get_handle_login; token field in http_transaction

2022-12-05 20:24:32 -05:00 · 2022-12-05 20:24:32 -05:00 · 991fc01c87
commit 991fc01c87
parent bbb018471f
2 changed files with 32 additions and 0 deletions
--- a/src/http.c
+++ b/src/http.c
@ -327,6 +327,36 @@ out:
 }


+static bool get_handle_login(struct http_transaction *ta) {
+    http_add_header(&ta->resp_headers, "Content-Type", "application/json");
+
+    if (ta->token == NULL) {
+        return send_error(ta, HTTP_OK, "{}");
+    }
+
+    jwt_t *cookie;
+    int rc = jwt_decode(&cookie, ta->token, (unsigned char *) "key", 3);
+    if (rc) {
+        return send_error(ta, HTTP_OK, "{}\n");
+    }
+    /* Send claims */
+    char *grants = jwt_get_grants_json(cookie, NULL);
+    if (grants == NULL) {
+        return send_error(ta, HTTP_OK, "{}\n");
+    }
+    
+    // check expiration, still implementing
+    if (1) {
+        return send_error(ta, HTTP_PERMISSION_DENIED,"Forbidden.\n");
+    }
+    
+    // Still implementing
+    
+    return send_response(ta);
+
+
+}
+
 static int val_api_url(struct http_transaction *ta) {
    char *req_path = bufio_offset2ptr(ta->client->bufio, ta->req_path);
    if (!strcmp(req_path, "/api/login")) {
@ -355,6 +385,7 @@ handle_api(struct http_transaction *ta)
            
        else if (ta->req_method == HTTP_GET){
            // Handle login get
+            return get_handle_login(ta);
        }
            
        else{
--- a/src/http.h
+++ b/src/http.h
@ -40,6 +40,7 @@ struct http_transaction {
    size_t req_body;        // ditto
    int req_content_len;    // content length of request body

+    char *token; // authentication token

    /* response related fields */
    enum http_response_status resp_status;