projects
/
blerg.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Modify backend to use new auth cookie format
[blerg.git]
/
cgi
/
cgi_blerg.c
diff --git
a/cgi/cgi_blerg.c
b/cgi/cgi_blerg.c
index
ee0672b
..
95b1809
100644
(file)
--- a/
cgi/cgi_blerg.c
+++ b/
cgi/cgi_blerg.c
@@
-17,14
+17,15
@@
yajl_gen_config yajl_c = { 0, 0 };
yajl_gen_config yajl_c = { 0, 0 };
-int check_auth(const char *username) {
- if (username == NULL || username[0] == 0) {
+int check_auth(struct auth_cookie *ac) {
+ const char *given_cookie = cgi_getcookie("auth");
+
+ if (parse_auth_cookie(given_cookie, ac) != 1) {
respond_403();
return 0;
}
respond_403();
return 0;
}
- const char *given_token = cgi_getcookie("auth");
- if (!auth_check_token(username, given_token)) {
+ if (!auth_check_token(ac->name, ac->token)) {
respond_403();
return 0;
}
respond_403();
return 0;
}
@@
-109,6
+110,7
@@
int main(int argc, char *argv[]) {
char *request_method;
int ret, len;
struct url_info info;
char *request_method;
int ret, len;
struct url_info info;
+ struct auth_cookie ac;
char *data;
if (!blerg_init())
char *data;
if (!blerg_init())
@@
-213,8
+215,7
@@
int main(int argc, char *argv[]) {
exit(0);
}
exit(0);
}
- const char *username = cgi_getentrystr("username");
- if (!check_auth(username))
+ if (!check_auth(&ac))
exit(0);
if (path[4] == '/') {
exit(0);
if (path[4] == '/') {
@@
-228,7
+229,7
@@
int main(int argc, char *argv[]) {
exit(0);
}
exit(0);
}
- struct blerg *b = blerg_open(
user
name);
+ struct blerg *b = blerg_open(
ac.
name);
if (b == NULL) {
respond_JSON_Failure();
exit(0);
if (b == NULL) {
respond_JSON_Failure();
exit(0);
@@
-326,7
+327,7
@@
int main(int argc, char *argv[]) {
exit(0);
}
exit(0);
}
- printf("Set-Cookie: auth=%s
\r\n"
, token);
+ printf("Set-Cookie: auth=%s
/%s\r\n", username
, token);
free(token);
respond_JSON_Success();
free(token);
respond_JSON_Success();
@@
-336,16
+337,13
@@
int main(int argc, char *argv[]) {
exit(0);
}
exit(0);
}
- const char *username = cgi_getentrystr("username");
- if (!check_auth(username))
+ if (!check_auth(&ac))
exit(0);
exit(0);
- const char *given_token = cgi_getcookie("auth");
- auth_logout(username, given_token);
+ auth_logout(ac.name, ac.token);
respond_JSON_Success();
} else if (strncmp(path, "/subscribe", 10) == 0 || strncmp(path, "/unsubscribe", 12) == 0) {
respond_JSON_Success();
} else if (strncmp(path, "/subscribe", 10) == 0 || strncmp(path, "/unsubscribe", 12) == 0) {
- const char *username = cgi_getentrystr("username");
- if (!check_auth(username))
+ if (!check_auth(&ac))
exit(0);
if (path[1] == 'u') {
exit(0);
if (path[1] == 'u') {
@@
-360,7
+358,7
@@
int main(int argc, char *argv[]) {
exit(0);
}
exit(0);
}
- subscription_remove(
user
name, info.name);
+ subscription_remove(
ac.
name, info.name);
} else {
if (path[10] != '/') {
respond_404();
} else {
if (path[10] != '/') {
respond_404();
@@
-373,16
+371,15
@@
int main(int argc, char *argv[]) {
exit(0);
}
exit(0);
}
- subscription_add(
user
name, info.name);
+ subscription_add(
ac.
name, info.name);
}
respond_JSON_Success();
} else if (strncmp(path, "/feed", 6) == 0) {
}
respond_JSON_Success();
} else if (strncmp(path, "/feed", 6) == 0) {
- const char *username = cgi_getentrystr("username");
- if (!check_auth(username))
+ if (!check_auth(&ac))
exit(0);
int recs = 50;
exit(0);
int recs = 50;
- struct blergref *feedlist = subscription_list(
user
name, 0, &recs, -1);
+ struct blergref *feedlist = subscription_list(
ac.
name, 0, &recs, -1);
if (recs == 0) {
respond_simple_data("[]", 2);
if (recs == 0) {
respond_simple_data("[]", 2);
@@
-390,8
+387,7
@@
int main(int argc, char *argv[]) {
respond_blergref_list(feedlist, recs);
}
} else if (strncmp(path, "/status", 7) == 0) {
respond_blergref_list(feedlist, recs);
}
} else if (strncmp(path, "/status", 7) == 0) {
- const char *username = cgi_getentrystr("username");
- if (!check_auth(username))
+ if (!check_auth(&ac))
exit(0);
if (strncmp(request_method, "POST", 4) != 0) {
exit(0);
if (strncmp(request_method, "POST", 4) != 0) {
@@
-405,7
+401,7
@@
int main(int argc, char *argv[]) {
const char *clear = cgi_getentrystr("clear");
if (clear != NULL) {
const char *clear = cgi_getentrystr("clear");
if (clear != NULL) {
- struct blerg *b = blerg_open(
user
name);
+ struct blerg *b = blerg_open(
ac.
name);
if (strncmp(clear, "feed", 4) == 0) {
blerg_set_subscription_mark(b);
} else if (strncmp(clear, "mentioned", 9) == 0) {
if (strncmp(clear, "feed", 4) == 0) {
blerg_set_subscription_mark(b);
} else if (strncmp(clear, "mentioned", 9) == 0) {
@@
-417,13
+413,13
@@
int main(int argc, char *argv[]) {
g = yajl_gen_alloc(&yajl_c, NULL);
yajl_gen_map_open(g);
g = yajl_gen_alloc(&yajl_c, NULL);
yajl_gen_map_open(g);
- struct blerg *b = blerg_open(
user
name);
+ struct blerg *b = blerg_open(
ac.
name);
uint64_t subscription_mark = blerg_get_subscription_mark(b);
int mentioned = blerg_get_status(b, BLERGSTATUS_MENTIONED);
blerg_close(b);
yajl_gen_string(g, (unsigned char *)"feed_new", 8);
uint64_t subscription_mark = blerg_get_subscription_mark(b);
int mentioned = blerg_get_status(b, BLERGSTATUS_MENTIONED);
blerg_close(b);
yajl_gen_string(g, (unsigned char *)"feed_new", 8);
- yajl_gen_integer(g, subscription_count_items(
user
name) - subscription_mark);
+ yajl_gen_integer(g, subscription_count_items(
ac.
name) - subscription_mark);
yajl_gen_string(g, (unsigned char *)"mentioned", 9);
yajl_gen_bool(g, mentioned);
yajl_gen_string(g, (unsigned char *)"mentioned", 9);
yajl_gen_bool(g, mentioned);
@@
-439,7
+435,7
@@
int main(int argc, char *argv[]) {
yajl_gen_string(g, (unsigned char *)"subscribed", 10);
ret = parse_url_info(path + 8, &info);
if ((ret & URL_INFO_NAME) == 1) {
yajl_gen_string(g, (unsigned char *)"subscribed", 10);
ret = parse_url_info(path + 8, &info);
if ((ret & URL_INFO_NAME) == 1) {
- yajl_gen_bool(g, is_subscribed(
user
name, info.name));
+ yajl_gen_bool(g, is_subscribed(
ac.
name, info.name));
} else {
yajl_gen_bool(g, 0);
}
} else {
yajl_gen_bool(g, 0);
}
@@
-449,8
+445,7
@@
int main(int argc, char *argv[]) {
yajl_gen_free(g);
}
} else if (strncmp(path, "/passwd", 7) == 0) {
yajl_gen_free(g);
}
} else if (strncmp(path, "/passwd", 7) == 0) {
- const char *username = cgi_getentrystr("username");
- if (!check_auth(username))
+ if (!check_auth(&ac))
exit(0);
const char *password = cgi_getentrystr("password");
exit(0);
const char *password = cgi_getentrystr("password");
@@
-458,8
+453,8
@@
int main(int argc, char *argv[]) {
if (password == NULL || new_password == NULL) {
respond_JSON_Failure();
} else {
if (password == NULL || new_password == NULL) {
respond_JSON_Failure();
} else {
- if (auth_check_password(
user
name, password)) {
- auth_set_password(
user
name, new_password);
+ if (auth_check_password(
ac.
name, password)) {
+ auth_set_password(
ac.
name, new_password);
respond_JSON_Success();
} else {
respond_JSON_Failure();
respond_JSON_Success();
} else {
respond_JSON_Failure();