2.2.4-beta build

ipk-source/sdxpinn-quecmanager-beta/root/www/cgi-bin/quecmanager/at_cmd/at_queue_client.sh

@@ -2,6 +2,7 @@
 # AT Queue Client for OpenWRT
 # Located in /www/cgi-bin/services/at_queue_client
 
+AUTH_FILE="/tmp/auth_success"
 QUEUE_DIR="/tmp/at_queue"
 RESULTS_DIR="$QUEUE_DIR/results"
 QUEUE_MANAGER="/www/cgi-bin/services/at_queue_manager.sh"
@@ -184,10 +185,35 @@ if [ "${SCRIPT_NAME}" != "" ]; then
     # Output headers only once at the beginning
     echo "Content-Type: application/json"
     echo ""
-    
+    # Get Token from Authorization Header
+    TOKEN="${HTTP_AUTHORIZATION}"
+    if [ ! -f $AUTH_FILE  ]; then
+        output_json "{\"error\":\"Unauthenticated Request\"}" "0"
+        exit 1
+    fi
+
+    if [ -z "$TOKEN" ] || "${TOKEN}" = "" || [ $(grep "${TOKEN}" "${AUTH_FILE}" | wc -l) -eq 0 ]; then
+        output_json "{\"error\":\"Not Authorized\"}" "0"
+        exit 1
+    fi
+
+    # Check if token is within 2 hours
+    TOKEN_LINE=$(grep "${TOKEN}" "${AUTH_FILE}")
+    TOKEN_DATE=$(echo "$TOKEN_LINE" | awk '{print $1}' | sed 's/T/ /')
+    TOKEN_TIME=$(date -d "$TOKEN_DATE" +%s 2>/dev/null)
+    NOW_TIME=$(date +%s)
+    MAX_AGE=$((2 * 3600)) # 2 hours in seconds
+
+    if [ -z "$TOKEN_TIME" ] || [ $((NOW_TIME - TOKEN_TIME)) -gt $MAX_AGE ]; then
+        output_json "{\"error\":\"Token expired\"}" "0"
+        # Cleanup/Remove token from file
+        sed -i -e "s/.*${TOKEN}.*//g" /tmp/auth_success 2>/dev/null
+        exit 1
+    fi
+
     # Parse query string
     eval $(echo "$QUERY_STRING" | sed 's/&/;/g')
-    
+
     # Handle different actions
     if [ -n "$command_id" ]; then
         # Get result for specific command ID
@@ -196,13 +222,13 @@ if [ "${SCRIPT_NAME}" != "" ]; then
         # URL decode and normalize the command
         command=$(urldecode "$command")
         command=$(normalize_at_command "$command")
-        
+
         # Check if it's a valid AT command
         if echo "$command" | grep -qi "^AT"; then
             # Submit command and get response
             response=$(submit_command "$command")
             cmd_id=$(get_command_id "$response")
-            
+
             if [ "$wait" = "1" ]; then
                 if [ -n "$cmd_id" ]; then
                     wait_for_completion "$cmd_id" "${timeout:-180}" "0"  # Don't show headers

ipk-source/sdxpinn-quecmanager-beta/root/www/cgi-bin/quecmanager/auth.sh

@@ -9,7 +9,7 @@ read -r POST_DATA
 
 # Debug log for generated hash
 DEBUG_LOG="/tmp/auth.log"
-
+AUTH_FILE="/tmp/auth_success"
 # Extract the password from POST data (URL encoded)
 USER="root"
 INPUT_PASSWORD=$(echo "$POST_DATA" | grep -o 'password=[^&]*' | cut -d= -f2-)
@@ -56,7 +56,34 @@ printf "Generated hash: %s\n" "$GENERATED_HASH" >> "$DEBUG_LOG"
 
 # Compare the generated hash with the one in the shadow file
 if [ "$GENERATED_HASH" = "$USER_HASH" ]; then
-    echo '{"state":"success"}'
+    TOKEN=$(head -c 16 /dev/urandom | hexdump -v -e '/1 "%02x"')
+    CREATED_DATE=$(date +"%Y-%m-%dT%H:%M:%S")
+    touch ${AUTH_FILE}
+    echo "${CREATED_DATE} ${TOKEN}" >> ${AUTH_FILE}
+    echo "" >> ${AUTH_FILE}
+    echo "{\"state\":\"success\",\"token\":\"${TOKEN}\"}"
 else
+    # Remove token from file
+    if [ -n ${TOKEN} ]; then
+        sed -i -e "s/.*${TOKEN}.*//g" ${AUTH_FILE} 2>/dev/null
+    fi
     echo '{"state":"failed", "message":"Authentication failed"}'
-fi
+fi
+
+# AUTH_FILE cleanup process, Remove any token lines older than 2 hours from AUTH_FILE
+MAX_AGE=$((2 * 3600)) # 2 hours in seconds
+NOW_TIME=$(date +%s)
+TMP_FILE=$(mktemp)
+while read -r line; do
+    if [ -n "$(echo "$line" | tr -d '[:space:]')" ]; then
+        # Extract the date from the line and convert it to a timestamp
+        TOKEN_DATE=$(echo "$line" | awk '{print $1}' | sed 's/T/ /')
+        TOKEN_TIME=$(date -d "$TOKEN_DATE" +%s 2>/dev/null)
+        # If date is valid and not older than MAX_AGE, keep the line
+        if [ -n "$TOKEN_TIME" ] && [ $((NOW_TIME - TOKEN_TIME)) -le $MAX_AGE ]; then
+            echo "$line" >> "$TMP_FILE"
+        fi
+    fi
+done < "$AUTH_FILE"
+
+mv "$TMP_FILE" "$AUTH_FILE"

ipk-source/sdxpinn-quecmanager-beta/root/www/cgi-bin/quecmanager/experimental/cell_scanner/clear_scan.sh

@@ -0,0 +1,99 @@
+#!/bin/sh
+
+# Set content type to JSON
+echo "Content-type: application/json" 
+echo ""
+
+# Configuration
+QUEUE_DIR="/tmp/at_queue"
+RESULTS_DIR="$QUEUE_DIR/results"
+RESULT_FILE="/tmp/qscan_result.json"
+PID_FILE="/tmp/cell_scan.pid"
+TOKEN_FILE="$QUEUE_DIR/token"
+
+# Function to log messages
+log_message() {
+    local level="${2:-info}"
+    logger -t at_queue -p "daemon.$level" "check_scan: $1"
+}
+
+# Function to output JSON response
+output_json() {
+    local status="$1"
+    local message="$2"
+
+    if [ "$status" = "success" ] && [ -f "$RESULT_FILE" ]; then
+        # Return the contents of the result file
+        cat "$RESULT_FILE"
+    else
+        printf '{"status":"%s","message":"%s","timestamp":"","output":""}\n' "$status" "$message"
+    fi
+}
+
+# Check for scan token holder
+check_token_holder() {
+    if [ -f "$TOKEN_FILE" ]; then
+        local current_holder=$(cat "$TOKEN_FILE" | jsonfilter -e '@.id' 2>/dev/null)
+        if [ -n "$current_holder" ] && echo "$current_holder" | grep -q "CELL_SCAN"; then
+            log_message "Cell scan token is active: $current_holder" "debug"
+            return 0
+        fi
+    fi
+    return 1
+}
+
+# Check if a scan is already in progress
+check_scan_progress() {
+    # First check PID file
+    if [ -f "$PID_FILE" ]; then
+        pid=$(cat "$PID_FILE")
+        if kill -0 "$pid" 2>/dev/null; then
+            log_message "Scan in progress (PID: $pid)" "info"
+            output_json "running" "Scan in progress"
+            exit 0
+        else
+            log_message "Removing stale PID file" "warn"
+            rm -f "$PID_FILE"
+        fi
+    fi
+
+    # Also check token holder
+    if check_token_holder; then
+        log_message "Scan in progress (Token active)" "info"
+        output_json "running" "Scan in progress (Token active)"
+        exit 0
+    fi
+}
+
+# Check for existing results
+check_results() {
+    if [ -f "$RESULT_FILE" ]; then
+        rm -f "$RESULT_FILE"  # Remove the result file if it exists
+        log_message "Result file removed" "info"
+        output_json "success" "Scan results removed"
+        exit 0
+    else
+        log_message "No result file found to clear" "info"
+        output_json "success" "No result file to clear"
+        exit 0
+    fi
+}
+
+# Main execution
+{
+    # First check if a scan is in progress
+    check_scan_progress
+
+    # Then check for existing results
+    check_results
+
+    # If no results and no running scan, indicate idle state
+    log_message "No active scan or recent results" "info"
+    output_json "success" "No active scan"
+    exit 0
+} || {
+    # Error handler
+    log_message "Failed to remove scan results" "error"
+    output_json "error" "Failed to remove scan results"
+    exit 1
+}

ipk-source/sdxpinn-quecmanager-beta/root/www/cgi-bin/quecmanager/logout.sh

@@ -0,0 +1,15 @@
+#!/bin/sh
+# Get token from Request Header Authorization
+USER_TOKEN="${HTTP_AUTHORIZATION}"
+# Remove token from file
+sed -i -e "s/.*${USER_TOKEN}.*//g" /tmp/auth_success 2>/dev/null
+
+echo "Content-Type: application/json"
+echo "Cache-Control: no-cache, no-store, must-revalidate"
+echo "Pragma: no-cache"
+echo "Expires: 0"
+echo ""
+
+
+
+echo '{"state":"success", "message":"Logged out successfully"}'