req, { nlohmann::json::iterator userIt2 = dataIt->begin(); nlohmann::json::iterator passIt2 = dataIt->begin() + 1; - looksLikePhosphorRest = true; if (userIt2 != dataIt->end() && passIt2 != dataIt->end()) { @@ -110,7 +107,6 @@ inline void handleLogin(const crow::Request& req, } else if (contentType.starts_with("multipart/form-data")) { - looksLikePhosphorRest = true; ParserError ec = parser.parse(req); if (ec != ParserError::PARSER_SUCCESS) { @@ -171,31 +167,15 @@ inline void handleLogin(const crow::Request& req, persistent_data::PersistenceType::TIMEOUT, isConfigureSelfOnly); - if (looksLikePhosphorRest) - { - // Phosphor-Rest requires a very specific login - // structure, and doesn't actually look at the status - // code. - // TODO(ed).... Fix that upstream - - asyncResp->res.jsonValue["data"] = - "User '" + std::string(username) + "' logged in"; - asyncResp->res.jsonValue["message"] = "200 OK"; - asyncResp->res.jsonValue["status"] = "ok"; - - asyncResp->res.addHeader(boost::beast::http::field::set_cookie, - "XSRF-TOKEN=" + session->csrfToken + - "; SameSite=Strict; Secure"); - asyncResp->res.addHeader( - boost::beast::http::field::set_cookie, - "SESSION=" + session->sessionToken + - "; SameSite=Strict; Secure; HttpOnly"); - } - else - { - // if content type is json, assume json token - asyncResp->res.jsonValue["token"] = session->sessionToken; - } + asyncResp->res.addHeader(boost::beast::http::field::set_cookie, + "XSRF-TOKEN=" + session->csrfToken + + "; SameSite=Strict; Secure"); + asyncResp->res.addHeader(boost::beast::http::field::set_cookie, + "SESSION=" + session->sessionToken + + "; SameSite=Strict; Secure; HttpOnly"); + + // if content type is json, assume json token + asyncResp->res.jsonValue["token"] = session->sessionToken; } } else |