Change auth to allow multiple logins

[blerg.git] / http / http_blerg.c

diff --git a/http/http_blerg.c b/http/http_blerg.c
index 85a1e5b..a4226ab 100644 (file)
--- a/http/http_blerg.c
+++ b/http/http_blerg.c
@@ -521,12 +521,12 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
                if (as->username[0] == 0 || as->password[0] == 0)
                        return respond_JSON_Failure(connection);
 
-               if (!auth_login(as->username, as->password))
+               char *token = auth_login(as->username, as->password);
+               if (token == NULL)
                        return respond_JSON_Failure(connection);
 
                response = MHD_create_response_from_data(strlen(JSON_SUCCESS), JSON_SUCCESS, MHD_NO, MHD_NO);
 
-               char *token = auth_get_token(as->username);
                data = malloc(512);
                snprintf(data, 512, "auth=%s", token);
                MHD_add_response_header(response, "Set-Cookie", data);
@@ -548,7 +548,8 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
 
                struct auth_state *as = (struct auth_state *) *ptr;
 
-               auth_logout(as->username);
+               const char *given_token = MHD_lookup_connection_value(connection, MHD_COOKIE_KIND, "auth");
+               auth_logout(as->username, given_token);
                return respond_JSON_Success(connection);
        } else if (strncmp(url, "/subscribe", 10) == 0 || strncmp(url, "/unsubscribe", 12) == 0) {
                ret = process_and_check_auth(connection, method, upload_data, upload_data_size, ptr);