package net.pterodactylus.sone.web.ajax;
+import java.util.UUID;
+
+import net.pterodactylus.sone.data.Sone;
+import net.pterodactylus.sone.web.WebInterface;
import net.pterodactylus.sone.web.page.Page;
import net.pterodactylus.util.json.JsonObject;
import net.pterodactylus.util.json.JsonUtils;
+import freenet.clients.http.SessionManager.Session;
+import freenet.clients.http.ToadletContext;
/**
* A JSON page is a specialized {@link Page} that will always return a JSON
/** The path of the page. */
private final String path;
+ /** The Sone web interface. */
+ protected final WebInterface webInterface;
+
/**
* Creates a new JSON page at the given path.
*
* @param path
* The path of the page
+ * @param webInterface
+ * The Sone web interface
*/
- public JsonPage(String path) {
+ public JsonPage(String path, WebInterface webInterface) {
this.path = path;
+ this.webInterface = webInterface;
+ }
+
+ //
+ // ACCESSORS
+ //
+
+ /**
+ * Returns the current session, creating a new session if there is no
+ * current session.
+ *
+ * @param toadletContenxt
+ * The toadlet context
+ * @return The current session, or {@code null} if there is no current
+ * session
+ */
+ protected Session getCurrentSession(ToadletContext toadletContenxt) {
+ return getCurrentSession(toadletContenxt, true);
+ }
+
+ /**
+ * Returns the current session, creating a new session if there is no
+ * current session and {@code create} is {@code true}.
+ *
+ * @param toadletContenxt
+ * The toadlet context
+ * @param create
+ * {@code true} to create a new session if there is no current
+ * session, {@code false} otherwise
+ * @return The current session, or {@code null} if there is no current
+ * session
+ */
+ protected Session getCurrentSession(ToadletContext toadletContenxt, boolean create) {
+ try {
+ Session session = webInterface.sessionManager().useSession(toadletContenxt);
+ if (create && (session == null)) {
+ session = webInterface.sessionManager().createSession(UUID.randomUUID().toString(), toadletContenxt);
+ }
+ return session;
+ } catch (freenet.clients.http.RedirectException re1) {
+ return null;
+ }
+ }
+
+ /**
+ * Returns the currently logged in Sone.
+ *
+ * @param toadletContext
+ * The toadlet context
+ * @return The currently logged in Sone, or {@code null} if no Sone is
+ * currently logged in
+ */
+ protected Sone getCurrentSone(ToadletContext toadletContext) {
+ Session session = getCurrentSession(toadletContext);
+ if (session == null) {
+ return null;
+ }
+ String soneId = (String) session.getAttribute("Sone.CurrentSone");
+ if (soneId == null) {
+ return null;
+ }
+ for (Sone sone : webInterface.core().getSones()) {
+ if (sone.getId().equals(soneId)) {
+ return sone;
+ }
+ }
+ return null;
}
//
*/
protected abstract JsonObject createJsonObject(Request request);
+ /**
+ * Returns whether this command needs the form password for authentication
+ * and to prevent abuse.
+ *
+ * @return {@code true} if the form password (given as “formPassword”) is
+ * required, {@code false} otherwise
+ */
+ protected boolean needsFormPassword() {
+ return true;
+ }
+
//
// PAGE METHODS
//
*/
@Override
public Response handleRequest(Request request) {
+ if (needsFormPassword()) {
+ String formPassword = request.getHttpRequest().getParam("formPassword");
+ if (!webInterface.getFormPassword().equals(formPassword)) {
+ return new Response(401, "Not authorized", "application/json", JsonUtils.format(new JsonObject().put("success", false).put("error", "auth-required")));
+ }
+ }
JsonObject jsonObject = createJsonObject(request);
return new Response(200, "OK", "application/json", JsonUtils.format(jsonObject));
}