projects / blerg.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Check auth for logout
[blerg.git] / http / http_blerg.c
diff --git a/http/http_blerg.c b/http/http_blerg.c
index f481671..e994574 100644 (file)
--- a/http/http_blerg.c
+++ b/http/http_blerg.c
@@ -532,9 +532,13 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
                        return MHD_YES;
                }
 
-               auth_logout(as->username);
-
-               return respond_JSON_Success(connection);
+               const char *given_token = MHD_lookup_connection_value(connection, MHD_COOKIE_KIND, "auth");
+               if (given_token != NULL && auth_check_token(as->username, given_token)) {
+                       auth_logout(as->username);
+                       return respond_JSON_Success(connection);
+               } else {
+                       return respond_JSON_Failure(connection);
+               }
        } else {
                return respond_404(connection);
        }
A simple log-oriented tagged-text database written in C