From e423e0802cba7174c214c6c68d8838cbd5b06277 Mon Sep 17 00:00:00 2001
From: Isaac Connor <iconnor@pseudo.connortechnology.com>
Date: Thu, 29 Sep 2016 12:22:32 -0400
Subject: [PATCH] put back the needed sql and add a lot of debugging

---
 src/zm_user.cpp | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/src/zm_user.cpp b/src/zm_user.cpp
index d75969cd3..4ba5e7ac4 100644
--- a/src/zm_user.cpp
+++ b/src/zm_user.cpp
@@ -171,7 +171,7 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
 
   Debug( 1, "Attempting to authenticate user from auth string '%s'", auth );
   char sql[ZM_SQL_SML_BUFSIZ] = "";
-  snprintf( sql, sizeof(sql), "SELECT Username, Password FROM Users WHERE Enabled = 1" );
+  snprintf( sql, sizeof(sql), "SELECT Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds FROM Users WHERE Enabled = 1" );
 
   if ( mysql_query( &dbconn, sql ) )
   {
@@ -204,9 +204,16 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
     unsigned char md5sum[md5len];
 
     time_t now = time( 0 );
+    unsigned int hours =config.auth_hash_ttl;
 
-    for ( unsigned int i = 0; i < config.auth_hash_ttl; i++, now -= 3600 )
-    {
+    if ( ! hours ) {
+      Warning("No value set for ZM_AUTH_HASH_TTL. Defaulting to 2.");
+      hours = 2;
+    } else {
+      Debug( 1, "AUTH_HASH_TTL is %d", hours );
+    }
+
+    for ( unsigned int i = 0; i < hours; i++, now -= 3600 ) {
       struct tm *now_tm = localtime( &now );
 
       snprintf( auth_key, sizeof(auth_key), "%s%s%s%s%d%d%d%d", 
@@ -231,7 +238,7 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
       {
         sprintf( &auth_md5[2*j], "%02x", md5sum[j] );
       }
-      Debug( 1, "Checking auth_key '%s' -> auth_md5 '%s'", auth_key, auth_md5 );
+      Debug( 1, "Checking auth_key '%s' -> auth_md5 '%s' == '%s'", auth_key, auth_md5, auth );
 
       if ( !strcmp( auth, auth_md5 ) )
       {
@@ -239,11 +246,14 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
         User *user = new User( dbrow );
         Debug(1, "Authenticated user '%s'", user->getUsername() );
         return( user );
+      } else {
+        Debug(1, "No match for %s", auth );
       }
     }
   }
 #else // HAVE_DECL_MD5
   Error( "You need to build with gnutls or openssl installed to use hash based authentication" );
 #endif // HAVE_DECL_MD5
+  Debug(1, "No user found for auth_key %s", auth );
   return( 0 );
 }