commit 0a4776cf59f26dce6eadfbfc792b70fcc907621b
author Ed Tanous <edtanous@google.com> Mon Aug 07 18:16:25 2023 -0700
committer Ed Tanous <edtanous@google.com> Fri Aug 25 13:19:04 2023 -0700
tree 8339aa727a5bd80e5782e950fd085bbbff694b43
parent 8e73b9064fdd414b9a71806a44f0e0f176b5a88d

Remove phosphor-rest workarounds

Phosphor-rest is no longer supported by the project, and phosphor-webui,
which required some of these workarounds has been archived a year ago.
There's no reason to keep this login type, given that it was
undocumented.

NOTE: Upon inspection, it looks like webui-vue used the same hack.
[1] https://github.com/openbmc/webui-vue/blob/43e3bd26133b06ed117a3a3f10b2bc09e2c2aafc/src/store/modules/Authentication/AuthenticanStore.js#L41

Tested:
Combined with https://gerrit.openbmc.org/c/openbmc/webui-vue/+/65811
Webui Login succceeds.

Change-Id: Ie42380029e799e44b3a7404d4ec6d285b371402b
Signed-off-by: Ed Tanous <edtanous@google.com>

include/login_routes.hpp

diff --git a/include/login_routes.hpp b/include/login_routes.hpp
index b29abac..ae99757 100644
--- a/include/login_routes.hpp
+++ b/include/login_routes.hpp
@@ -26,8 +26,6 @@
     std::string_view username;
     std::string_view password;
 
-    bool looksLikePhosphorRest = false;
-
     // This object needs to be declared at this scope so the strings
     // within it are not destroyed before we can use them
     nlohmann::json loginCredentials;
@@ -72,7 +70,6 @@
                     {
                         nlohmann::json::iterator userIt2 = dataIt->begin();
                         nlohmann::json::iterator passIt2 = dataIt->begin() + 1;
-                        looksLikePhosphorRest = true;
                         if (userIt2 != dataIt->end() &&
                             passIt2 != dataIt->end())
                         {
@@ -110,7 +107,6 @@
     }
     else if (contentType.starts_with("multipart/form-data"))
     {
-        looksLikePhosphorRest = true;
         ParserError ec = parser.parse(req);
         if (ec != ParserError::PARSER_SUCCESS)
         {
@@ -171,31 +167,15 @@
                                    persistent_data::PersistenceType::TIMEOUT,
                                    isConfigureSelfOnly);
 
-            if (looksLikePhosphorRest)
-            {
-                // Phosphor-Rest requires a very specific login
-                // structure, and doesn't actually look at the status
-                // code.
-                // TODO(ed).... Fix that upstream
+            asyncResp->res.addHeader(boost::beast::http::field::set_cookie,
+                                     "XSRF-TOKEN=" + session->csrfToken +
+                                         "; SameSite=Strict; Secure");
+            asyncResp->res.addHeader(boost::beast::http::field::set_cookie,
+                                     "SESSION=" + session->sessionToken +
+                                         "; SameSite=Strict; Secure; HttpOnly");
 
-                asyncResp->res.jsonValue["data"] =
-                    "User '" + std::string(username) + "' logged in";
-                asyncResp->res.jsonValue["message"] = "200 OK";
-                asyncResp->res.jsonValue["status"] = "ok";
-
-                asyncResp->res.addHeader(boost::beast::http::field::set_cookie,
-                                         "XSRF-TOKEN=" + session->csrfToken +
-                                             "; SameSite=Strict; Secure");
-                asyncResp->res.addHeader(
-                    boost::beast::http::field::set_cookie,
-                    "SESSION=" + session->sessionToken +
-                        "; SameSite=Strict; Secure; HttpOnly");
-            }
-            else
-            {
-                // if content type is json, assume json token
-                asyncResp->res.jsonValue["token"] = session->sessionToken;
-            }
+            // if content type is json, assume json token
+            asyncResp->res.jsonValue["token"] = session->sessionToken;
         }
     }
     else