From 30465019b067284f33ffe514e970edcf3ca6f1e5 Mon Sep 17 00:00:00 2001 From: Chip Black Date: Sun, 6 Mar 2011 22:51:22 -0600 Subject: [PATCH] Change auth to allow multiple logins --- cgi/cgi_blerg.c | 7 +++--- common/auth.c | 64 ++++++++++++++++++----------------------------- common/auth.h | 5 ++-- http/http_blerg.c | 7 +++--- 4 files changed, 35 insertions(+), 48 deletions(-) diff --git a/cgi/cgi_blerg.c b/cgi/cgi_blerg.c index 664d6a5..b479535 100644 --- a/cgi/cgi_blerg.c +++ b/cgi/cgi_blerg.c @@ -307,12 +307,12 @@ int main(int argc, char *argv[]) { exit(0); } - if (!auth_login(username, password)) { + char *token = auth_login(username, password); + if (token == NULL) { respond_JSON_Failure(); exit(0); } - char *token = auth_get_token(username); printf("Set-Cookie: auth=%s\r\n", token); free(token); @@ -327,7 +327,8 @@ int main(int argc, char *argv[]) { if (!check_auth(username)) exit(0); - auth_logout(username); + const char *given_token = cgi_getcookie("auth"); + auth_logout(username, given_token); respond_JSON_Success(); } else if (strncmp(path, "/subscribe", 10) == 0 || strncmp(path, "/unsubscribe", 12) == 0) { const char *username = cgi_getentrystr("username"); diff --git a/common/auth.c b/common/auth.c index 26569fd..0dbe6a4 100644 --- a/common/auth.c +++ b/common/auth.c @@ -95,70 +95,56 @@ char *create_random_token() { return token; } -int auth_login(const char *username, const char *password) { +char * auth_login(const char *username, const char *password) { char filename[512]; int token_fd; if (!auth_check_password(username, password)) - return 0; + return NULL; - sprintf(filename, "%s/%s/token", DATA_PATH, username); + char *token = create_random_token(); + + sprintf(filename, "%s/%s/tokens", DATA_PATH, username); + if (access(filename, F_OK) != 0) { + if (mkdir(filename, 0700) == -1) { + perror("Could not create auth token dir"); + return NULL; + } + } + + sprintf(filename, "%s/%s/tokens/%s", DATA_PATH, username, token); token_fd = open(filename, O_WRONLY | O_CREAT, 0600); if (token_fd == -1) { perror("Could not open token"); - return 0; + return NULL; } - - char *token = create_random_token(); - write(token_fd, token, TOKEN_SIZE * 2); close(token_fd); - free(token); - return 1; + return token; } -int auth_logout(const char *username) { +int auth_logout(const char *username, const char *token) { char filename[512]; if (!valid_name(username)) return 0; - sprintf(filename, "%s/%s/token", DATA_PATH, username); + sprintf(filename, "%s/%s/tokens", DATA_PATH, username); + if (access(filename, F_OK) != 0) { + return 0; + } + + sprintf(filename, "%s/%s/tokens/%s", DATA_PATH, username, token); if (unlink(filename) == -1) return 0; return 1; } -char *auth_get_token(const char *username) { +int auth_check_token(const char *username, const char *given_token) { char filename[512]; - char *token; - int token_fd; - if (!valid_name(username)) - return 0; + sprintf(filename, "%s/%s/tokens/%s", DATA_PATH, username, given_token); - sprintf(filename, "%s/%s/token", DATA_PATH, username); - token_fd = open(filename, O_RDONLY, 0600); - if (token_fd == -1) { - perror("Could not open token"); - return NULL; - } - - token = malloc(TOKEN_SIZE * 2 + 1); - read(token_fd, token, TOKEN_SIZE * 2); - close(token_fd); - - return token; -} - -int auth_check_token(const char *username, const char *given_token) { - char *token = auth_get_token(username); - if (token != NULL && given_token != NULL) { - int ret = (strncmp(token, given_token, TOKEN_SIZE * 2) == 0); - free(token); - return ret; - } else { - return 0; - } + return (access(filename, F_OK) == 0); } diff --git a/common/auth.h b/common/auth.h index d180bfd..647bd6f 100644 --- a/common/auth.h +++ b/common/auth.h @@ -7,9 +7,8 @@ int auth_set_password(const char *, const char *); int auth_get_password(const char *, char *); int auth_check_password(const char *, const char *); -int auth_login(const char *username, const char *password); -int auth_logout(const char *username); -char *auth_get_token(const char *username); +char * auth_login(const char *username, const char *password); +int auth_logout(const char *username, const char *token); int auth_check_token(const char *username, const char *given_token); #endif //_AUTH_H diff --git a/http/http_blerg.c b/http/http_blerg.c index 85a1e5b..a4226ab 100644 --- a/http/http_blerg.c +++ b/http/http_blerg.c @@ -521,12 +521,12 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c if (as->username[0] == 0 || as->password[0] == 0) return respond_JSON_Failure(connection); - if (!auth_login(as->username, as->password)) + char *token = auth_login(as->username, as->password); + if (token == NULL) return respond_JSON_Failure(connection); response = MHD_create_response_from_data(strlen(JSON_SUCCESS), JSON_SUCCESS, MHD_NO, MHD_NO); - char *token = auth_get_token(as->username); data = malloc(512); snprintf(data, 512, "auth=%s", token); MHD_add_response_header(response, "Set-Cookie", data); @@ -548,7 +548,8 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c struct auth_state *as = (struct auth_state *) *ptr; - auth_logout(as->username); + const char *given_token = MHD_lookup_connection_value(connection, MHD_COOKIE_KIND, "auth"); + auth_logout(as->username, given_token); return respond_JSON_Success(connection); } else if (strncmp(url, "/subscribe", 10) == 0 || strncmp(url, "/unsubscribe", 12) == 0) { ret = process_and_check_auth(connection, method, upload_data, upload_data_size, ptr); -- 2.25.1