Fix login timeout bug & standardize FCGI_*Control functions

diff --git a/server/fastcgi.c b/server/fastcgi.c
index f6bea43..57c5b1b 100644 (file)
--- a/server/fastcgi.c
+++ b/server/fastcgi.c
@@ -79,14 +79,14 @@ static void IdentifyHandler(FCGIContext *context, char *params) {
  * the system at any one time. The key can be forcibly generated, revoking
  * any previous control keys. To be used in conjunction with HTTP 
  * basic authentication.
- * This function will generate a JSON response that indicates success/failure.
  * @param context The context to work in
  * @param force Whether to force key generation or not.
- */ 
-void FCGI_LockControl(FCGIContext *context, bool force) {
+ * @return true on success, false otherwise (eg someone else already in control)
+ */
+bool FCGI_LockControl(FCGIContext *context, bool force) {
        time_t now = time(NULL);
        bool expired = now - context->control_timestamp > CONTROL_TIMEOUT;
-       
+
        if (force || !*(context->control_key) || expired) 
        {
                SHA_CTX sha1ctx;
@@ -102,7 +102,9 @@ void FCGI_LockControl(FCGIContext *context, bool force) {
                for (i = 0; i < 20; i++)
                        sprintf(context->control_key + i * 2, "%02x", sha1[i]);
                snprintf(context->control_ip, 16, "%s", getenv("REMOTE_ADDR"));
+               return true;
        }
+       return false;
 }
 
 /**
@@ -131,8 +133,6 @@ bool FCGI_HasControl(FCGIContext *context, const char *key) {
  */
 void FCGI_ReleaseControl(FCGIContext *context) {
        *(context->control_key) = 0;
-       FCGI_BeginJSON(context, STATUS_OK);
-       FCGI_EndJSON();
        return;
 }
 

diff --git a/server/fastcgi.h b/server/fastcgi.h
index aad2421..365aa6c 100644 (file)
--- a/server/fastcgi.h
+++ b/server/fastcgi.h
@@ -54,7 +54,7 @@ typedef struct
 
 typedef void (*ModuleHandler) (FCGIContext *context, char *params);
 
-extern void FCGI_LockControl(FCGIContext *context, bool force);
+extern bool FCGI_LockControl(FCGIContext *context, bool force);
 extern void FCGI_ReleaseControl(FCGIContext *context);
 extern bool FCGI_HasControl(FCGIContext *context, const char *key);
 extern char *FCGI_KeyPair(char *in, const char **key, const char **value);

diff --git a/server/login.c b/server/login.c
index ddacdd9..4ec89dd 100644 (file)
--- a/server/login.c
+++ b/server/login.c
@@ -149,8 +149,9 @@ int Login_LDAP_Bind(const char * uri, const char * dn, const char * pass)
  * @param params - Parameter string, UNUSED
  */
 void Logout_Handler(FCGIContext * context, char * params)
-{              
+{
        FCGI_ReleaseControl(context);
+       FCGI_AcceptJSON(context, "Logged out", "0");
 }
 
 
@@ -161,13 +162,6 @@ void Logout_Handler(FCGIContext * context, char * params)
  */
 void Login_Handler(FCGIContext * context, char * params)
 {
-
-       if (context->control_key[0] != '\0')
-       {
-               FCGI_RejectJSON(context, "Someone is already logged in.");
-               return;
-       }
-
        char * user; // The username supplied through CGI
        char * pass; // The password supplied through CGI
 
@@ -251,8 +245,14 @@ void Login_Handler(FCGIContext * context, char * params)
        }
        else
        {
-               FCGI_LockControl(context, false);
-               // Give the user a cookie
-               FCGI_AcceptJSON(context, "Logged in", context->control_key);
+               if (FCGI_LockControl(context, false))
+               {
+                       // Give the user a cookie
+                       FCGI_AcceptJSON(context, "Logged in", context->control_key);
+               }
+               else
+               {
+                       FCGI_RejectJSON(context, "Someone else is already logged in");
+               }
        }
 }