Implement DELETE for /api/auth to allow users to actually log out.
Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
DL6ER
parent
411cf85ef7
commit
e51a069d48
|
|
@ -83,12 +83,12 @@ int api_auth(struct mg_connection *conn)
|
|||
if(http_get_cookie_int(conn, "user_id", &num) && num > -1 && num < API_MAX_CLIENTS)
|
||||
{
|
||||
if(config.debug & DEBUG_API)
|
||||
logg("Read user_id=%i from user-provided cookie", user_id);
|
||||
logg("Read user_id=%i from user-provided cookie", num);
|
||||
|
||||
time_t now = time(NULL);
|
||||
if(auth_data[num].used &&
|
||||
auth_data[num].valid_until >= now &&
|
||||
strcmp(auth_data[num].remote_addr, request->remote_addr) == 0)
|
||||
auth_data[num].valid_until >= now &&
|
||||
strcmp(auth_data[num].remote_addr, request->remote_addr) == 0)
|
||||
{
|
||||
// Authenticationm succesful:
|
||||
// - We know this client
|
||||
|
|
@ -107,7 +107,7 @@ int api_auth(struct mg_connection *conn)
|
|||
}
|
||||
|
||||
cJSON *json = JSON_NEW_OBJ();
|
||||
if(user_id > -1)
|
||||
if(user_id > -1 && http_method(conn) == HTTP_GET)
|
||||
{
|
||||
if(config.debug & DEBUG_API)
|
||||
logg("Authentification: OK");
|
||||
|
|
@ -124,6 +124,21 @@ int api_auth(struct mg_connection *conn)
|
|||
JSON_SENT_OBJECT(json);
|
||||
}
|
||||
}
|
||||
else if(user_id > -1 && http_method(conn) == HTTP_DELETE)
|
||||
{
|
||||
if(config.debug & DEBUG_API)
|
||||
logg("Authentification: OK, requested to revoke");
|
||||
|
||||
// Revoke client authentication. This slot can be used by a new client, afterwards.
|
||||
auth_data[num].used = false;
|
||||
auth_data[num].valid_until = time(NULL);
|
||||
free(auth_data[num].remote_addr);
|
||||
auth_data[num].remote_addr = NULL;
|
||||
|
||||
JSON_OBJ_REF_STR(json, "status", "success");
|
||||
char *additional_headers = strdup("Set-Cookie: user_id=deleted; Path=/; Max-Age=-1\r\n");
|
||||
JSON_SENT_OBJECT_AND_HEADERS(json, additional_headers);
|
||||
}
|
||||
else
|
||||
{
|
||||
if(config.debug & DEBUG_API)
|
||||
|
|
|
|||
|
|
@ -260,3 +260,20 @@ bool http_get_cookie_str(struct mg_connection *conn, const char *cookieName, cha
|
|||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
int http_method(struct mg_connection *conn)
|
||||
{
|
||||
const struct mg_request_info *request = mg_get_request_info(conn);
|
||||
if(strcmp(request->request_method, "GET") == 0)
|
||||
{
|
||||
return HTTP_GET;
|
||||
}
|
||||
else if(strcmp(request->request_method, "DELETE") == 0)
|
||||
{
|
||||
return HTTP_DELETE;
|
||||
}
|
||||
else
|
||||
{
|
||||
return HTTP_UNKNOWN;
|
||||
}
|
||||
}
|
||||
|
|
@ -37,4 +37,8 @@ bool http_get_cookie_str(struct mg_connection *conn, const char *cookieName, cha
|
|||
// HTTP macros
|
||||
#define GET_VAR(variable, destination, source) mg_get_var(source, strlen(source), variable, destination, sizeof(destination))
|
||||
|
||||
// Method routines
|
||||
enum { HTTP_UNKNOWN, HTTP_GET, HTTP_DELETE };
|
||||
int http_method(struct mg_connection *conn);
|
||||
|
||||
#endif // HTTP_H
|
||||
Loading…
Reference in New Issue