Added auth example

docs/Embed.md

@@ -90,7 +90,8 @@ a couple of kilobytes to the executable size, and also has some runtime penalty.
 Mongoose source code contains a well-commented example code, listed below:
 
    * [hello.c](https://github.com/cesanta/mongoose/blob/master/examples/hello.c)
-   is a minimalistic hello world example
+   a minimalistic hello world example
    * [post.c](https://github.com/cesanta/mongoose/blob/master/examples/post.c)
+   shows how to handle form input
    * [upload.c](https://github.com/cesanta/mongoose/blob/master/examples/post.c)
    shows how to upload files

examples/Makefile

@@ -24,6 +24,7 @@ all:
 	$(CC) post.c ../mongoose.c -o post $(CFLAGS)
 	$(CC) multi_threaded.c ../mongoose.c -o multi_threaded $(CFLAGS)
 	$(CC) upload.c ../mongoose.c -o upload $(CFLAGS)
+	$(CC) auth.c ../mongoose.c -o auth $(CFLAGS)
 
 #	$(CC) -DUSE_WEBSOCKET websocket.c ../mongoose.c -o $@ $(CFLAGS)
 #	$(CC) chat.c ../mongoose.c -o chat $(CFLAGS)
@@ -41,6 +42,7 @@ windows:
 	$(CL) post.c ../mongoose.c $(CLFLAGS) $(LFLAGS)
 	$(CL) multi_threaded.c ../mongoose.c $(CLFLAGS) $(LFLAGS)
 	$(CL) upload.c ../mongoose.c $(CLFLAGS) $(LFLAGS)
+	$(CL) auth.c ../mongoose.c $(CLFLAGS) $(LFLAGS)
 
 #	$(CL) /DUSE_WEBSOCKET websocket.c ../mongoose.c $(CLFLAGS) $(LFLAGS)
 #$(CL) lua_dll.c $(CLFLAGS) $(DLL_FLAGS) /DLL $(LFLAGS) /SUBSYSTEM:WINDOWS /ENTRY:luaopen_lua_dll /EXPORT:luaopen_lua_dll /out:lua_dll.dll

examples/auth.c

@@ -0,0 +1,45 @@
+#include <stdio.h>
+#include <string.h>
+#include "mongoose.h"
+
+static int index_html(struct mg_connection *conn) {
+  mg_send_header(conn, "Content-Type", "text/html");
+  mg_printf_data(conn, "%s",
+                 "This link is password-protected: <a href=/secret>link</a>");
+  return 1;
+}
+
+static int secret_html(struct mg_connection *conn) {
+  static const char *passwords_file = "my_passwords.txt";
+  FILE *fp = fopen(passwords_file, "r");
+
+  // To populate passwords file, do
+  // mongoose -A my_passwords.txt mydomain.com admin admin
+
+  if (mg_authorize_digest(conn, fp)) {
+    mg_printf_data(conn, "%s", "Hi, here is a secret message!");
+  } else {
+    mg_send_digest_auth_request(conn);
+  }
+
+  if (fp != NULL) {
+    fclose(fp);
+  }
+
+  return 1;
+}
+
+int main(void) {
+  struct mg_server *server = mg_create_server(NULL);
+  mg_set_option(server, "listening_port", "8080");
+  mg_add_uri_handler(server, "/", index_html);
+  mg_add_uri_handler(server, "/secret", secret_html);
+
+  printf("Starting on port %s\n", mg_get_option(server, "listening_port"));
+  for (;;) {
+    mg_poll_server(server, 1000);
+  }
+  mg_destroy_server(&server);
+
+  return 0;
+}

mongoose.c

@@ -2921,11 +2921,13 @@ static int check_password(const char *method, const char *ha1, const char *uri,
 // Authorize against the opened passwords file. Return 1 if authorized.
 int mg_authorize_digest(struct mg_connection *c, FILE *fp) {
   struct connection *conn = (struct connection *) c;
-  const char *hdr = mg_get_header(c, "Authorization");
+  const char *hdr;
   char line[256], f_user[256], ha1[256], f_domain[256], user[100], nonce[100],
        uri[MAX_REQUEST_SIZE], cnonce[100], resp[100], qop[100], nc[100];
 
-  if (hdr == NULL || mg_strncasecmp(hdr, "Digest ", 7) != 0) return 0;
+  if (c == NULL || fp == NULL) return 0;
+  if ((hdr = mg_get_header(c, "Authorization")) == NULL ||
+      mg_strncasecmp(hdr, "Digest ", 7) != 0) return 0;
   if (!mg_parse_header(hdr, "username", user, sizeof(user))) return 0;
   if (!mg_parse_header(hdr, "cnonce", cnonce, sizeof(cnonce))) return 0;
   if (!mg_parse_header(hdr, "response", resp, sizeof(resp))) return 0;