yajl_gen_config yajl_c = { 0, 0 };
-int check_auth(const char *username) {
- if (username == NULL || username[0] == 0) {
+int check_auth(struct auth_cookie *ac) {
+ const char *given_cookie = cgi_getcookie("auth");
+
+ if (parse_auth_cookie(given_cookie, ac) != 1) {
respond_403();
return 0;
}
- const char *given_token = cgi_getcookie("auth");
- if (!auth_check_token(username, given_token)) {
+ if (!auth_check_token(ac->name, ac->token)) {
respond_403();
return 0;
}
char *request_method;
int ret, len;
struct url_info info;
+ struct auth_cookie ac;
char *data;
if (!blerg_init())
exit(0);
}
- const char *username = cgi_getentrystr("username");
- if (!check_auth(username))
+ if (!check_auth(&ac))
exit(0);
if (path[4] == '/') {
exit(0);
}
- struct blerg *b = blerg_open(username);
+ struct blerg *b = blerg_open(ac.name);
if (b == NULL) {
respond_JSON_Failure();
exit(0);
exit(0);
}
- printf("Set-Cookie: auth=%s\r\n", token);
+ printf("Set-Cookie: auth=%s/%s\r\n", username, token);
free(token);
respond_JSON_Success();
exit(0);
}
- const char *username = cgi_getentrystr("username");
- if (!check_auth(username))
+ if (!check_auth(&ac))
exit(0);
- const char *given_token = cgi_getcookie("auth");
- auth_logout(username, given_token);
+ auth_logout(ac.name, ac.token);
respond_JSON_Success();
} else if (strncmp(path, "/subscribe", 10) == 0 || strncmp(path, "/unsubscribe", 12) == 0) {
- const char *username = cgi_getentrystr("username");
- if (!check_auth(username))
+ if (!check_auth(&ac))
exit(0);
if (path[1] == 'u') {
exit(0);
}
- subscription_remove(username, info.name);
+ subscription_remove(ac.name, info.name);
} else {
if (path[10] != '/') {
respond_404();
exit(0);
}
- subscription_add(username, info.name);
+ subscription_add(ac.name, info.name);
}
respond_JSON_Success();
} else if (strncmp(path, "/feed", 6) == 0) {
- const char *username = cgi_getentrystr("username");
- if (!check_auth(username))
+ if (!check_auth(&ac))
exit(0);
int recs = 50;
- struct blergref *feedlist = subscription_list(username, 0, &recs, -1);
+ struct blergref *feedlist = subscription_list(ac.name, 0, &recs, -1);
if (recs == 0) {
respond_simple_data("[]", 2);
respond_blergref_list(feedlist, recs);
}
} else if (strncmp(path, "/status", 7) == 0) {
- const char *username = cgi_getentrystr("username");
- if (!check_auth(username))
+ if (!check_auth(&ac))
exit(0);
if (strncmp(request_method, "POST", 4) != 0) {
const char *clear = cgi_getentrystr("clear");
if (clear != NULL) {
- struct blerg *b = blerg_open(username);
+ struct blerg *b = blerg_open(ac.name);
if (strncmp(clear, "feed", 4) == 0) {
blerg_set_subscription_mark(b);
} else if (strncmp(clear, "mentioned", 9) == 0) {
g = yajl_gen_alloc(&yajl_c, NULL);
yajl_gen_map_open(g);
- struct blerg *b = blerg_open(username);
+ struct blerg *b = blerg_open(ac.name);
uint64_t subscription_mark = blerg_get_subscription_mark(b);
int mentioned = blerg_get_status(b, BLERGSTATUS_MENTIONED);
blerg_close(b);
yajl_gen_string(g, (unsigned char *)"feed_new", 8);
- yajl_gen_integer(g, subscription_count_items(username) - subscription_mark);
+ yajl_gen_integer(g, subscription_count_items(ac.name) - subscription_mark);
yajl_gen_string(g, (unsigned char *)"mentioned", 9);
yajl_gen_bool(g, mentioned);
yajl_gen_string(g, (unsigned char *)"subscribed", 10);
ret = parse_url_info(path + 8, &info);
if ((ret & URL_INFO_NAME) == 1) {
- yajl_gen_bool(g, is_subscribed(username, info.name));
+ yajl_gen_bool(g, is_subscribed(ac.name, info.name));
} else {
yajl_gen_bool(g, 0);
}
yajl_gen_free(g);
}
} else if (strncmp(path, "/passwd", 7) == 0) {
- const char *username = cgi_getentrystr("username");
- if (!check_auth(username))
+ if (!check_auth(&ac))
exit(0);
const char *password = cgi_getentrystr("password");
if (password == NULL || new_password == NULL) {
respond_JSON_Failure();
} else {
- if (auth_check_password(username, password)) {
- auth_set_password(username, new_password);
+ if (auth_check_password(ac.name, password)) {
+ auth_set_password(ac.name, new_password);
respond_JSON_Success();
} else {
respond_JSON_Failure();