#include "bs_util.h" using namespace std; int main() { Request req; Session se(req); Response res; json j; auto jsonfail=[&](int errcode,const std::string& dtl="") { jsonfail_func(j,errcode,dtl); }; do { if(!se.isReady()) { jsonfail(err_session); break; } if(!se.getUser().empty()) { /// Logged in... j["success"]=2; j["next_url"]="/booksys/mainpage.html"; break; } if(req.requestMethod!="POST") { jsonfail(err_method_not_supported); break; } postval(username); postval(password); startdb(); int count_val; if(conn.exec(make_str("select count(username) from bs_user where username='", username, "' and password='", password, "'"), SQLParseInt(count_val) )<0) { jsonfail(err_sql,"Step 1"); break; } if(count_val!=1) { jsonfail(err_data,"Auth Failed"); break; } /// Check if the user is allowed to login int account_status; if(conn.exec(make_str("select account_status from bs_user where username='", username, "'"), SQLParseInt(account_status))<0) { jsonfail(err_sql,"Step 2"); break; } if(account_status==0) { /// Act as auth failed (username or password wrong) when account is hidden. jsonfail(err_data,"Auth Failed"); break; } else if(account_status==1) { /// Banned jsonfail(err_data,"Your account is banned."); break; } /// Try to mark session logged in int ret; if((ret=se.setUser(username))<0) { jsonfail(err_session,make_str("Failed to set session, ret=",ret)); break; } if(account_status==2) { /// Need verify, redirect to account enable. j["success"]=3; j["next_url"]="/booksys/enable.html"; } else { j["success"]=1; j["next_url"]="/booksys/mainpage.html"; } } while(0); se.writeToResponse(res); res.content.append(j.dump()); return 0; }