From 3a9d0df75c383e4a0e961d45384079b07e7a1c82 Mon Sep 17 00:00:00 2001
From: Nathan Hourt <nat.hourt@gmail.com>
Date: Wed, 19 Aug 2015 11:16:22 -0400
Subject: [PATCH] [FWN] Create privileged API login for web UI

This resolves #249
---
 libraries/app/application.cpp                      | 10 ++++++++++
 libraries/app/include/graphene/app/application.hpp |  1 +
 programs/full_web_node/BlockChain.cpp              | 11 ++++++++++-
 programs/full_web_node/BlockChain.hpp              |  4 ++++
 programs/full_web_node/qml/main.qml                |  6 +++++-
 5 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/libraries/app/application.cpp b/libraries/app/application.cpp
index 51b861ed..00dc0dfc 100644
--- a/libraries/app/application.cpp
+++ b/libraries/app/application.cpp
@@ -313,6 +313,11 @@ namespace detail {
          return it->second;
       }
 
+      void set_api_access_info(const string& username, api_access_info&& permissions)
+      {
+         _apiaccess.permission_map.insert(std::make_pair(username, std::move(permissions)));
+      }
+
       /**
        * If delegate has the item, the network has no need to fetch it.
        */
@@ -668,6 +673,11 @@ optional< api_access_info > application::get_api_access_info( const string& user
    return my->get_api_access_info( username );
 }
 
+void application::set_api_access_info(const string& username, api_access_info&& permissions)
+{
+   my->set_api_access_info(username, std::move(permissions));
+}
+
 bool application::is_finished_syncing() const
 {
    return my->_is_finished_syncing;
diff --git a/libraries/app/include/graphene/app/application.hpp b/libraries/app/include/graphene/app/application.hpp
index 5c76d021..9518b608 100644
--- a/libraries/app/include/graphene/app/application.hpp
+++ b/libraries/app/include/graphene/app/application.hpp
@@ -76,6 +76,7 @@ namespace graphene { namespace app {
 
          void set_block_production(bool producing_blocks);
          fc::optional< api_access_info > get_api_access_info( const string& username )const;
+         void set_api_access_info(const string& username, api_access_info&& permissions);
 
          bool is_finished_syncing()const;
          /// Emitted when syncing finishes (is_finished_syncing will return true)
diff --git a/programs/full_web_node/BlockChain.cpp b/programs/full_web_node/BlockChain.cpp
index e2a0137b..0214c7f9 100644
--- a/programs/full_web_node/BlockChain.cpp
+++ b/programs/full_web_node/BlockChain.cpp
@@ -17,7 +17,9 @@
 BlockChain::BlockChain()
    : chainThread(new fc::thread("chainThread")),
      fcTaskScheduler(new QTimer(this)),
-     grapheneApp(new graphene::app::application)
+     grapheneApp(new graphene::app::application),
+     webUsername(QStringLiteral("webui")),
+     webPassword(QString::fromStdString(fc::sha256::hash(fc::ecc::private_key::generate())))
 {
    fcTaskScheduler->setInterval(100);
    fcTaskScheduler->setSingleShot(false);
@@ -50,6 +52,13 @@ void BlockChain::start()
          grapheneApp->initialize_plugins(map);
          grapheneApp->startup();
          grapheneApp->startup_plugins();
+
+         graphene::app::api_access_info webPermissions;
+         auto passHash = fc::sha256::hash(webPassword.toStdString());
+         webPermissions.password_hash_b64 = fc::base64_encode(passHash.data(), passHash.data_size());
+         webPermissions.password_salt_b64 = fc::base64_encode("");
+         webPermissions.allowed_apis = {"database_api", "network_broadcast_api", "network_node_api", "history_api"};
+         grapheneApp->set_api_access_info(webUsername.toStdString(), std::move(webPermissions));
       } catch (const fc::exception& e) {
          elog("Crap went wrong: ${e}", ("e", e.to_detail_string()));
       }
diff --git a/programs/full_web_node/BlockChain.hpp b/programs/full_web_node/BlockChain.hpp
index b1efef63..90c745ea 100644
--- a/programs/full_web_node/BlockChain.hpp
+++ b/programs/full_web_node/BlockChain.hpp
@@ -10,11 +10,15 @@ namespace fc { class thread; }
 namespace graphene { namespace app { class application; } }
 class BlockChain : public QObject {
    Q_OBJECT
+   Q_PROPERTY(QString webUsername MEMBER webUsername CONSTANT)
+   Q_PROPERTY(QString webPassword MEMBER webPassword CONSTANT)
 
    fc::thread* chainThread;
    QTimer* fcTaskScheduler;
    graphene::app::application* grapheneApp;
    fc::future<void> startFuture;
+   QString webUsername;
+   QString webPassword;
 
 public:
    BlockChain();
diff --git a/programs/full_web_node/qml/main.qml b/programs/full_web_node/qml/main.qml
index f19ea3ae..7c156cb9 100644
--- a/programs/full_web_node/qml/main.qml
+++ b/programs/full_web_node/qml/main.qml
@@ -12,7 +12,11 @@ Window {
 
    BlockChain {
       id: blockChain
-      onStarted: webView.url = "qrc:/index.html"
+      onStarted: {
+         var url = "qrc:/index.html#authTokens/" + webUsername + ":" + webPassword
+         console.log("Loading %1 in web view".arg(url))
+         webView.url = url
+      }
    }
    Component.onCompleted: blockChain.start()