+ } else if (strncmp(url, "/login", 7) == 0) {
+ struct auth_state *as = (struct auth_state *) *ptr;
+
+ if (as == NULL) {
+ if (strcmp(method, MHD_HTTP_METHOD_POST) != 0)
+ return respond_405(connection);
+
+ struct auth_state *as = malloc(sizeof(struct auth_state));
+ as->username[0] = as->password[0] = 0;
+ as->pp = MHD_create_post_processor(connection, 1024, &POST_auth_iterator, as);
+ *ptr = as;
+ return MHD_YES;
+ }
+
+ if (*upload_data_size) {
+ MHD_post_process(as->pp, upload_data, *upload_data_size);
+ *upload_data_size = 0;
+ return MHD_YES;
+ }
+
+ if (as->username[0] == 0 || as->password[0] == 0)
+ return respond_JSON_Failure(connection);
+
+ if (!auth_login(as->username, as->password))
+ return respond_JSON_Failure(connection);
+
+ response = MHD_create_response_from_data(strlen(JSON_SUCCESS), JSON_SUCCESS, MHD_NO, MHD_NO);
+
+ char *token = auth_get_token(as->username);
+ data = malloc(512);
+ snprintf(data, 512, "auth=%s", token);
+ MHD_add_response_header(response, "Set-Cookie", data);
+ free(token);
+ free(data);
+
+ MHD_destroy_post_processor(as->pp);
+ free(as);
+ *ptr = NULL;
+
+ ret = MHD_queue_response(connection, MHD_HTTP_OK, response);
+ MHD_destroy_response(response);
+
+ return ret;
+ } else if (strncmp(url, "/logout", 8) == 0) {
+ struct auth_state *as = (struct auth_state *) *ptr;
+
+ if (as == NULL) {
+ if (strcmp(method, MHD_HTTP_METHOD_POST) != 0)
+ return respond_405(connection);
+
+ struct auth_state *as = malloc(sizeof(struct auth_state));
+ as->username[0] = as->password[0] = 0;
+ as->pp = MHD_create_post_processor(connection, 1024, &POST_auth_iterator, as);
+ *ptr = as;
+ return MHD_YES;
+ }
+
+ if (*upload_data_size) {
+ MHD_post_process(as->pp, upload_data, *upload_data_size);
+ *upload_data_size = 0;
+ return MHD_YES;
+ }
+
+ const char *given_token = MHD_lookup_connection_value(connection, MHD_COOKIE_KIND, "auth");
+ if (auth_check_token(as->username, given_token)) {
+ auth_logout(as->username);
+ return respond_JSON_Success(connection);
+ } else {
+ return respond_JSON_Failure(connection);
+ }
+ } else if (strncmp(url, "/subscribe", 11) == 0 || strncmp(url, "/unsubscribe", 13) == 0) {
+ struct subscribe_state *ss = (struct subscribe_state *) *ptr;
+
+ if (ss == NULL) {
+ if (strcmp(method, MHD_HTTP_METHOD_POST) != 0)
+ return respond_405(connection);
+
+ struct subscribe_state *ss = malloc(sizeof(struct subscribe_state));
+ ss->username[0] = ss->to[0] = 0;
+ ss->pp = MHD_create_post_processor(connection, 1024, &POST_subscribe_iterator, ss);
+ *ptr = ss;
+ return MHD_YES;
+ }
+
+ if (*upload_data_size) {
+ MHD_post_process(ss->pp, upload_data, *upload_data_size);
+ *upload_data_size = 0;
+ return MHD_YES;
+ }
+
+ const char *given_token = MHD_lookup_connection_value(connection, MHD_COOKIE_KIND, "auth");
+ if (auth_check_token(ss->username, given_token)) {
+ if (url[1] == 'u') {
+ subscription_remove(ss->username, ss->to);
+ } else {
+ subscription_add(ss->username, ss->to);
+ }
+ return respond_JSON_Success(connection);
+ } else {
+ return respond_JSON_Failure(connection);
+ }
+ } else if (strncmp(url, "/feed", 6) == 0) {
+ struct auth_state *as = (struct auth_state *) *ptr;
+
+ if (as == NULL) {
+ if (strcmp(method, MHD_HTTP_METHOD_POST) != 0)
+ return respond_405(connection);
+
+ struct auth_state *as = malloc(sizeof(struct auth_state));
+ as->username[0] = as->password[0] = 0;
+ as->pp = MHD_create_post_processor(connection, 1024, &POST_auth_iterator, as);
+ *ptr = as;
+ return MHD_YES;
+ }
+
+ if (*upload_data_size) {
+ MHD_post_process(as->pp, upload_data, *upload_data_size);
+ *upload_data_size = 0;
+ return MHD_YES;
+ }
+
+ const char *given_token = MHD_lookup_connection_value(connection, MHD_COOKIE_KIND, "auth");
+ if (auth_check_token(as->username, given_token)) {
+ int recs = 50;
+ struct blergref *feedlist = subscription_list(as->username, 0, &recs, -1);
+
+ if (recs == 0) {
+ response = MHD_create_response_from_data(2, "[]", MHD_NO, MHD_NO);
+ } else {
+ response = create_blergref_response(feedlist, recs);
+ }
+
+ if (response == NULL)
+ return respond_JSON_Failure(connection);
+
+ ret = MHD_queue_response(connection, MHD_HTTP_OK, response);
+ MHD_destroy_response(response);
+
+ return ret;
+ } else {
+ return respond_JSON_Failure(connection);
+ }