* @param params - Parameter string, UNUSED
*/
void Logout_Handler(FCGIContext * context, char * params)
-{
+{
FCGI_ReleaseControl(context);
+ FCGI_AcceptJSON(context, "Logged out", "0");
}
*/
void Login_Handler(FCGIContext * context, char * params)
{
-
- if (context->control_key[0] != '\0')
- {
- FCGI_RejectJSON(context, "Already logged in.");
- return;
- }
-
- char * user = ""; // The username supplied through CGI
- char * pass = ""; // The password supplied through CGI
- //TODO: Make sure these are passed through HTTPS, *not* HTTP .... otherwise people can eavesdrop on the passwords
+ char * user; // The username supplied through CGI
+ char * pass; // The password supplied through CGI
FCGIValue values[] = {
{"user", &user, FCGI_REQUIRED(FCGI_STRING_T)},
return;
}
-
- // Trim leading whitespace (the BUFSIZ check is to make sure incorrectly terminated strings don't cause an infinite loop)
+ // Trim leading whitespace
int i = 0;
- for (i = 0; i < BUFSIZ && isspace(user[0]) && user[0] != '\0'; ++i,++user);
+ for (i = 0; isspace(user[0]) && user[0] != '\0'; ++i, ++user);
// Truncate string at first non alphanumeric character
- for (i = 0; i < BUFSIZ && isalnum(user[i]) && user[i] != '\0'; ++i);
+ for (i = 0; isalnum(user[i]) && user[i] != '\0'; ++i);
user[i] = '\0';
-
-
bool authenticated = true;
char dn[BUFSIZ];
// On a simple LDAP server:
- int len = sprintf(dn, "uid=%s,%s", user, g_options.ldap_base_dn);
+ //int len = sprintf(dn, "uid=%s,%s", user, g_options.ldap_base_dn);
// At UWA (hooray)
- //char * user_type = (user[0] != '0') : "Students" ? "Staff";
- //int len = sprintf(dn, "cn=%s,ou=%s", user, user_type, g_options.ldap_dn_base);
+ char * user_type = "Students";
+ if (user[0] == '0')
+ user_type = "Staff";
+ int len = sprintf(dn, "cn=%s,ou=%s,%s", user, user_type, g_options.ldap_base_dn);
if (len >= BUFSIZ)
{
FCGI_RejectJSON(context, "DN too long! Recompile with increased BUFSIZ");
+ return;
}
authenticated = (Login_LDAP_Bind(g_options.auth_uri, dn, pass) == LDAP_SUCCESS);
if (!authenticated)
{
- FCGI_RejectJSON(context, "Authentication failure.");
- return;
+ FCGI_RejectJSONEx(context, STATUS_UNAUTHORIZED, "Authentication failure.");
}
+ else
+ {
+ if (FCGI_LockControl(context, false))
+ {
+ //Todo: change this to something better than the username if using LDAP.
+ snprintf(context->friendly_name, 31, "%s", user);
+ FCGI_EscapeText(context->friendly_name); //Don't break javascript pls
- FCGI_LockControl(context, false);
-
- // Give the user a cookie
- FCGI_PrintRaw("Content-type: text\r\n");
- FCGI_PrintRaw("Set-Cookie: %s\r\n\r\n", context->control_key);
-
+ // Give the user a cookie
+ FCGI_AcceptJSON(context, "Logged in", context->control_key);
+ }
+ else
+ {
+ FCGI_RejectJSON(context, "Someone else is already logged in");
+ }
+ }
}
git.ucc.asn.au / matches / MCTX3420.git / blobdiff
UCC git Repository :: git.ucc.asn.au