Fix authentication, finish /put API.
[blerg.git] / http_blerg.c
1 #include <stdio.h>
2 #include <stdlib.h>
3 #include <string.h>
4 #include <microhttpd.h>
5 #include "database.h"
6 #include "tags.h"
7 #include "auth.h"
8
9 #define URL_INFO_AUTHOR 0x1
10 #define URL_INFO_RECORD 0x2
11 #define DERP "DERP DERP DERP"
12
13 struct create_state {
14         struct MHD_PostProcessor *pp;
15         char username[33];
16         char password[33];
17 };
18
19 struct put_state {
20         struct MHD_PostProcessor *pp;
21         char *data;
22         int data_size;
23 };
24
25 struct MHD_Response *response_401;
26 struct MHD_Response *response_404;
27 struct MHD_Response *response_405;
28 struct MHD_Response *response_JSON_Success;
29 struct MHD_Response *response_JSON_Failure;
30
31 void init_responses() {
32 #define CONTENT_401 "<html><head><title>401 Unauthorized</title></head><body><h1>401 Unauthorized</h1>DENIED</body></html>"
33         response_401 = MHD_create_response_from_data(strlen (CONTENT_401), CONTENT_401, MHD_NO, MHD_NO);  
34
35 #define CONTENT_404 "<html><head><title>404 Not Found</title></head><body><h1>404 Not Found</h1>I couldn't find that.</body></html>"
36         response_404 = MHD_create_response_from_data(strlen(CONTENT_404), CONTENT_404, MHD_NO, MHD_NO);
37
38 #define CONTENT_405 "<html><head><title>405 Method Not Allowed</title></head><body><h1>405 Method Not Allowed</h1>I'm sorry, Dave. I'm afraid I can't do that.</body></html>"
39         response_405 = MHD_create_response_from_data(strlen(CONTENT_405), CONTENT_405, MHD_NO, MHD_NO);
40
41 #define JSON_SUCCESS "{status: \"success\"}"
42         response_JSON_Success = MHD_create_response_from_data(strlen(JSON_SUCCESS), JSON_SUCCESS, MHD_NO, MHD_NO);
43
44 #define JSON_FAILURE "{status: \"failure\"}"
45         response_JSON_Failure = MHD_create_response_from_data(strlen(JSON_FAILURE), JSON_FAILURE, MHD_NO, MHD_NO);
46 }
47
48 #define REALM "Blerg"
49 #define OPAQUE "d29fb6db8f21a6e99903651a9f87470e"
50 int respond_401(struct MHD_Connection *connection, int signal_stale) {
51         return MHD_queue_auth_fail_response(connection, REALM, OPAQUE, response_401, signal_stale);    
52 }
53
54 int respond_404(struct MHD_Connection *connection) {
55         return MHD_queue_response(connection, MHD_HTTP_NOT_FOUND, response_404);
56 }
57
58 int respond_405(struct MHD_Connection *connection) {
59         return MHD_queue_response(connection, MHD_HTTP_METHOD_NOT_ALLOWED, response_405);
60 }
61
62 int respond_JSON_Success(struct MHD_Connection *connection) {
63         return MHD_queue_response(connection, MHD_HTTP_OK, response_JSON_Success);
64 }
65
66 int respond_JSON_Failure(struct MHD_Connection *connection) {
67         return MHD_queue_response(connection, MHD_HTTP_OK, response_JSON_Failure);
68 }
69
70 int parse_url_info(const char *url, char *author, uint64_t *record) {
71         const char *c;
72         int ret = 0;
73         int len;
74
75         c = strchr(url, '/');
76         if (c == NULL) {
77                 len = strlen(url);
78         } else {
79                 len = c - url;
80         }
81         if (len == 0)
82                 return 0;
83         memcpy(author, url, len);
84         author[len] = 0;
85         ret |= URL_INFO_AUTHOR;
86
87         if (c != NULL && c[1] != 0) {
88                 *record = strtoull(c + 1, NULL, 10);
89                 ret |= URL_INFO_RECORD;
90         }
91
92         return ret;
93 }
94
95 int POST_create_iterator(void *cls, enum MHD_ValueKind kind, const char *key, const char *filename, const char *content_type, const char *transfer_encoding, const char *data, uint64_t off, size_t size) {
96         struct create_state *cs = cls;
97
98         if (strncmp(key, "username", 9) == 0) {
99                 if (size > 32) size = 32;
100                 memcpy(cs->username, data, size);
101                 cs->username[size] = 0;
102         } else if (strncmp(key, "password", 9) == 0) {
103                 if (size > 32) size = 32;
104                 memcpy(cs->password, data, size);
105                 cs->password[size] = 0;
106         }
107
108         return MHD_YES;
109 }
110
111 int POST_put_iterator(void *cls, enum MHD_ValueKind kind, const char *key, const char *filename, const char *content_type, const char *transfer_encoding, const char *data, uint64_t off, size_t size) {
112         struct put_state *ps = cls;
113
114         if (strncmp(key, "data", 5) == 0) {
115                 ps->data_size = size;
116                 ps->data = malloc(size);
117                 memcpy(ps->data, data, size);
118                 return MHD_NO;
119         }
120
121         return MHD_YES;
122 }
123
124 static int
125 ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const char *method,
126           const char *version, const char *upload_data, size_t *upload_data_size, void **ptr) {
127         struct MHD_Response *response;
128         int ret, len;
129         char author[33];
130         uint64_t record;
131         char *data;
132
133         if (strncmp(url, "/get", 4) == 0 && strlen(url) > 4) {
134                 if (strcmp(method, MHD_HTTP_METHOD_GET) != 0)
135                         return MHD_NO;
136                 if (url[4] != '/')
137                         return respond_404(connection);
138                 ret = parse_url_info(url + 5, author, &record);
139                 if ((ret & URL_INFO_AUTHOR) == 0)
140                         return respond_404(connection);
141
142                 if (!blerg_exists(author))
143                         return respond_404(connection);
144
145                 if (ret & URL_INFO_RECORD) {
146                         if (*ptr == NULL) {
147                                 *ptr = (void *) 1;
148                                 return MHD_YES;
149                         } else {
150                                 *ptr == NULL;
151
152                                 struct blerg *b = blerg_open(author);
153                                 ret = blerg_fetch(b, record, &data, &len);
154                                 blerg_close(b);
155
156                                 if (ret == 0) {
157                                         return respond_404(connection);
158                                 } else {
159                                         response = MHD_create_response_from_data(len, data, MHD_YES, MHD_NO);
160                                         ret = MHD_queue_response(connection, MHD_HTTP_OK, response);
161                                 }
162                                 MHD_destroy_response(response);
163                                 return ret;
164                         }
165                 } else {
166                         if (*ptr == NULL) {
167                                 *ptr = (void*) 1;
168                                 return MHD_YES;
169                         } else {
170                                 *ptr == NULL;
171                                 response = MHD_create_response_from_data(strlen(DERP), DERP, MHD_NO, MHD_NO);
172                                 ret = MHD_queue_response(connection, MHD_HTTP_OK, response);
173                                 MHD_destroy_response(response);
174                                 return ret;
175                         }
176                 }
177         } else if (strncmp(url, "/put", 4) == 0) {
178                 struct put_state *ps = (struct put_state *) *ptr;
179                 char *username;
180                 char password[33];
181
182                 if (*ptr == NULL) {
183                         if (strcmp(method, MHD_HTTP_METHOD_POST) != 0)
184                                 return respond_405(connection);
185
186                         if (url[4] == '/')
187                                 return respond_404(connection);
188
189                         *ptr = (void *) 1;
190
191                         username = MHD_digest_auth_get_username(connection);
192                         if (username == NULL)
193                                 return respond_401(connection, MHD_NO);
194                         auth_get_password(username, password);
195
196                         ret = MHD_digest_auth_check(connection, REALM, username, password, 300);
197                         free(username);
198
199                         if (ret == MHD_INVALID_NONCE || ret == MHD_NO)
200                                 return respond_401(connection, (ret == MHD_INVALID_NONCE) ? MHD_YES : MHD_NO);
201
202                         struct put_state *ps = malloc(sizeof(struct put_state));
203                         ps->data = NULL;
204                         ps->pp = MHD_create_post_processor(connection, 4096, &POST_put_iterator, ps);
205                         *ptr = ps;
206                         return MHD_YES;
207                 }
208
209                 if (*upload_data_size) {
210                         MHD_post_process(ps->pp, upload_data, *upload_data_size);
211                         *upload_data_size = 0;
212                         return MHD_YES;
213                 }
214
215                 if (ps->data == NULL || ps->data_size == 0)
216                         return respond_JSON_Failure(connection);
217
218                 username = MHD_digest_auth_get_username(connection);
219                 struct blerg *b = blerg_open(username);
220                 if (b == NULL)
221                         return respond_JSON_Failure(connection);
222                 if (blerg_store(b, ps->data, ps->data_size) == -1) {
223                         blerg_close(b);
224                         return respond_JSON_Failure(connection);
225                 }
226                 blerg_close(b);
227
228                 MHD_destroy_post_processor(ps->pp);
229                 free(username);
230                 free(ps->data);
231                 free(ps);
232                 *ptr = NULL;
233
234                 return respond_JSON_Success(connection);
235         } else if (strncmp(url, "/create", 8) == 0) {
236                 struct create_state *cs = (struct create_state *) *ptr;
237
238                 if (cs == NULL) {
239                         if (strcmp(method, MHD_HTTP_METHOD_POST) != 0)
240                                 return respond_405(connection);
241
242                         struct create_state *cs = malloc(sizeof(struct create_state));
243                         cs->username[0] = cs->password[0] = 0;
244                         cs->pp = MHD_create_post_processor(connection, 1024, &POST_create_iterator, cs);
245                         *ptr = cs;
246                         return MHD_YES;
247                 }
248
249                 if (*upload_data_size) {
250                         MHD_post_process(cs->pp, upload_data, *upload_data_size);
251                         *upload_data_size = 0;
252                         return MHD_YES;
253                 }
254
255                 if (cs->username[0] == 0 || cs->password[0] == 0)
256                         return respond_JSON_Failure(connection);
257
258                 if (blerg_exists(cs->username))
259                         return respond_JSON_Failure(connection);
260
261                 struct blerg *b = blerg_open(cs->username);
262                 blerg_close(b);
263                 auth_set_password(cs->username, cs->password);
264
265                 MHD_destroy_post_processor(cs->pp);
266                 free(cs);
267                 *ptr = NULL;
268
269                 return respond_JSON_Success(connection);
270         } else {
271                 return respond_404(connection);
272         }
273 }
274
275
276 int main(int argc, char *argv[]) {
277         struct MHD_Daemon *daemon;
278         fd_set rs, ws, es;
279         int max;
280
281         init_responses();
282
283         daemon = MHD_start_daemon(MHD_USE_DEBUG, 8080, NULL, NULL, &ahc_derp, NULL, MHD_OPTION_END);
284         if (daemon == NULL) {
285                 fprintf(stderr, "Could not start web server\n");
286                 return 1;
287         }
288
289         while (1) {
290                 FD_ZERO(&rs); FD_ZERO(&ws); FD_ZERO(&es);
291                 if (MHD_get_fdset(daemon, &rs, &ws, &es, &max) != MHD_YES) {
292                         fprintf(stderr, "Fatal error getting fd sets\n");
293                         break;
294                 }
295                 select(max + 1, &rs, &ws, &es, NULL);
296                 MHD_run(daemon);
297         }
298         MHD_stop_daemon(daemon);
299         return 0;
300 }