X-Git-Url: http://git.bytex64.net/?a=blobdiff_plain;f=http%2Fhttp_blerg.c;h=6fd8f11bb3891bf7eb8c944445ef35b4ef3fd6ec;hb=b4f3c5710795c0792e7e21659571002079acd133;hp=f4816715b6385868bb3e551000eb62cd61df6658;hpb=a65aeec9e6152703de9c770e56e689b1356cddb0;p=blerg.git

diff --git a/http/http_blerg.c b/http/http_blerg.c
index f481671..6fd8f11 100644
--- a/http/http_blerg.c
+++ b/http/http_blerg.c
@@ -1,3 +1,6 @@
+/* Blerg is (C) 2011 The Dominion of Awesome, and is distributed under a
+ * BSD-style license.  Please see the COPYING file for details.
+ */
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -20,6 +23,7 @@ struct auth_state {
 
 struct put_state {
 	struct MHD_PostProcessor *pp;
+	char username[33];
 	char *data;
 	int data_size;
 };
@@ -71,7 +75,7 @@ ssize_t GET_generate_list(void *cls, uint64_t pos, char *buf, size_t max) {
 	}
 
 	/* Snarf one record */
-	json_generate_one_record(gs->g, NULL, gs->b, gs->entries[gs->i]);
+	json_generate_one_record(gs->g, NULL, gs->b, gs->entries[gs->i], 0);
 
 	if (gs->i == 0) {
 		yajl_gen_array_close(gs->g);
@@ -132,7 +136,7 @@ ssize_t GET_generate_taglist(void *cls, uint64_t pos, char *buf, size_t max) {
 	/* Snarf one record */
 	b = blerg_open(ts->results[ts->i].author);
 	if (b != NULL) {
-		json_generate_one_record(ts->g, ts->results[ts->i].author, b, ts->results[ts->i].record);
+		json_generate_one_record(ts->g, ts->results[ts->i].author, b, ts->results[ts->i].record, 0);
 		blerg_close(b);
 	}
 
@@ -196,6 +200,10 @@ int POST_put_iterator(void *cls, enum MHD_ValueKind kind, const char *key, const
 		memcpy(ps->data + off, data, size);
 		if (ps->data_size == MAX_RECORD_SIZE)
 			return MHD_NO;
+	} else if (strncmp(key, "username", 9) == 0) {
+		if (size > 32) size = 32;
+		memcpy(ps->username, data, size);
+		ps->username[size] = 0;
 	}
 
 	return MHD_YES;
@@ -333,9 +341,6 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
 		return ret;
 	} else if (strncmp(url, "/put", 4) == 0) {
 		struct put_state *ps = (struct put_state *) *ptr;
-		char *username;
-		char password[33];
-
 		if (*ptr == NULL) {
 			if (strcmp(method, MHD_HTTP_METHOD_POST) != 0)
 				return respond_405(connection);
@@ -345,21 +350,11 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
 
 			*ptr = (void *) 1;
 
-			username = MHD_digest_auth_get_username(connection);
-			if (username == NULL)
-				return respond_401(connection, MHD_NO);
-			auth_get_password(username, password);
-
-			ret = MHD_digest_auth_check(connection, REALM, username, password, 300);
-			free(username);
-
-			if (ret == MHD_INVALID_NONCE || ret == MHD_NO)
-				return respond_401(connection, (ret == MHD_INVALID_NONCE) ? MHD_YES : MHD_NO);
-
 			struct put_state *ps = malloc(sizeof(struct put_state));
 			ps->data = NULL;
 			ps->data_size = 0;
 			ps->pp = MHD_create_post_processor(connection, 16384, &POST_put_iterator, ps);
+			ps->username[0] = 0;
 			*ptr = ps;
 			return MHD_YES;
 		}
@@ -370,21 +365,22 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
 			return MHD_YES;
 		}
 
-		if (ps->data == NULL || ps->data_size == 0)
+		if (ps->data == NULL || ps->data_size == 0 || ps->username[0] == 0)
 			return respond_JSON_Failure(connection);
 
-		username = MHD_digest_auth_get_username(connection);
-		struct blerg *b = blerg_open(username);
-		if (b == NULL)
+		const char *given_token = MHD_lookup_connection_value(connection, MHD_COOKIE_KIND, "auth");
+		if (!auth_check_token(ps->username, given_token))
 			return respond_JSON_Failure(connection);
-		if (blerg_store(b, ps->data, ps->data_size) == -1) {
-			blerg_close(b);
+
+		struct blerg *b = blerg_open(ps->username);
+		if (b == NULL)
 			return respond_JSON_Failure(connection);
-		}
+		ret = blerg_store(b, ps->data, ps->data_size);
 		blerg_close(b);
+		if (ret == -1)
+			return respond_JSON_Failure(connection);
 
 		MHD_destroy_post_processor(ps->pp);
-		free(username);
 		free(ps->data);
 		free(ps);
 		*ptr = NULL;
@@ -532,9 +528,13 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
 			return MHD_YES;
 		}
 
-		auth_logout(as->username);
-
-		return respond_JSON_Success(connection);
+		const char *given_token = MHD_lookup_connection_value(connection, MHD_COOKIE_KIND, "auth");
+		if (auth_check_token(as->username, given_token)) {
+			auth_logout(as->username);
+			return respond_JSON_Success(connection);
+		} else {
+			return respond_JSON_Failure(connection);
+		}
 	} else {
 		return respond_404(connection);
 	}
@@ -548,7 +548,7 @@ int main(int argc, char *argv[]) {
 
 	init_responses();
 
-	daemon = MHD_start_daemon(MHD_USE_DEBUG, 8080, NULL, NULL, &ahc_derp, NULL, MHD_OPTION_END);
+	daemon = MHD_start_daemon(MHD_USE_DEBUG, HTTP_BLERG_PORT, NULL, NULL, &ahc_derp, NULL, MHD_OPTION_END);
 	if (daemon == NULL) {
 		fprintf(stderr, "Could not start web server\n");
 		return 1;