From a874b62771ef4cdeff6ba04556656c8e7028822f Mon Sep 17 00:00:00 2001 From: Felicia Seo Date: Sat, 10 Dec 2022 20:41:03 -0500 Subject: [PATCH] logout, headers --- src/http.c | 31 ++++++++++++++++++++----------- src/http.h | 2 +- 2 files changed, 21 insertions(+), 12 deletions(-) diff --git a/src/http.c b/src/http.c index 320fd27..ea98aad 100644 --- a/src/http.c +++ b/src/http.c @@ -121,13 +121,12 @@ http_process_headers(struct http_transaction *ta) * are zero-terminated strings. */ if (!strcasecmp(field_name, "Cookie")) { - if (field_value == NULL) + if ((field_value == NULL) || (strlen(field_value) <= 11) return false; + printf("%s\n", field_value); ta->token = field_value + 11; // + 11 gets rid of "auth_token=" heading. ta->valid_token = validate_token_exp(ta, ta->token); - - ta->cookie = bufio_ptr2offset(ta->client->bufio, field_name); } } } @@ -312,6 +311,7 @@ bool validate_token_exp(struct http_transaction *ta, char* token) { char* grants = jwt_get_grants_json(cookie, NULL); if (grants == NULL) return send_error(ta, HTTP_OK, "{}"); + ta->grants = grants; // Get expiration time. json_error_t error; @@ -470,14 +470,18 @@ static bool get_handle_login(struct http_transaction *ta) { http_add_header(&ta->resp_headers, "Content-Type", "application/json"); if (!ta->valid_token) { - return send_error(ta, HTTP_PERMISSION_DENIED,"Forbidden.\n"); + return send_error(ta, HTTP_PERMISSION_DENIED,"Permission denied.\n"); } //~ char *json = buffer_ensure_capacity(&ta->resp_body, MAX_HEADER_LEN); - //~ int len = snprintf(json, strlen(grants) + 2, "%s\n", grants); + //~ int len = snprintf(json, strlen(ta->grants) + 2, "%s\n", ta->grants); //~ int length = len > MAX_HEADER_LEN ? MAX_HEADER_LEN - 1 : len; //~ ta->resp_body.len += length; - + + buffer_appends(&ta->resp_body, ta->grants); + buffer_appends(&ta->resp_body, CRLF); + + ta->resp_status = HTTP_OK; return send_response(ta); } @@ -543,8 +547,7 @@ handle_api(struct http_transaction *ta) if (val == -1){ return send_not_found(ta); } - - http_add_header(&ta->resp_headers, "Accept-Ranges", "bytes"); + if (val == 0) { if (ta->req_method == HTTP_POST) { // Handle login post @@ -562,6 +565,7 @@ handle_api(struct http_transaction *ta) } if (val == 1) { + http_add_header(&ta->resp_headers, "Accept-Ranges", "bytes"); DIR* dir = opendir(server_root); char *json = list_videos(dir); fprintf(stderr, "json: %s\n", json); @@ -579,9 +583,14 @@ handle_api(struct http_transaction *ta) } if (ta->req_method == HTTP_POST) // handles logout { - char* cookie = "auth_token=; Path=/; Max-Age=0; HttpOnly"; - ta->cookie = bufio_ptr2offset(ta->client->bufio, cookie); - return true; + // Add Set-Cookie header. + http_add_header(&ta->resp_headers, "Set-Cookie", "auth_token=; Path=/; Max-Age=0; HttpOnly"); + + // Send message. + buffer_appends(&ta->resp_body, "{\"message\":\"logging out\"}"); + buffer_appends(&ta->resp_body, CRLF); + ta->resp_status = HTTP_OK; + return send_response(ta); } return false; diff --git a/src/http.h b/src/http.h index e626154..c1e05a0 100644 --- a/src/http.h +++ b/src/http.h @@ -40,9 +40,9 @@ struct http_transaction { size_t req_body; // ditto int req_content_len; // content length of request body - size_t cookie; // offset to cookie header char *token; // authentication token bool valid_token; + char* grants; /* response related fields */ enum http_response_status resp_status;