diff options
Diffstat (limited to 'doc/chapters/basicauthentication.inc')
-rw-r--r-- | doc/chapters/basicauthentication.inc | 78 |
1 files changed, 44 insertions, 34 deletions
diff --git a/doc/chapters/basicauthentication.inc b/doc/chapters/basicauthentication.inc index 7aa33637..ec0dd386 100644 --- a/doc/chapters/basicauthentication.inc +++ b/doc/chapters/basicauthentication.inc | |||
@@ -101,7 +101,7 @@ minor change, we can proceed to implement the actual authentication process. | |||
101 | 101 | ||
102 | Let us assume we had only files not intended to be handed out without the | 102 | Let us assume we had only files not intended to be handed out without the |
103 | correct username/password, so every "GET" request will be challenged. | 103 | correct username/password, so every "GET" request will be challenged. |
104 | @emph{RFC 2617} describes how the server shall ask for authentication by | 104 | @emph{RFC 7617} describes how the server shall ask for authentication by |
105 | adding a @emph{WWW-Authenticate} response header with the name of the | 105 | adding a @emph{WWW-Authenticate} response header with the name of the |
106 | @emph{realm} protected. MHD can generate and queue such a failure response | 106 | @emph{realm} protected. MHD can generate and queue such a failure response |
107 | for you using the @code{MHD_queue_basic_auth_fail_response} API. The only | 107 | for you using the @code{MHD_queue_basic_auth_fail_response} API. The only |
@@ -112,50 +112,60 @@ the proper credentials were already supplied using the | |||
112 | 112 | ||
113 | Your code would then look like this: | 113 | Your code would then look like this: |
114 | @verbatim | 114 | @verbatim |
115 | static int | 115 | static enum MHD_Result |
116 | answer_to_connection (void *cls, struct MHD_Connection *connection, | 116 | answer_to_connection (void *cls, struct MHD_Connection *connection, |
117 | const char *url, const char *method, | 117 | const char *url, const char *method, |
118 | const char *version, const char *upload_data, | 118 | const char *version, const char *upload_data, |
119 | size_t *upload_data_size, void **req_cls) | 119 | size_t *upload_data_size, void **req_cls) |
120 | { | 120 | { |
121 | char *user; | 121 | struct MHD_BasicAuthInfo *auth_info; |
122 | char *pass; | ||
123 | int fail; | ||
124 | enum MHD_Result ret; | 122 | enum MHD_Result ret; |
125 | struct MHD_Response *response; | 123 | struct MHD_Response *response; |
126 | 124 | ||
127 | if (0 != strcmp (method, MHD_HTTP_METHOD_GET)) | 125 | if (0 != strcmp (method, "GET")) |
128 | return MHD_NO; | 126 | return MHD_NO; |
129 | if (NULL == *req_cls) | 127 | if (NULL == *req_cls) |
130 | { | 128 | { |
131 | *req_cls = connection; | 129 | *req_cls = connection; |
132 | return MHD_YES; | 130 | return MHD_YES; |
133 | } | 131 | } |
134 | pass = NULL; | 132 | auth_info = MHD_basic_auth_get_username_password3 (connection); |
135 | user = MHD_basic_auth_get_username_password (connection, &pass); | 133 | if (NULL == auth_info) |
136 | fail = ( (user == NULL) || | 134 | { |
137 | (0 != strcmp (user, "root")) || | 135 | static const char *page = |
138 | (0 != strcmp (pass, "pa$$w0rd") ) ); | 136 | "<html><body>Authorization required</body></html>"; |
139 | if (user != NULL) free (user); | 137 | response = MHD_create_response_from_buffer_static (strlen (page), page); |
140 | if (pass != NULL) free (pass); | 138 | ret = MHD_queue_basic_auth_fail_response3 (connection, |
141 | if (fail) | 139 | "admins", |
142 | { | 140 | MHD_YES, |
143 | const char *page = "<html><body>Go away.</body></html>"; | 141 | response); |
144 | response = | 142 | } |
145 | MHD_create_response_from_buffer (strlen (page), (void *) page, | 143 | else if ((strlen ("root") != auth_info->username_len) || |
146 | MHD_RESPMEM_PERSISTENT); | 144 | (0 != memcmp (auth_info->username, "root", |
147 | ret = MHD_queue_basic_auth_fail_response (connection, | 145 | auth_info->username_len)) || |
148 | "my realm", | 146 | /* The next check against NULL is optional, |
149 | response); | 147 | * if 'password' is NULL then 'password_len' is always zero. */ |
150 | } | 148 | (NULL == auth_info->password) || |
149 | (strlen ("pa$$w0rd") != auth_info->password_len) || | ||
150 | (0 != memcmp (auth_info->password, "pa$$w0rd", | ||
151 | auth_info->password_len))) | ||
152 | { | ||
153 | static const char *page = | ||
154 | "<html><body>Wrong username or password</body></html>"; | ||
155 | response = MHD_create_response_from_buffer_static (strlen (page), page); | ||
156 | ret = MHD_queue_basic_auth_fail_response3 (connection, | ||
157 | "admins", | ||
158 | MHD_YES, | ||
159 | response); | ||
160 | } | ||
151 | else | 161 | else |
152 | { | 162 | { |
153 | const char *page = "<html><body>A secret.</body></html>"; | 163 | static const char *page = "<html><body>A secret.</body></html>"; |
154 | response = | 164 | response = MHD_create_response_from_buffer_static (strlen (page), page); |
155 | MHD_create_response_from_buffer (strlen (page), (void *) page, | 165 | ret = MHD_queue_response (connection, MHD_HTTP_OK, response); |
156 | MHD_RESPMEM_PERSISTENT); | 166 | } |
157 | ret = MHD_queue_response (connection, MHD_HTTP_OK, response); | 167 | if (NULL != auth_info) |
158 | } | 168 | MHD_free (auth_info); |
159 | MHD_destroy_response (response); | 169 | MHD_destroy_response (response); |
160 | return ret; | 170 | return ret; |
161 | } | 171 | } |