From: Chip Black Date: Thu, 30 Dec 2010 23:48:26 +0000 (-0600) Subject: Add cookie auth to /put X-Git-Tag: ohfuckreddit~27 X-Git-Url: http://git.bytex64.net/?a=commitdiff_plain;ds=sidebyside;h=46babc7c3d103cff8cdced69a41d600810625413;p=blerg.git Add cookie auth to /put --- diff --git a/http/http_blerg.c b/http/http_blerg.c index e994574..949e971 100644 --- a/http/http_blerg.c +++ b/http/http_blerg.c @@ -20,6 +20,7 @@ struct auth_state { struct put_state { struct MHD_PostProcessor *pp; + char username[33]; char *data; int data_size; }; @@ -196,6 +197,10 @@ int POST_put_iterator(void *cls, enum MHD_ValueKind kind, const char *key, const memcpy(ps->data + off, data, size); if (ps->data_size == MAX_RECORD_SIZE) return MHD_NO; + } else if (strncmp(key, "username", 9) == 0) { + if (size > 32) size = 32; + memcpy(ps->username, data, size); + ps->username[size] = 0; } return MHD_YES; @@ -345,21 +350,11 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c *ptr = (void *) 1; - username = MHD_digest_auth_get_username(connection); - if (username == NULL) - return respond_401(connection, MHD_NO); - auth_get_password(username, password); - - ret = MHD_digest_auth_check(connection, REALM, username, password, 300); - free(username); - - if (ret == MHD_INVALID_NONCE || ret == MHD_NO) - return respond_401(connection, (ret == MHD_INVALID_NONCE) ? MHD_YES : MHD_NO); - struct put_state *ps = malloc(sizeof(struct put_state)); ps->data = NULL; ps->data_size = 0; ps->pp = MHD_create_post_processor(connection, 16384, &POST_put_iterator, ps); + ps->username[0] = 0; *ptr = ps; return MHD_YES; } @@ -370,11 +365,14 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c return MHD_YES; } - if (ps->data == NULL || ps->data_size == 0) + if (ps->data == NULL || ps->data_size == 0 || ps->username[0] == 0) + return respond_JSON_Failure(connection); + + const char *given_token = MHD_lookup_connection_value(connection, MHD_COOKIE_KIND, "auth"); + if (!auth_check_token(ps->username, given_token)) return respond_JSON_Failure(connection); - username = MHD_digest_auth_get_username(connection); - struct blerg *b = blerg_open(username); + struct blerg *b = blerg_open(ps->username); if (b == NULL) return respond_JSON_Failure(connection); if (blerg_store(b, ps->data, ps->data_size) == -1) { @@ -384,7 +382,6 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c blerg_close(b); MHD_destroy_post_processor(ps->pp); - free(username); free(ps->data); free(ps); *ptr = NULL;