Add an authentication function to the XML-RPC API, xmlrpc_auth_user(). --- ChangeLog Sat Feb 16 15:01:54 2002 +++ ChangeLog Sat Feb 16 15:05:19 2002 @@ -1,3 +1,14 @@ +2002-02-16 Gary Benson + + * auth.h: + * auth.c (auth_user): Move bulk of auth_user() into new function + auth_user_with_cookie(). + + * xmlrpc-methods.h: + * xmlrpc.h: + * xmlrpc.c: created new function xmlrpc_auth_user() which wraps + auth_user_with_cookie(). + 2002-02-15 Gary Benson * Makefile: diff -ru auth.c auth.c --- auth.c Sat Feb 16 12:12:56 2002 +++ auth.c Sat Feb 16 11:45:22 2002 @@ -13,20 +13,48 @@ #include "auth.h" void -auth_user (VirguleReq *vr) +auth_user_with_cookie (VirguleReq *vr, const char *id_cookie) { request_rec *r = vr->r; Db *db = vr->db; pool *p = r->pool; - const char *cookie, *val; - char *key; - const char *id_cookie; char *u; char *db_key; xmlDoc *profile; xmlNode *root, *tree; char *stored_cookie; + u = ap_getword (p, &id_cookie, ':'); + db_key = acct_dbkey (p, u); + if (db_key == NULL) + /* cookie is invalid */ + return; + + profile = db_xml_get (p, db, db_key); + if (profile == NULL) + /* account doesn't exist */ + return; + root = profile->root; + + tree = xml_find_child (root, "auth"); + if (tree == NULL) + return; + + stored_cookie = xmlGetProp (tree, "cookie"); + + if (strcmp (id_cookie, stored_cookie)) + /* cookie doesn't match */ + return; + vr->u = u; +} + +void +auth_user (VirguleReq *vr) +{ + const char *cookie, *val; + char *key; + const char *id_cookie; + if (vr->u != NULL) /* already authenticated */ return; @@ -48,26 +76,6 @@ } if (id_cookie == NULL) return; - u = ap_getword (p, &val, ':'); - db_key = acct_dbkey (p, u); - if (db_key == NULL) - /* cookie is invalid */ - return; - - profile = db_xml_get (p, db, db_key); - if (profile == NULL) - /* account doesn't exist */ - return; - root = profile->root; - tree = xml_find_child (root, "auth"); - if (tree == NULL) - return; - - stored_cookie = xmlGetProp (tree, "cookie"); - - if (strcmp (val, stored_cookie)) - /* cookie doesn't match */ - return; - vr->u = u; + auth_user_with_cookie (vr, id_cookie); } diff -ru auth.h auth.h --- auth.h Sat Feb 16 12:12:56 2002 +++ auth.h Sat Feb 16 11:36:40 2002 @@ -1,2 +1,5 @@ void auth_user (VirguleReq *vr); + +void +auth_user_with_cookie (VirguleReq *vr, const char *id_cookie); diff -ru xmlrpc.c xmlrpc.c --- xmlrpc.c Sat Feb 16 12:12:56 2002 +++ xmlrpc.c Sat Feb 16 12:13:21 2002 @@ -8,6 +8,7 @@ #include "buffer.h" #include "db.h" #include "req.h" +#include "auth.h" #include "xmlrpc.h" #include "xmlrpc-methods.h" @@ -142,6 +143,18 @@ } +/* Authenticate the user */ +int +xmlrpc_auth_user (VirguleReq *vr, const char *cookie) +{ + auth_user_with_cookie (vr, cookie); + if (vr->u == NULL) + return xmlrpc_fault (vr, 1, "authentication failure"); + + return OK; +} + + /* Extract the parameters from the request */ int xmlrpc_unmarshal_params (VirguleReq *vr, xmlNode *params, diff -ru xmlrpc.h xmlrpc.h --- xmlrpc.h Sat Feb 16 12:12:56 2002 +++ xmlrpc.h Sat Feb 16 12:03:34 2002 @@ -7,6 +7,9 @@ xmlrpc_unmarshal_params (VirguleReq *vr, xmlNode *params, const char *types, ...); int +xmlrpc_auth_user (VirguleReq *vr, const char *cookie); + +int xmlrpc_response (VirguleReq *vr, const char *types, ...); int diff -ru xmlrpc-methods.c xmlrpc-methods.c --- xmlrpc-methods.c Sat Feb 16 12:12:56 2002 +++ xmlrpc-methods.c Sat Feb 16 12:11:55 2002 @@ -1,11 +1,12 @@ -/* The mod_virgule XML-RPC API in four easy steps: +/* The mod_virgule XML-RPC API in five easy steps: * * 1. the method should call xmlrpc_unmarshal_params() even if it * doesn't have any parameters. - * 2. a) on success the method should call xmlrpc_response() + * 2. (optionally) call xmlrpc_auth_user() + * 3. a) on success the method should call xmlrpc_response() * b) on failure the method should call xmlrpc_fault() - * 3. add your method to method_table[] so it can be called. - * 4. add your method to sample_db/site/xmlrpc.xml + * 4. add your method to method_table[] so it can be called. + * 5. add your method to sample_db/site/xmlrpc.xml */ #include "httpd.h"