Change auth to allow multiple logins

[blerg.git] / common / auth.c

diff --git a/common/auth.c b/common/auth.c
index 26569fd..0dbe6a4 100644 (file)
--- a/common/auth.c
+++ b/common/auth.c
@@ -95,70 +95,56 @@ char *create_random_token() {
        return token;
 }
 
-int auth_login(const char *username, const char *password) {
+char * auth_login(const char *username, const char *password) {
        char filename[512];
        int token_fd;
 
        if (!auth_check_password(username, password))
-               return 0;
+               return NULL;
 
-       sprintf(filename, "%s/%s/token", DATA_PATH, username);
+       char *token = create_random_token();
+
+       sprintf(filename, "%s/%s/tokens", DATA_PATH, username);
+       if (access(filename, F_OK) != 0) {
+               if (mkdir(filename, 0700) == -1) {
+                       perror("Could not create auth token dir");
+                       return NULL;
+               }
+       }
+
+       sprintf(filename, "%s/%s/tokens/%s", DATA_PATH, username, token);
        token_fd = open(filename, O_WRONLY | O_CREAT, 0600);
        if (token_fd == -1) {
                perror("Could not open token");
-               return 0;
+               return NULL;
        }
-
-       char *token = create_random_token();
-       write(token_fd, token, TOKEN_SIZE * 2);
        close(token_fd);
-       free(token);
 
-       return 1;
+       return token;
 }
 
-int auth_logout(const char *username) {
+int auth_logout(const char *username, const char *token) {
        char filename[512];
 
        if (!valid_name(username))
                return 0;
 
-       sprintf(filename, "%s/%s/token", DATA_PATH, username);
+       sprintf(filename, "%s/%s/tokens", DATA_PATH, username);
+       if (access(filename, F_OK) != 0) {
+               return 0;
+       }
+
+       sprintf(filename, "%s/%s/tokens/%s", DATA_PATH, username, token);
        if (unlink(filename) == -1)
                return 0;
 
        return 1;
 }
 
-char *auth_get_token(const char *username) {
+int auth_check_token(const char *username, const char *given_token) {
        char filename[512];
-       char *token;
-       int token_fd;
 
-       if (!valid_name(username))
-               return 0;
+       sprintf(filename, "%s/%s/tokens/%s", DATA_PATH, username, given_token);
 
-       sprintf(filename, "%s/%s/token", DATA_PATH, username);
-       token_fd = open(filename, O_RDONLY, 0600);
-       if (token_fd == -1) {
-               perror("Could not open token");
-               return NULL;
-       }
-
-       token = malloc(TOKEN_SIZE * 2 + 1);
-       read(token_fd, token, TOKEN_SIZE * 2);
-       close(token_fd);
-
-       return token;
-}
-
-int auth_check_token(const char *username, const char *given_token) {
-       char *token = auth_get_token(username);
-       if (token != NULL && given_token != NULL) {
-               int ret = (strncmp(token, given_token, TOKEN_SIZE * 2) == 0);
-               free(token);
-               return ret;
-       } else {
-               return 0;
-       }
+       return (access(filename, F_OK) == 0);
 }