Refactored user I/O with signed inputs and NUPs. (#53)

src/usr/usr.cpp

@@ -1,6 +1,4 @@
 #include "../pchheader.hpp"
-#include "usr.hpp"
-#include "user_session_handler.hpp"
 #include "../jsonschema/usrmsg_helpers.hpp"
 #include "../sock/socket_server.hpp"
 #include "../sock/socket_session_handler.hpp"
@@ -8,6 +6,9 @@
 #include "../conf.hpp"
 #include "../crypto.hpp"
 #include "../hplog.hpp"
+#include "usr.hpp"
+#include "user_session_handler.hpp"
+#include "user_input.hpp"
 
 namespace jusrmsg = jsonschema::usrmsg;
 
@@ -43,14 +44,20 @@ std::string issue_challenge(const std::string sessionid)
     return msgstr;
 }
 
-bool verify_challenge(std::string_view message, sock::socket_session<user_outbound_message> *session)
+/**
+ * Verifies the given message for a previously issued user challenge.
+ * @param message Challenge response.
+ * @param session The socket session that received the response.
+ * @return 0 for successful verification. -1 for failure.
+ */
+int verify_challenge(std::string_view message, sock::socket_session<user_outbound_message> *session)
 {
     // The received message must be the challenge response. We need to verify it.
     auto itr = ctx.pending_challenges.find(session->uniqueid);
     if (itr == ctx.pending_challenges.end())
     {
         LOG_DBG << "No challenge found for the session " << session->uniqueid;
-        return false;
+        return -1;
     }
 
     std::string userpubkeyhex;
@@ -81,7 +88,7 @@ bool verify_challenge(std::string_view message, sock::socket_session<user_outbou
 
             LOG_INFO << "User connection " << session->uniqueid << " authenticated. Public key "
                      << userpubkeyhex;
-            return true;
+            return 0;
         }
         else
         {
@@ -93,18 +100,44 @@ bool verify_challenge(std::string_view message, sock::socket_session<user_outbou
         LOG_INFO << "Challenge verification failed " << session->uniqueid;
     }
 
-    return false;
+    return -1;
 }
 
-void handle_user_message(connected_user &user, std::string_view message)
+/**
+ * Processes a message sent by a connected user. This will be invoked by web socket on_message handler.
+ * @param user The authenticated user who sent the message.
+ * @param message The message sent by user.
+ * @return 0 on successful processing. -1 for failure.
+ */
+int handle_user_message(connected_user &user, std::string_view message)
 {
+    rapidjson::Document d;
+    if (jusrmsg::parse_user_message(d, message) == 0)
     {
-        std::lock_guard<std::mutex> lock(ctx.users_mutex);
-        //Add to the hashed input buffer list.
-        user.inputs.push_back(util::hash_buffer(message, user.pubkey));
+        // Message is a contract input message.
+        if (d[jusrmsg::FLD_TYPE] == jusrmsg::MSGTYPE_CONTRACT_INPUT)
+        {
+            std::string contentjson;
+            std::string sig;
+            if (jusrmsg::extract_signed_input_container(contentjson, sig, d) == 0)
+            {
+                std::lock_guard<std::mutex> lock(ctx.users_mutex);
+                
+                //Add to the submitted input list.
+                user.submitted_inputs.push_back(user_submitted_message(
+                    std::move(contentjson),
+                    std::move(sig)));
+                return 0;
+            }
+        }
+        else
+        {
+            LOG_DBG << "Invalid user message type: " << d[jusrmsg::FLD_TYPE].GetString();
+        }
     }
 
-    LOG_DBG << "Collected " << message.length() << " bytes from user";
+    // Bad message.
+    return -1;
 }
 
 /**