X-Git-Url: http://git.bytex64.net/?a=blobdiff_plain;f=http%2Fhttp_blerg.c;h=6abcc11492cca9b23c1e01db6b7d2409618f032b;hb=47813df4231604c941e960fb7275cf6bb02802d2;hp=e994574b8d8f7b4ae6fdfd04f124aae696489541;hpb=e2f51ade69169968d9d54d3b601527a51c66f6ba;p=blerg.git

diff --git a/http/http_blerg.c b/http/http_blerg.c
index e994574..6abcc11 100644
--- a/http/http_blerg.c
+++ b/http/http_blerg.c
@@ -20,6 +20,7 @@ struct auth_state {
 
 struct put_state {
 	struct MHD_PostProcessor *pp;
+	char username[33];
 	char *data;
 	int data_size;
 };
@@ -196,6 +197,10 @@ int POST_put_iterator(void *cls, enum MHD_ValueKind kind, const char *key, const
 		memcpy(ps->data + off, data, size);
 		if (ps->data_size == MAX_RECORD_SIZE)
 			return MHD_NO;
+	} else if (strncmp(key, "username", 9) == 0) {
+		if (size > 32) size = 32;
+		memcpy(ps->username, data, size);
+		ps->username[size] = 0;
 	}
 
 	return MHD_YES;
@@ -333,9 +338,6 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
 		return ret;
 	} else if (strncmp(url, "/put", 4) == 0) {
 		struct put_state *ps = (struct put_state *) *ptr;
-		char *username;
-		char password[33];
-
 		if (*ptr == NULL) {
 			if (strcmp(method, MHD_HTTP_METHOD_POST) != 0)
 				return respond_405(connection);
@@ -345,21 +347,11 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
 
 			*ptr = (void *) 1;
 
-			username = MHD_digest_auth_get_username(connection);
-			if (username == NULL)
-				return respond_401(connection, MHD_NO);
-			auth_get_password(username, password);
-
-			ret = MHD_digest_auth_check(connection, REALM, username, password, 300);
-			free(username);
-
-			if (ret == MHD_INVALID_NONCE || ret == MHD_NO)
-				return respond_401(connection, (ret == MHD_INVALID_NONCE) ? MHD_YES : MHD_NO);
-
 			struct put_state *ps = malloc(sizeof(struct put_state));
 			ps->data = NULL;
 			ps->data_size = 0;
 			ps->pp = MHD_create_post_processor(connection, 16384, &POST_put_iterator, ps);
+			ps->username[0] = 0;
 			*ptr = ps;
 			return MHD_YES;
 		}
@@ -370,21 +362,22 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
 			return MHD_YES;
 		}
 
-		if (ps->data == NULL || ps->data_size == 0)
+		if (ps->data == NULL || ps->data_size == 0 || ps->username[0] == 0)
 			return respond_JSON_Failure(connection);
 
-		username = MHD_digest_auth_get_username(connection);
-		struct blerg *b = blerg_open(username);
-		if (b == NULL)
+		const char *given_token = MHD_lookup_connection_value(connection, MHD_COOKIE_KIND, "auth");
+		if (!auth_check_token(ps->username, given_token))
 			return respond_JSON_Failure(connection);
-		if (blerg_store(b, ps->data, ps->data_size) == -1) {
-			blerg_close(b);
+
+		struct blerg *b = blerg_open(ps->username);
+		if (b == NULL)
 			return respond_JSON_Failure(connection);
-		}
+		ret = blerg_store(b, ps->data, ps->data_size);
 		blerg_close(b);
+		if (ret == -1)
+			return respond_JSON_Failure(connection);
 
 		MHD_destroy_post_processor(ps->pp);
-		free(username);
 		free(ps->data);
 		free(ps);
 		*ptr = NULL;
@@ -533,7 +526,7 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
 		}
 
 		const char *given_token = MHD_lookup_connection_value(connection, MHD_COOKIE_KIND, "auth");
-		if (given_token != NULL && auth_check_token(as->username, given_token)) {
+		if (auth_check_token(as->username, given_token)) {
 			auth_logout(as->username);
 			return respond_JSON_Success(connection);
 		} else {