Change auth to allow multiple logins

author Chip Black <bytex64@bytex64.net>

Mon, 7 Mar 2011 04:51:22 +0000 (22:51 -0600)

committer Chip Black <bytex64@bytex64.net>

Mon, 7 Mar 2011 04:52:34 +0000 (22:52 -0600)
author Chip Black <bytex64@bytex64.net>
Mon, 7 Mar 2011 04:51:22 +0000 (22:51 -0600)
committer Chip Black <bytex64@bytex64.net>
Mon, 7 Mar 2011 04:52:34 +0000 (22:52 -0600)
diff --git a/cgi/cgi_blerg.c b/cgi/cgi_blerg.c

index 664d6a5..b479535 100644 (file)
--- a/cgi/cgi_blerg.c
+++ b/cgi/cgi_blerg.c
@@ -307,12 +307,12 @@ int main(int argc, char *argv[]) {
                         exit(0);
                 }
  
                         exit(0);
                 }
  
-               if (!auth_login(username, password)) {
+               char *token = auth_login(username, password);
+               if (token == NULL) {
                         respond_JSON_Failure();
                         exit(0);
                 }
  
                         respond_JSON_Failure();
                         exit(0);
                 }
  
-               char *token = auth_get_token(username);
                 printf("Set-Cookie: auth=%s\r\n", token);
                 free(token);
  
                 printf("Set-Cookie: auth=%s\r\n", token);
                 free(token);
  
@@ -327,7 +327,8 @@ int main(int argc, char *argv[]) {
                 if (!check_auth(username))
                         exit(0);
  
                 if (!check_auth(username))
                         exit(0);
  
-               auth_logout(username);
+               const char *given_token = cgi_getcookie("auth");
+               auth_logout(username, given_token);
                 respond_JSON_Success();
         } else if (strncmp(path, "/subscribe", 10) == 0 || strncmp(path, "/unsubscribe", 12) == 0) {
                 const char *username = cgi_getentrystr("username");
                 respond_JSON_Success();
         } else if (strncmp(path, "/subscribe", 10) == 0 || strncmp(path, "/unsubscribe", 12) == 0) {
                 const char *username = cgi_getentrystr("username");
diff --git a/common/auth.c b/common/auth.c

index 26569fd..0dbe6a4 100644 (file)
--- a/common/auth.c
+++ b/common/auth.c
@@ -95,70 +95,56 @@ char *create_random_token() {
         return token;
  }
  
         return token;
  }
  
-int auth_login(const char *username, const char *password) {
+char * auth_login(const char *username, const char *password) {
         char filename[512];
         int token_fd;
  
         if (!auth_check_password(username, password))
         char filename[512];
         int token_fd;
  
         if (!auth_check_password(username, password))
-               return 0;
+               return NULL;
  
  
-       sprintf(filename, "%s/%s/token", DATA_PATH, username);
+       char *token = create_random_token();
+
+       sprintf(filename, "%s/%s/tokens", DATA_PATH, username);
+       if (access(filename, F_OK) != 0) {
+               if (mkdir(filename, 0700) == -1) {
+                       perror("Could not create auth token dir");
+                       return NULL;
+               }
+       }
+
+       sprintf(filename, "%s/%s/tokens/%s", DATA_PATH, username, token);
         token_fd = open(filename, O_WRONLY | O_CREAT, 0600);
         if (token_fd == -1) {
                 perror("Could not open token");
         token_fd = open(filename, O_WRONLY | O_CREAT, 0600);
         if (token_fd == -1) {
                 perror("Could not open token");
-               return 0;
+               return NULL;
         }
         }
-
-       char *token = create_random_token();
-       write(token_fd, token, TOKEN_SIZE * 2);
         close(token_fd);
         close(token_fd);
-       free(token);
  
  
-       return 1;
+       return token;
  }
  
  }
  
-int auth_logout(const char *username) {
+int auth_logout(const char *username, const char *token) {
         char filename[512];
  
         if (!valid_name(username))
                 return 0;
  
         char filename[512];
  
         if (!valid_name(username))
                 return 0;
  
-       sprintf(filename, "%s/%s/token", DATA_PATH, username);
+       sprintf(filename, "%s/%s/tokens", DATA_PATH, username);
+       if (access(filename, F_OK) != 0) {
+               return 0;
+       }
+
+       sprintf(filename, "%s/%s/tokens/%s", DATA_PATH, username, token);
         if (unlink(filename) == -1)
                 return 0;
  
         return 1;
  }
  
         if (unlink(filename) == -1)
                 return 0;
  
         return 1;
  }
  
-char *auth_get_token(const char *username) {
+int auth_check_token(const char *username, const char *given_token) {
         char filename[512];
         char filename[512];
-       char *token;
-       int token_fd;
  
  
-       if (!valid_name(username))
-               return 0;
+       sprintf(filename, "%s/%s/tokens/%s", DATA_PATH, username, given_token);
  
  
-       sprintf(filename, "%s/%s/token", DATA_PATH, username);
-       token_fd = open(filename, O_RDONLY, 0600);
-       if (token_fd == -1) {
-               perror("Could not open token");
-               return NULL;
-       }
-
-       token = malloc(TOKEN_SIZE * 2 + 1);
-       read(token_fd, token, TOKEN_SIZE * 2);
-       close(token_fd);
-
-       return token;
-}
-
-int auth_check_token(const char *username, const char *given_token) {
-       char *token = auth_get_token(username);
-       if (token != NULL && given_token != NULL) {
-               int ret = (strncmp(token, given_token, TOKEN_SIZE * 2) == 0);
-               free(token);
-               return ret;
-       } else {
-               return 0;
-       }
+       return (access(filename, F_OK) == 0);
  }
  }
diff --git a/common/auth.h b/common/auth.h

index d180bfd..647bd6f 100644 (file)
--- a/common/auth.h
+++ b/common/auth.h
@@ -7,9 +7,8 @@
  int auth_set_password(const char *, const char *);
  int auth_get_password(const char *, char *);
  int auth_check_password(const char *, const char *);
  int auth_set_password(const char *, const char *);
  int auth_get_password(const char *, char *);
  int auth_check_password(const char *, const char *);
-int auth_login(const char *username, const char *password);
-int auth_logout(const char *username);
-char *auth_get_token(const char *username);
+char * auth_login(const char *username, const char *password);
+int auth_logout(const char *username, const char *token);
  int auth_check_token(const char *username, const char *given_token);
  
  #endif //_AUTH_H
  int auth_check_token(const char *username, const char *given_token);
  
  #endif //_AUTH_H
diff --git a/http/http_blerg.c b/http/http_blerg.c

index 85a1e5b..a4226ab 100644 (file)
--- a/http/http_blerg.c
+++ b/http/http_blerg.c
@@ -521,12 +521,12 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
                 if (as->username[0] == 0 || as->password[0] == 0)
                         return respond_JSON_Failure(connection);
  
                 if (as->username[0] == 0 || as->password[0] == 0)
                         return respond_JSON_Failure(connection);
  
-               if (!auth_login(as->username, as->password))
+               char *token = auth_login(as->username, as->password);
+               if (token == NULL)
                         return respond_JSON_Failure(connection);
  
                 response = MHD_create_response_from_data(strlen(JSON_SUCCESS), JSON_SUCCESS, MHD_NO, MHD_NO);
  
                         return respond_JSON_Failure(connection);
  
                 response = MHD_create_response_from_data(strlen(JSON_SUCCESS), JSON_SUCCESS, MHD_NO, MHD_NO);
  
-               char *token = auth_get_token(as->username);
                 data = malloc(512);
                 snprintf(data, 512, "auth=%s", token);
                 MHD_add_response_header(response, "Set-Cookie", data);
                 data = malloc(512);
                 snprintf(data, 512, "auth=%s", token);
                 MHD_add_response_header(response, "Set-Cookie", data);
@@ -548,7 +548,8 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
  
                 struct auth_state *as = (struct auth_state *) *ptr;
  
  
                 struct auth_state *as = (struct auth_state *) *ptr;
  
-               auth_logout(as->username);
+               const char *given_token = MHD_lookup_connection_value(connection, MHD_COOKIE_KIND, "auth");
+               auth_logout(as->username, given_token);
                 return respond_JSON_Success(connection);
         } else if (strncmp(url, "/subscribe", 10) == 0 || strncmp(url, "/unsubscribe", 12) == 0) {
                 ret = process_and_check_auth(connection, method, upload_data, upload_data_size, ptr);
                 return respond_JSON_Success(connection);
         } else if (strncmp(url, "/subscribe", 10) == 0 || strncmp(url, "/unsubscribe", 12) == 0) {
                 ret = process_and_check_auth(connection, method, upload_data, upload_data_size, ptr);
author	Chip Black <bytex64@bytex64.net>
	Mon, 7 Mar 2011 04:51:22 +0000 (22:51 -0600)
committer	Chip Black <bytex64@bytex64.net>
	Mon, 7 Mar 2011 04:52:34 +0000 (22:52 -0600)
cgi/cgi_blerg.c		patch \| blob \| history
common/auth.c		patch \| blob \| history
common/auth.h		patch \| blob \| history
http/http_blerg.c		patch \| blob \| history