Ajout sessions

2022-02-17 07:14:05 +01:00 · 2022-02-17 07:14:05 +01:00 · 7c2d1a82ca
commit 7c2d1a82ca
parent 4d8cb8d5c1
11 changed files with 493 additions and 156 deletions
--- a/README.md
+++ b/README.md
--- a/assets/private_test.html
+++ b/assets/private_test.html
@ -0,0 +1,5 @@
+<html>
+    <body>
+        <h1> BRAVO </h1>
+    </body>
+</html>
--- a/conf/sqlite3.conf
+++ b/conf/sqlite3.conf
@ -1,11 +1,11 @@
 # portal_user configuration

 server notls {
-	bind 192.168.1.6 8888
+	bind 127.0.0.1 8888
 	tls no
 }

-load		./sqlite3.so
+load		./sqlite3.so init

 http_body_max			1024000000
 http_body_disk_offload		1024000
@ -15,7 +15,18 @@ workers				1

 validator	v_login	regex		^[-_.a-zA-Z0-9]*$
 validator	v_password		function	v_password_func
+validator	v_session	function	v_session_validate
+
 pledge	wpath	cpath	flock 
+
+authentication auth_example {
+	authentication_type		cookie
+	authentication_value		session_id
+	authentication_validator	v_session
+	authentication_uri		/
+}
+
+
 domain * {
 	attach		notls

@ -27,6 +38,7 @@ domain * {
 	route /css/style.css asset_serve_style_css
 	route /js/theme-switcher.js asset_serve_theme_switcher_js
 	route /signup create_user
+        route /portal/bienvenue asset_serve_private_test_html auth_example

        params post / {
 		validate	login		v_login
--- a/kore.core
+++ b/kore.core
--- a/kore_access.log
+++ b/kore_access.log
@ -404,19 +404,71 @@
 192.168.1.100 - - [14/Feb/2022:20:32:58 +0700] "GET /signup HTTP/1.1" 200 1660 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
 192.168.1.100 - - [14/Feb/2022:20:32:58 +0700] "GET /css/style.css HTTP/1.1" 200 67719 "http://192.168.1.6:8888/signup" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
 192.168.1.100 - - [14/Feb/2022:20:32:58 +0700] "GET /js/theme-switcher.js HTTP/1.1" 200 807 "http://192.168.1.6:8888/signup" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:08:53 +0700] "GET / HTTP/1.1" 200 1640 "http://192.168.1.6:8888/" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:09:02 +0700] "POST / HTTP/1.1" 200 1656 "http://192.168.1.6:8888/" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:09:02 +0700] "GET /css/style.css HTTP/1.1" 304 0 "http://192.168.1.6:8888/" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:09:02 +0700] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://192.168.1.6:8888/" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:13:50 +0700] "GET /signup HTTP/1.1" 200 1660 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:13:50 +0700] "GET /css/style.css HTTP/1.1" 304 0 "http://192.168.1.6:8888/signup" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:13:50 +0700] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://192.168.1.6:8888/signup" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:23:42 +0700] "GET /signup HTTP/1.1" 200 1660 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:23:42 +0700] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://192.168.1.6:8888/signup" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:23:42 +0700] "GET /css/style.css HTTP/1.1" 200 67719 "http://192.168.1.6:8888/signup" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:23:53 +0700] "POST /signup HTTP/1.1" 200 1661 "http://192.168.1.6:8888/signup" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:23:53 +0700] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://192.168.1.6:8888/signup" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:23:53 +0700] "GET /css/style.css HTTP/1.1" 304 0 "http://192.168.1.6:8888/signup" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:27:14 +0700] "POST / HTTP/1.1" 200 1656 "http://192.168.1.6:8888/" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:27:14 +0700] "GET /css/style.css HTTP/1.1" 304 0 "http://192.168.1.6:8888/" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
-192.168.1.100 - - [15/Feb/2022:11:27:14 +0700] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://192.168.1.6:8888/" "Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0"
+127.0.0.1 - - [15/Feb/2022:05:03:33 +0100] "GET / HTTP/1.1" 200 1640 "-" "Mozilla/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36"
+127.0.0.1 - - [15/Feb/2022:05:03:33 +0100] "GET /css/style.css HTTP/1.1" 200 67719 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36"
+127.0.0.1 - - [15/Feb/2022:05:03:33 +0100] "GET /js/theme-switcher.js HTTP/1.1" 200 807 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36"
+127.0.0.1 - - [15/Feb/2022:05:03:44 +0100] "GET /signup HTTP/1.1" 200 1660 "-" "Mozilla/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36"
+127.0.0.1 - - [15/Feb/2022:05:03:44 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36"
+127.0.0.1 - - [15/Feb/2022:05:03:44 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36"
+127.0.0.1 - - [15/Feb/2022:05:42:53 +0100] "GET / HTTP/1.1" 200 1640 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:42:53 +0100] "GET /css/style.css HTTP/1.1" 200 67719 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:42:53 +0100] "GET /js/theme-switcher.js HTTP/1.1" 200 807 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:42:58 +0100] "GET /signup HTTP/1.1" 200 1660 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:42:58 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:42:58 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:43:12 +0100] "POST /signup HTTP/1.1" 200 1661 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:43:12 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:43:12 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:44:13 +0100] "GET / HTTP/1.1" 200 1640 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:44:13 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:44:13 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:44:23 +0100] "POST / HTTP/1.1" 200 1656 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:44:23 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:44:23 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:47:29 +0100] "POST / HTTP/1.1" 200 1660 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:47:29 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:05:47:29 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:07:42:55 +0100] "GET / HTTP/1.1" 200 1640 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:07:42:55 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:07:42:55 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:07:45:35 +0100] "GET /signup HTTP/1.1" 200 1660 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:07:45:35 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [15/Feb/2022:07:45:35 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:15:22 +0100] "GET / HTTP/1.1" 200 1640 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:15:22 +0100] "GET /css/style.css HTTP/1.1" 200 67719 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:15:22 +0100] "GET /js/theme-switcher.js HTTP/1.1" 200 807 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:16:12 +0100] "GET /portal/bienvenue HTTP/1.1" 302 0 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:16:12 +0100] "GET / HTTP/1.1" 200 1640 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:16:12 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:16:12 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:16:19 +0100] "POST / HTTP/1.1" 0 25 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:16:19 +0100] "POST / HTTP/1.1" 0 25 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:27:41 +0100] "GET /signup HTTP/1.1" 200 1660 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:27:41 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:27:41 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:27:56 +0100] "POST /signup HTTP/1.1" 0 25 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:28:00 +0100] "POST /signup HTTP/1.1" 0 25 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:30:08 +0100] "POST /signup HTTP/1.1" 0 25 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:30:12 +0100] "POST /signup HTTP/1.1" 0 25 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:47:55 +0100] "POST /signup HTTP/1.1" 200 1661 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:47:55 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:47:55 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/signup" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:48:01 +0100] "GET / HTTP/1.1" 200 1640 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:48:01 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:48:01 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:53:27 +0100] "GET / HTTP/1.1" 200 1640 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:53:27 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:53:27 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:54:36 +0100] "GET / HTTP/1.1" 200 1640 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:54:36 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:54:36 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:58:47 +0100] "GET / HTTP/1.1" 200 1640 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:58:47 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:05:58:47 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:06:17:23 +0100] "GET / HTTP/1.1" 200 1640 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:06:17:23 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:06:17:23 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:06:17:33 +0100] "POST / HTTP/1.1" 200 1656 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:06:17:33 +0100] "GET /css/style.css HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:06:17:33 +0100] "GET /js/theme-switcher.js HTTP/1.1" 304 0 "http://127.0.0.1:8888/" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
+127.0.0.1 - - [17/Feb/2022:06:17:51 +0100] "GET /portal/bienvenue HTTP/1.1" 200 63 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:95.0) Gecko/20100101 Firefox/95.0"
--- a/ktrace.out
+++ b/ktrace.out
--- a/src/sessions.h
+++ b/src/sessions.h
@ -0,0 +1,221 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include <limits.h>
+#include <string.h>
+#include <time.h>
+
+struct session_s {
+    char *session_id;
+    char *user;
+    struct session_s *next;
+};
+
+typedef struct session_s session_t;
+
+struct hashtable_s {
+    int size;
+    struct session_s **table;
+};
+
+typedef struct hashtable_s hashtable_t;
+
+static hashtable_t *ht_create( int size );
+static int ht_hash( hashtable_t *hashtable, char *session_id );
+static session_t *ht_newpair( char *session_id, char *user );
+static char *ht_get( hashtable_t *hashtable, char *session_id );
+static void ht_set( hashtable_t *hashtable, char *session_id, char *user );
+static void ht_delete (hashtable_t *hashtable, char *key);
+static char *gen_session_id(int len);
+static char *set_cookie_header( const char *champ, const char separator,
+                                const char *session_id);
+
+
+/* Create a new hashtable. */
+hashtable_t *ht_create( int size ) {
+    hashtable_t *hashtable = NULL;
+    int i;
+
+    if( size < 1 ) return NULL;
+
+    /* Allocate the table itself. */
+    if( ( hashtable = malloc( sizeof( hashtable_t ) ) ) == NULL ) {
+        return NULL;
+    }
+
+    /* Allocate pointers to the head nodes. */
+    if( ( hashtable->table = malloc( sizeof( session_t * ) * size ) ) == NULL ) {
+        return NULL;
+    }
+    for( i = 0; i < size; i++ ) {
+        hashtable->table[i] = NULL;
+    }
+
+    hashtable->size = size;
+
+    return hashtable;
+}
+
+/* Hash a string for a particular hash table. */
+int ht_hash( hashtable_t *hashtable, char *session_id ) {
+
+    unsigned long int hashval = 0;
+    int i = 0;
+
+    /* Convert our string to an integer */
+    while( hashval < ULONG_MAX && i < strlen( session_id ) ) {
+        hashval = hashval << 8;
+        hashval += session_id[ i ];
+        i++;
+    }
+
+    return hashval % hashtable->size;
+}
+
+/* Create a key-value pair. */
+session_t *ht_newpair( char *session_id, char *user ) {
+    session_t *newpair;
+
+    if( ( newpair = malloc( sizeof( session_t ) ) ) == NULL ) {
+        return NULL;
+    }
+
+    if( ( newpair->session_id = strdup( session_id ) ) == NULL ) {
+        return NULL;
+    }
+
+    if( ( newpair->user = strdup( user ) ) == NULL ) {
+        return NULL;
+    }
+
+    newpair->next = NULL;
+
+    return newpair;
+}
+
+/* Insert a key-value pair into a hash table. */
+static void ht_set( hashtable_t *hashtable, char *session_id, char *user ) {
+    int bin = 0;
+    session_t *newpair = NULL;
+    session_t *next = NULL;
+    session_t *last = NULL;
+
+    bin = ht_hash( hashtable, session_id );
+
+    next = hashtable->table[ bin ];
+
+    while( next != NULL && next->session_id != NULL && strcmp( session_id, next->session_id ) > 0 ) {
+        last = next;
+        next = next->next;
+    }
+
+    /* There's already a pair.  Let's replace that string. */
+    if( next != NULL && next->session_id != NULL && strcmp( session_id, next->session_id ) == 0 ) {
+
+        free( next->user );
+        next->user = strdup( user );
+
+        /* Nope, could't find it.  Time to grow a pair. */
+    } else {
+        newpair = ht_newpair( session_id, user );
+
+        /* We're at the start of the linked list in this bin. */
+        if( next == hashtable->table[ bin ] ) {
+            newpair->next = next;
+            hashtable->table[ bin ] = newpair;
+
+            /* We're at the end of the linked list in this bin. */
+        } else if ( next == NULL ) {
+            last->next = newpair;
+
+            /* We're in the middle of the list. */
+        } else  {
+            newpair->next = next;
+            last->next = newpair;
+        }
+    }
+}
+
+/* Retrieve a key-value pair from a hash table. */
+static char *ht_get( hashtable_t *hashtable, char *session_id ) {
+    int bin = 0;
+    session_t *pair;
+
+    bin = ht_hash( hashtable, session_id );
+
+    /* Step through the bin, looking for our value. */
+    pair = hashtable->table[ bin ];
+    while( pair != NULL && pair->session_id != NULL && strcmp( session_id, pair->session_id ) > 0 ) {
+        pair = pair->next;
+    }
+
+    /* Did we actually find anything? */
+    if( pair == NULL || pair->session_id == NULL || strcmp( session_id, pair->session_id ) != 0 ) {
+        return NULL;
+
+    } else {
+        return pair->user;
+    }
+
+}
+
+void ht_delete (hashtable_t *hashtable, char *key){
+
+    int bin = 0;
+    session_t *pair;
+    session_t *prec;
+
+    bin = ht_hash( hashtable, key );
+    /* Step through the bin, looking for our value. */
+    pair = hashtable->table[ bin ];
+    while( pair != NULL && pair->session_id != NULL && strcmp( key, pair->session_id ) > 0 ) {
+        prec = pair;
+        pair = pair->next;
+    }
+
+    /* Did we actually find anything? */
+    if( pair != NULL || pair->session_id != NULL || strcmp( key, pair->session_id ) == 0 ) {
+        free(pair->session_id);
+        free(pair->user);
+    }
+}
+
+char *gen_session_id(int len){
+
+    int index = 0;
+    char session_id[len];
+    char char1[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/,.-+=~`<>:";
+    int c_tmp = 0;
+    char *res;
+    srand((unsigned int)(time(NULL)));
+
+    for(index = 0; index < len; index++)
+    {
+        c_tmp = rand() % sizeof(char1) - 1;
+        session_id[index] = char1[c_tmp];
+    }
+
+    res = strdup(session_id);
+
+    return res;
+}
+
+char *set_cookie_header( const char *champ, const char separator,
+                         const char *session_id) {
+    int lch, lse;
+    int ls = 0;
+    char *result;
+    lch = strlen(champ);
+    lse = strlen(session_id);
+    if (separator)
+        ls = 1;
+    if ( (result = calloc(lch + ls + lse + 1, sizeof *result)) == NULL )
+        return NULL;
+
+    memcpy (result, champ, lch);
+    if (separator)
+        result[lch] = separator;
+
+    memcpy (result + lch + ls, session_id, lse + 1 );
+
+    return result;
+}
--- a/src/sqlite3.c
+++ b/src/sqlite3.c
@ -5,7 +5,9 @@
 #include <unistd.h>
 #include <sqlite3.h>
 #include "assets.h"
+#include "sessions.h"
 #include <pwd.h>
+
 #if defined(__linux__)

 #include <kore/seccomp.h>
@ -20,21 +22,38 @@ KORE_SECCOMP_FILTER("sqlite3",
                    );
 #endif

-
+int init(int state);
 int portal_user_load(struct http_request *);
 int v_password_func(struct http_request *, char *);
 int create_user(struct http_request *);
+int v_session_validate(struct http_request *, char *);
+
+
+hashtable_t *hashtable = NULL;
+
+int init(int state){
+
+    hashtable = ht_create( 65536 );
+
+
+    if( hashtable == NULL )
+        kore_log(LOG_ERR, "Can't create hastable sessions");
+        return (KORE_RESULT_ERROR);
+
+    return (KORE_RESULT_OK);
+}

 int create_user(struct http_request *req)
 {
-    struct kore_buf *b;
-    u_int8_t *d;
-    size_t len;
-    char *salt, *cryptpwd;
-    char *err_msg = 0;
-    char *user,*pwd,name[10];
-    sqlite3_stmt *res;
-    sqlite3 *db;
+    struct kore_buf *b = NULL;
+    u_int8_t *d = NULL;
+    size_t len = 0;
+    char *salt = NULL, *cryptpwd = NULL;
+    char *err_msg = NULL;
+    char *user = NULL, *pwd = NULL, name[10];
+    sqlite3_stmt *res = NULL;
+    sqlite3 *db = NULL;
+

    if (req->method == HTTP_METHOD_GET)
        http_populate_get(req);
@ -46,7 +65,7 @@ int create_user(struct http_request *req)


    if (req->method == HTTP_METHOD_GET) {
-	kore_buf_replace_string(b, "$msg$", "Toto", 4);
+        kore_buf_replace_string(b, "$msg$", "GO", 4);

        http_response_header(req, "content-type", "text/html");
        d = kore_buf_release(b, &len);
@ -58,25 +77,23 @@ int create_user(struct http_request *req)

    if (req->method == HTTP_METHOD_POST)
    {
-
-
        int rc = sqlite3_open("test.db", &db);

        if (rc != SQLITE_OK) {

-        	fprintf(stderr, "Cannot open database: %s\n", sqlite3_errmsg(db));
+            kore_log(LOG_ERR, "Cannot open database: %s\n", sqlite3_errmsg(db));
            sqlite3_close(db);

-        	return 1;
+            return (KORE_RESULT_ERROR);
        }
        //salt = crypt_gensalt("$2b$", 15, NULL, 0); //-> linux
        salt = bcrypt_gensalt(15); //-> openbsd

        if (salt == NULL) {
-        	perror("crypt_gensalt");
+            kore_log(LOG_ERR, "crypt_gensalt");
            exit(EXIT_FAILURE);
        }
-
+        kore_log(LOG_NOTICE, "bcrypt_salt réussi");

        (void)snprintf(name, sizeof(name), "login");
        http_argument_get_string(req, name, &user);
@ -86,29 +103,32 @@ int create_user(struct http_request *req)

        cryptpwd = crypt(pwd, salt);
        if (cryptpwd == NULL) {
-        	perror("crypt_gensalt");
+            kore_log(LOG_PERROR, "Can't encrypt password");
            exit(EXIT_FAILURE);
        }
-	printf("Encrypted: %s\n", cryptpwd);
+
+
+       kore_log(LOG_NOTICE, "Encrypted called %s", cryptpwd );
       char *sql = "INSERT INTO users VALUES(?,?);";

       rc = sqlite3_prepare_v2(db, sql, -1, &res, 0);

-    	if (rc == SQLITE_OK) {
+       if (rc == SQLITE_OK)
+       {
            sqlite3_bind_text(res, 1, user, -1, NULL);
            sqlite3_bind_text(res, 2, cryptpwd, -1, NULL);
-
-    	}else {
-        	fprintf(stderr, "Failed to execute statement: %s\n", sqlite3_errmsg(db));
+       }
+       else {
+            kore_log(LOG_ERR, "Failed to execute statement: %s\n", sqlite3_errmsg(db));
       }

       sqlite3_step(res);
       if (rc != SQLITE_OK ) {
-        	fprintf(stderr, "SQL error: %s\n", err_msg);
+            kore_log(LOG_ERR, "SQL error: %s\n", err_msg);
            sqlite3_finalize(res);
            sqlite3_free(err_msg);
            sqlite3_close(db);
-        	return 1;
+            return (KORE_RESULT_ERROR);
       }

       sqlite3_close(db);
@ -119,20 +139,24 @@ int create_user(struct http_request *req)

       return (KORE_RESULT_OK);
    }
+
    return (KORE_RESULT_ERROR);
+
 }

 int portal_user_load(struct http_request *req)
 {
-    struct kore_buf *b;
-    u_int8_t *d;
-    size_t len;
-    char *login,*pwd, name[10];
+    struct kore_buf *b = NULL;
+    u_int8_t *d = NULL;
+    size_t len = 0;
+    char *login = NULL, *pwd = NULL, name[10];
    char *err_msg = 0;
-    char salt[29], *cryptpwd;
-    int rc;
-    sqlite3_stmt *res;
-    sqlite3 *db;
+    char salt[29], *cryptpwd = NULL;
+    int rc = 0;
+    sqlite3_stmt *res= NULL;
+    sqlite3 *db = NULL;
+    char *cookie = NULL;
+    char *session_id = NULL;

    if (req->method == HTTP_METHOD_GET)
        http_populate_get(req);
@ -161,10 +185,10 @@ int portal_user_load(struct http_request *req)

        if (rc != SQLITE_OK)
        {
-        	fprintf(stderr, "Cannot open database: %s\n", sqlite3_errmsg(db));
+            kore_log(LOG_ERR, "Cannot open database: %s\n", sqlite3_errmsg(db));
            sqlite3_close(db);

-        	return 1;
+            return (KORE_RESULT_ERROR);
        }

        char *sql = "SELECT email_address, password FROM users WHERE email_address = ?";
@ -179,16 +203,16 @@ int portal_user_load(struct http_request *req)
        }
        else
        {
-        	fprintf(stderr, "Failed to execute statement: %s\n", sqlite3_errmsg(db));
+            kore_log(LOG_ERR, "Failed to execute statement: %s\n", sqlite3_errmsg(db));
        }

        sqlite3_step(res);
        if (rc != SQLITE_OK ) {
-        	fprintf(stderr, "SQL error: %s\n", err_msg);
+            kore_log(LOG_ERR, "SQL error: %s\n", err_msg);
            sqlite3_finalize(res);
            sqlite3_free(err_msg);
            sqlite3_close(db);
-        	return 1;
+            return (KORE_RESULT_ERROR);
        }

        (void)snprintf(name, sizeof(name), "password");
@ -200,7 +224,7 @@ int portal_user_load(struct http_request *req)

        cryptpwd = crypt(pwd, salt);
        if (cryptpwd == NULL) {
-        	perror("crypt_gensalt");
+            kore_log(LOG_PERROR, "Can't encrypt password");
            exit(EXIT_FAILURE);
        }

@ -208,17 +232,29 @@ int portal_user_load(struct http_request *req)
        if ( strcmp( (const char *)sqlite3_column_text(res, 1), cryptpwd) )
        {
            printf("mauvais mot de passe\n");
-		kore_buf_replace_string(b, "$msg$", "Erreur connection", 17);
-	}else 
-	{
-		kore_buf_replace_string(b, "$msg$", "Connection ok", 13);
-
+            kore_buf_replace_string(b, "$msg$", "Erreur de login ou mot de passe ", 17);
        }
+        else
+        {
+            kore_log(LOG_NOTICE, "on va faire le set cookie");
+            session_id = gen_session_id(30);
+            ht_set(hashtable, session_id, login);
+
+            kore_log(LOG_NOTICE, "on a ajouté le sessions dans la hastable");
+            cookie = set_cookie_header("session_id", '=', session_id);
+            kore_log(LOG_NOTICE, "on a set le cookie dans les headers");
+            kore_buf_replace_string(b, "$msg$", "BRAVO !!!", 13);
+            free(session_id);
+            kore_log(LOG_NOTICE, "set cookie OK");
+        }
+
        sqlite3_finalize(res);
        sqlite3_close(db);


        http_response_header(req, "content-type", "text/html");
+        if (cookie != NULL)
+            http_response_header(req, "set-cookie", cookie);
        d = kore_buf_release(b, &len);
        http_response(req, 200, d, len);
        kore_free(d);
@ -239,3 +275,14 @@ int v_password_func(struct http_request *req, char *data)
    return (KORE_RESULT_ERROR);

 }
+
+int
+v_session_validate(struct http_request *req, char *data)
+{
+    kore_log(LOG_NOTICE, "v_session_validate: %s", data);
+
+    if ( ht_get(hashtable, data) != NULL )
+        return (KORE_RESULT_OK);
+
+    return (KORE_RESULT_ERROR);
+}
--- a/test.db
+++ b/test.db
--- a/test.db.1
+++ b/test.db.1
--- a/tt.db
+++ b/tt.db