+ } else if (strncmp(path, "/login", 7) == 0) {
+ if (strcmp(request_method, "POST") != 0) {
+ respond_405();
+ exit(0);
+ }
+
+ const char *username = cgi_getentrystr("username");
+ const char *password = cgi_getentrystr("password");
+ if (username == NULL || username[0] == 0 ||
+ password == NULL || password[0] == 0) {
+ respond_JSON_Failure();
+ exit(0);
+ }
+
+ char *token = auth_login(username, password);
+ if (token == NULL) {
+ respond_JSON_Failure();
+ exit(0);
+ }
+
+ printf("Set-Cookie: auth=%s\r\n", token);
+ free(token);
+
+ respond_JSON_Success();
+ } else if (strncmp(path, "/logout", 8) == 0) {
+ if (strcmp(request_method, "POST") != 0) {
+ respond_405();
+ exit(0);
+ }
+
+ const char *username = cgi_getentrystr("username");
+ if (!check_auth(username))
+ exit(0);
+
+ const char *given_token = cgi_getcookie("auth");
+ auth_logout(username, given_token);
+ respond_JSON_Success();
+ } else if (strncmp(path, "/subscribe", 10) == 0 || strncmp(path, "/unsubscribe", 12) == 0) {
+ const char *username = cgi_getentrystr("username");
+ if (!check_auth(username))
+ exit(0);
+
+ if (path[1] == 'u') {
+ if (path[12] != '/') {
+ respond_404();
+ exit(0);
+ }
+
+ ret = parse_url_info(path + 13, &info);
+ if ((ret & URL_INFO_NAME) == 0) {
+ respond_404();
+ exit(0);
+ }
+
+ subscription_remove(username, info.name);
+ } else {
+ if (path[10] != '/') {
+ respond_404();
+ exit(0);
+ }
+
+ ret = parse_url_info(path + 11, &info);
+ if ((ret & URL_INFO_NAME) == 0) {
+ respond_404();
+ exit(0);
+ }
+
+ subscription_add(username, info.name);
+ }
+ respond_JSON_Success();
+ } else if (strncmp(path, "/feed", 6) == 0) {
+ const char *username = cgi_getentrystr("username");
+ if (!check_auth(username))
+ exit(0);
+
+ int recs = 50;
+ struct blergref *feedlist = subscription_list(username, 0, &recs, -1);
+
+ if (recs == 0) {
+ respond_simple_data("[]", 2);
+ } else {
+ respond_blergref_list(feedlist, recs);
+ }
+
+ struct blerg *b = blerg_open(username);
+ blerg_set_subscription_mark(b);
+ blerg_close(b);
+ } else if (strncmp(path, "/feedinfo", 9) == 0) {
+ const char *username = cgi_getentrystr("username");
+ if (!check_auth(username))
+ exit(0);
+
+ yajl_gen g = yajl_gen_alloc(&yajl_c, NULL);
+ yajl_gen_map_open(g);
+ if (path[9] == 0) {
+ struct blerg *b = blerg_open(username);
+ uint64_t subscription_mark = blerg_get_subscription_mark(b);
+ blerg_close(b);
+
+ yajl_gen_string(g, (unsigned char *)"new", 3);
+ yajl_gen_integer(g, subscription_count_items(username) - subscription_mark);
+ } else {
+ yajl_gen_string(g, (unsigned char *)"subscribed", 10);
+ ret = parse_url_info(path + 10, &info);
+ if ((ret & URL_INFO_NAME) == 1) {
+ yajl_gen_bool(g, is_subscribed(username, info.name));
+ } else {
+ yajl_gen_bool(g, 0);
+ }
+ }
+ yajl_gen_map_close(g);
+
+ const unsigned char *ybuf;
+ unsigned int content_len;
+ yajl_gen_get_buf(g, &ybuf, &content_len);
+
+ printf("Content-type: application/json\r\n");
+ printf("Content-length: %d\r\n\r\n", content_len);
+ fwrite(ybuf, content_len, 1, stdout);
+
+ yajl_gen_free(g);
+ } else if (strncmp(path, "/passwd", 7) == 0) {
+ const char *username = cgi_getentrystr("username");
+ if (!check_auth(username))
+ exit(0);
+
+ const char *password = cgi_getentrystr("password");
+ const char *new_password = cgi_getentrystr("new_password");
+ if (password == NULL || new_password == NULL) {
+ respond_JSON_Failure();
+ } else {
+ if (auth_check_password(username, password)) {
+ auth_set_password(username, new_password);
+ respond_JSON_Success();
+ } else {
+ respond_JSON_Failure();
+ }
+ }