mirror/mongoose
1
0
Fork 0
mirror of https://github.com/cesanta/mongoose.git synced 2024-11-28 13:49:01 +08:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

check_login_form_submission() factored in separate function

Browse Source
This commit is contained in:
Sergey Lyubka 2014-10-09 11:44:12 +01:00
parent 5077350589
commit 54ba36c1c9
1 changed files with 26 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
examples/cookie_authentication/cookie_auth.c
View File

@ -40,34 +40,37 @@ static int check_auth(struct mg_connection *conn) {
return MG_FALSE;
}
static int serve_request(struct mg_connection *conn) {
static int check_login_form_submission(struct mg_connection *conn) {
char name[100], password[100], ssid[100], expire[100], expire_epoch[100];
// Always authorize requests to login page
mg_get_var(conn, "name", name, sizeof(name));
mg_get_var(conn, "password", password, sizeof(password));
// A real authentication mechanism should be employed here.
// Also, the whole site should be served through HTTPS.
if (strcmp(name, "Joe") == 0 && strcmp(password, "Doe") == 0) {
// Generate expiry date
time_t t = time(NULL) + 3600; // Valid for 1 hour
snprintf(expire_epoch, sizeof(expire_epoch), "%lu", (unsigned long) t);
strftime(expire, sizeof(expire), "%a, %d %b %Y %H:%M:%S GMT", gmtime(&t));
generate_ssid(name, expire_epoch, ssid, sizeof(ssid));
// Set "session id" cookie, there could be some data encoded in it.
mg_printf(conn,
"HTTP/1.1 302 Moved\r\n"
"Set-Cookie: ssid=%s; expire=\"%s\"; http-only; HttpOnly;\r\n"
"Location: /\r\n\r\n",
ssid, expire);
return MG_TRUE;
}
return MG_FALSE;
}
static int serve_request(struct mg_connection *conn) {
if (strcmp(conn->uri, s_login_uri) == 0 &&
strcmp(conn->request_method, "POST") == 0) {
mg_get_var(conn, "name", name, sizeof(name));
mg_get_var(conn, "password", password, sizeof(password));
// A real authentication mechanism should be employed here.
// Also, the whole site should be served through HTTPS.
if (strcmp(name, "Joe") == 0 && strcmp(password, "Doe") == 0) {
// Generate expiry date
time_t t = time(NULL) + 3600; // Valid for 1 hour
snprintf(expire_epoch, sizeof(expire_epoch), "%lu", (unsigned long) t);
strftime(expire, sizeof(expire), "%a, %d %b %Y %H:%M:%S GMT", gmtime(&t));
generate_ssid(name, expire_epoch, ssid, sizeof(ssid));
// Set "session id" cookie, there could be some data encoded in it.
mg_printf(conn,
"HTTP/1.1 302 Moved\r\n"
"Set-Cookie: ssid=%s; expire=\"%s\"; http-only; HttpOnly;\r\n"
"Location: /\r\n\r\n",
ssid, expire);
return MG_TRUE;
}
return check_login_form_submission(conn);
}
return MG_FALSE;
return MG_FALSE; // Serve files in the document_root
}
static int ev_handler(struct mg_connection *conn, enum mg_event ev) {