From e2f51ade69169968d9d54d3b601527a51c66f6ba Mon Sep 17 00:00:00 2001 From: Chip Black Date: Thu, 30 Dec 2010 17:31:26 -0600 Subject: [PATCH] Check auth for logout --- common/auth.c | 11 +++++++++++ common/auth.h | 1 + http/http_blerg.c | 10 +++++++--- 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/common/auth.c b/common/auth.c index 0116462..1b6ecb6 100644 --- a/common/auth.c +++ b/common/auth.c @@ -132,3 +132,14 @@ char *auth_get_token(const char *username) { return token; } + +int auth_check_token(const char *username, const char *given_token) { + char *token = auth_get_token(username); + if (token != NULL && given_token != NULL) { + int ret = (strncmp(token, given_token, TOKEN_SIZE * 2) == 0); + free(token); + return ret; + } else { + return 0; + } +} diff --git a/common/auth.h b/common/auth.h index f73701b..124f014 100644 --- a/common/auth.h +++ b/common/auth.h @@ -7,5 +7,6 @@ int auth_check_password(const char *, const char *); int auth_login(const char *username, const char *password); int auth_logout(const char *username); char *auth_get_token(const char *username); +int auth_check_token(const char *username, const char *given_token); #endif //_AUTH_H diff --git a/http/http_blerg.c b/http/http_blerg.c index f481671..e994574 100644 --- a/http/http_blerg.c +++ b/http/http_blerg.c @@ -532,9 +532,13 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c return MHD_YES; } - auth_logout(as->username); - - return respond_JSON_Success(connection); + const char *given_token = MHD_lookup_connection_value(connection, MHD_COOKIE_KIND, "auth"); + if (given_token != NULL && auth_check_token(as->username, given_token)) { + auth_logout(as->username); + return respond_JSON_Success(connection); + } else { + return respond_JSON_Failure(connection); + } } else { return respond_404(connection); } -- 2.25.1