mirror of
git://git.psyced.org/git/psyced
synced 2024-08-15 03:25:10 +00:00
check_query_token()
This commit is contained in:
parent
6e5c5b98db
commit
8c6522112a
3 changed files with 16 additions and 12 deletions
|
@ -7,6 +7,7 @@
|
||||||
|
|
||||||
#include <net.h>
|
#include <net.h>
|
||||||
#include <services.h>
|
#include <services.h>
|
||||||
|
#include <proto.h>
|
||||||
|
|
||||||
#include "driver.h"
|
#include "driver.h"
|
||||||
//#include CONFIG_PATH "ports.h"
|
//#include CONFIG_PATH "ports.h"
|
||||||
|
@ -216,3 +217,13 @@ varargs string make_query_string(mapping params, int sort) {
|
||||||
return q;
|
return q;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
object check_query_token(mapping query) {
|
||||||
|
string nick;
|
||||||
|
object user;
|
||||||
|
|
||||||
|
if (nick = query["user"]) user = find_person(nick);
|
||||||
|
if (user && user->validToken(query["token"])) return user;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -14,6 +14,7 @@
|
||||||
void dns_resolve(string hostname, closure callback, varargs array(mixed) extra);
|
void dns_resolve(string hostname, closure callback, varargs array(mixed) extra);
|
||||||
void dns_rresolve(string ip, closure callback, varargs array(mixed) extra);
|
void dns_rresolve(string ip, closure callback, varargs array(mixed) extra);
|
||||||
#endif
|
#endif
|
||||||
|
varargs object find_person(string name, vaint lowercazed);
|
||||||
#ifndef hex2int
|
#ifndef hex2int
|
||||||
int hex2int(string hex);
|
int hex2int(string hex);
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -530,14 +530,6 @@ void displayFooter() {
|
||||||
w("_HTML_tail_threads", "</body></html>");
|
w("_HTML_tail_threads", "</body></html>");
|
||||||
}
|
}
|
||||||
|
|
||||||
static object checkToken(mapping query) {
|
|
||||||
string nick;
|
|
||||||
object user;
|
|
||||||
if (nick = query["user"]) user = find_person(nick);
|
|
||||||
if (user && user->validToken(query["token"])) return user;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
htget(prot, query, headers, qs, data) {
|
htget(prot, query, headers, qs, data) {
|
||||||
mapping entrymap;
|
mapping entrymap;
|
||||||
mixed target;
|
mixed target;
|
||||||
|
@ -546,7 +538,7 @@ htget(prot, query, headers, qs, data) {
|
||||||
int a;
|
int a;
|
||||||
int limit = to_int(query["limit"]) || DEFAULT_BACKLOG;
|
int limit = to_int(query["limit"]) || DEFAULT_BACKLOG;
|
||||||
int offset = to_int(query["offset"]);
|
int offset = to_int(query["offset"]);
|
||||||
int authed = checkToken(query) ? 1 : 0;
|
int authed = check_query_token(query) ? 1 : 0;
|
||||||
unless (isPublic() || authed) {
|
unless (isPublic() || authed) {
|
||||||
write("<h1>404</h1>");
|
write("<h1>404</h1>");
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -570,7 +562,7 @@ htget(prot, query, headers, qs, data) {
|
||||||
htok(prot);
|
htok(prot);
|
||||||
|
|
||||||
// TODO: remote user auth
|
// TODO: remote user auth
|
||||||
unless (user = checkToken(query)) {
|
unless (user = check_query_token(query)) {
|
||||||
write("Not authenticated!\n");
|
write("Not authenticated!\n");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
@ -618,10 +610,10 @@ htget(prot, query, headers, qs, data) {
|
||||||
//P2(("all entries: %O\n", _thread))
|
//P2(("all entries: %O\n", _thread))
|
||||||
htok3(prot, "text/html", "Cache-Control: no-cache\n");
|
htok3(prot, "text/html", "Cache-Control: no-cache\n");
|
||||||
displayHeader("entries");
|
displayHeader("entries");
|
||||||
if ((user = checkToken(query)) && canPost(user->qName()))
|
if ((user = check_query_token(query)) && canPost(user->qName()))
|
||||||
displayForm(!v("showform"));
|
displayForm(!v("showform"));
|
||||||
// display the blog
|
// display the blog
|
||||||
displayMain(limit, offset, checkToken(query) ? 1 : 0);
|
displayMain(limit, offset, check_query_token(query) ? 1 : 0);
|
||||||
// display the chatlog
|
// display the chatlog
|
||||||
if (showWebLog()) logView(a < 24 ? a : 12, "html", 15);
|
if (showWebLog()) logView(a < 24 ? a : 12, "html", 15);
|
||||||
displayFooter();
|
displayFooter();
|
||||||
|
|
Loading…
Reference in a new issue