+ return respond_JSON_Success(connection);
+ } else if (strncmp(url, "/login", 7) == 0) {
+ struct auth_state *as = (struct auth_state *) *ptr;
+
+ if (as == NULL) {
+ if (strcmp(method, MHD_HTTP_METHOD_POST) != 0)
+ return respond_405(connection);
+
+ struct auth_state *as = malloc(sizeof(struct auth_state));
+ as->username[0] = as->password[0] = 0;
+ as->pp = MHD_create_post_processor(connection, 1024, &POST_auth_iterator, as);
+ *ptr = as;
+ return MHD_YES;
+ }
+
+ if (*upload_data_size) {
+ MHD_post_process(as->pp, upload_data, *upload_data_size);
+ *upload_data_size = 0;
+ return MHD_YES;
+ }
+
+ if (as->username[0] == 0 || as->password[0] == 0)
+ return respond_JSON_Failure(connection);
+
+ if (!auth_login(as->username, as->password))
+ return respond_JSON_Failure(connection);
+
+ response = MHD_create_response_from_data(strlen(JSON_SUCCESS), JSON_SUCCESS, MHD_NO, MHD_NO);
+
+ char *token = auth_get_token(as->username);
+ data = malloc(512);
+ snprintf(data, 512, "auth=%s", token);
+ MHD_add_response_header(response, "Set-Cookie", data);
+ free(token);
+ free(data);
+
+ MHD_destroy_post_processor(as->pp);
+ free(as);
+ *ptr = NULL;
+
+ ret = MHD_queue_response(connection, MHD_HTTP_OK, response);
+ MHD_destroy_response(response);
+
+ return ret;
+ } else if (strncmp(url, "/logout", 8) == 0) {
+ struct auth_state *as = (struct auth_state *) *ptr;
+
+ if (as == NULL) {
+ if (strcmp(method, MHD_HTTP_METHOD_POST) != 0)
+ return respond_405(connection);
+
+ struct auth_state *as = malloc(sizeof(struct auth_state));
+ as->username[0] = as->password[0] = 0;
+ as->pp = MHD_create_post_processor(connection, 1024, &POST_auth_iterator, as);
+ *ptr = as;
+ return MHD_YES;
+ }
+
+ if (*upload_data_size) {
+ MHD_post_process(as->pp, upload_data, *upload_data_size);
+ *upload_data_size = 0;
+ return MHD_YES;
+ }
+
+ auth_logout(as->username);
+