diff --git a/world/net/http/library.i b/world/net/http/library.i index 92e6629..214ed0b 100644 --- a/world/net/http/library.i +++ b/world/net/http/library.i @@ -7,6 +7,7 @@ #include #include +#include #include "driver.h" //#include CONFIG_PATH "ports.h" @@ -216,3 +217,13 @@ varargs string make_query_string(mapping params, int sort) { return q; } +object check_query_token(mapping query) { + string nick; + object user; + + if (nick = query["user"]) user = find_person(nick); + if (user && user->validToken(query["token"])) return user; + return 0; +} + + diff --git a/world/net/include/proto.h b/world/net/include/proto.h index 5ae21be..ec26fcf 100644 --- a/world/net/include/proto.h +++ b/world/net/include/proto.h @@ -14,6 +14,7 @@ void dns_resolve(string hostname, closure callback, varargs array(mixed) extra); void dns_rresolve(string ip, closure callback, varargs array(mixed) extra); #endif +varargs object find_person(string name, vaint lowercazed); #ifndef hex2int int hex2int(string hex); #endif diff --git a/world/net/place/threads.c b/world/net/place/threads.c index 92aa479..70170f4 100644 --- a/world/net/place/threads.c +++ b/world/net/place/threads.c @@ -530,14 +530,6 @@ void displayFooter() { w("_HTML_tail_threads", ""); } -static object checkToken(mapping query) { - string nick; - object user; - if (nick = query["user"]) user = find_person(nick); - if (user && user->validToken(query["token"])) return user; - return 0; -} - htget(prot, query, headers, qs, data) { mapping entrymap; mixed target; @@ -546,7 +538,7 @@ htget(prot, query, headers, qs, data) { int a; int limit = to_int(query["limit"]) || DEFAULT_BACKLOG; int offset = to_int(query["offset"]); - int authed = checkToken(query) ? 1 : 0; + int authed = check_query_token(query) ? 1 : 0; unless (isPublic() || authed) { write("

404

"); return 1; @@ -570,7 +562,7 @@ htget(prot, query, headers, qs, data) { htok(prot); // TODO: remote user auth - unless (user = checkToken(query)) { + unless (user = check_query_token(query)) { write("Not authenticated!\n"); return 1; } @@ -618,10 +610,10 @@ htget(prot, query, headers, qs, data) { //P2(("all entries: %O\n", _thread)) htok3(prot, "text/html", "Cache-Control: no-cache\n"); displayHeader("entries"); - if ((user = checkToken(query)) && canPost(user->qName())) + if ((user = check_query_token(query)) && canPost(user->qName())) displayForm(!v("showform")); // display the blog - displayMain(limit, offset, checkToken(query) ? 1 : 0); + displayMain(limit, offset, check_query_token(query) ? 1 : 0); // display the chatlog if (showWebLog()) logView(a < 24 ? a : 12, "html", 15); displayFooter();