+ } else if (strncmp(path, "/login", 7) == 0) {
+ if (strcmp(request_method, "POST") != 0) {
+ respond_405();
+ exit(0);
+ }
+
+ const char *username = cgi_getentrystr("username");
+ const char *password = cgi_getentrystr("password");
+ if (username == NULL || username[0] == 0 ||
+ password == NULL || password[0] == 0) {
+ respond_JSON_Failure();
+ exit(0);
+ }
+
+ if (!auth_login(username, password)) {
+ respond_JSON_Failure();
+ exit(0);
+ }
+
+ char *token = auth_get_token(username);
+ printf("Set-Cookie: auth=%s\r\n", token);
+ free(token);
+
+ respond_JSON_Success();
+ } else if (strncmp(path, "/logout", 8) == 0) {
+ if (strcmp(request_method, "POST") != 0) {
+ respond_405();
+ exit(0);
+ }
+
+ const char *username = cgi_getentrystr("username");
+ if (username == NULL || username[0] == 0) {
+ respond_JSON_Failure();
+ exit(0);
+ }
+
+
+ const char *given_token = cgi_getcookie("auth");
+ if (auth_check_token(username, given_token)) {
+ auth_logout(username);
+ respond_JSON_Success();
+ } else {
+ respond_JSON_Failure();
+ }