Add a method, authenticate(), which returns the cookie which is then
used to authenticate the user for other methods which require it.

--- ChangeLog	Sat Feb 16 15:05:19 2002
+++ ChangeLog	Sat Feb 16 15:07:35 2002
@@ -1,3 +1,13 @@
+2002-02-16  Gary Benson  <gary@inauspicious.org>
+
+	* acct_maint.h:
+	* acct_maint.c (acct_loginsub_serve): Move bulk of
+	acct_loginsub_serve() into new function acct_login().
+
+	* xmlrpc-methods.c:
+	* sample_db/site/xmlrpc.xml: Add new XML-RPC method authenticate()
+	which wraps acct_login().
+	
 2002-02-16  Gary Benson  <gary@inauspicious.org>
 
 	* auth.h:	
diff -ru sample_db/site/xmlrpc.xml sample_db/site/xmlrpc.xml
--- sample_db/site/xmlrpc.xml	Fri Feb 15 21:39:09 2002
+++ sample_db/site/xmlrpc.xml	Fri Feb 15 22:12:48 2002
@@ -16,6 +16,14 @@
 
 <p> It should return <tt>[12, 35]</tt>. </p>
 
+<h2>Authentication</h2>
+
+<dl>
+  <dt><tt>string cookie = authenticate(string user, string pass)</tt></dt>
+  <dd>Returns a cookie which is used as the first argument to all
+  methods requiring authentication.</dd>
+</dl> 
+
 <h2>Test functions</h2>
 
 <dl>
diff -ru acct_maint.c acct_maint.c
--- acct_maint.c	Fri Feb 15 21:39:04 2002
+++ acct_maint.c	Thu Feb 14 17:47:32 2002
@@ -300,14 +300,17 @@
 			  vr->prefix, u, u);
 }
 
-static int
-acct_loginsub_serve (VirguleReq *vr)
+/* Success: return 1, set *ret1 to username and *ret2 to cookie
+ * Failure: return 0, set *ret1 and *ret2 to short and long error messages
+ * FIXME: this function's interface is _nasty_
+ */
+int
+acct_login (VirguleReq *vr, const char *u, const char *pass,
+	    const char **ret1, const char **ret2)
 {
   request_rec *r = vr->r;
   pool *p = r->pool;
   Db *db = vr->db;
-  table *args;
-  const char *u, *pass;
   char *db_key, *stored_pass;
   xmlDoc *profile;
   xmlNode *root, *tree;
@@ -315,39 +318,39 @@
   const int n_iter_max = 10;
   int i;
 
-  r->content_type = "text/plain";
-
-  args = get_args_table (vr);
-
-  u = ap_table_get (args, "u");
-  pass = ap_table_get (args, "pass");
-
-#if 0
-  buffer_printf (b, "Username: %s\n", u);
-  buffer_printf (b, "Password: %s\n", pass);
-#endif
-
+  *ret1 = *ret2 = NULL;
+  
   if (!u[0])
-    return send_error_page (vr, "Specify a username",
-			    "You must specify a username.");
-
+    {
+      *ret1 = "Specify a username";
+      *ret2 = "You must specify a username.";
+      return 0;
+    }
   if (!pass[0])
-    return send_error_page (vr, "Specify a password",
-			    "You must specify a password.");
-
+    {
+      *ret1 = "Specify a password";
+      *ret2 = "You must specify a password.";
+      return 0;
+    }
+  
   for (i = 0; i < n_iter_max; i++)
     {
       /* sanity check user name */
       db_key = acct_dbkey (p, u);
       if (db_key == NULL)
-	return send_error_page (vr, "Invalid username",
-				"Username must contain only alphanumeric characters.");
+        {
+	  *ret1 = "Invalid username";
+	  *ret2 = "Username must contain only alphanumeric characters.";
+	  return 0;
+        }
 
       profile = db_xml_get (p, db, db_key);
       if (profile == NULL)
-	return send_error_page (vr,
-				"Account does not exist",
-				"Account <tt>%s</tt> does not exist. Try the <a href=\"new.html\">new account creation</a> page.", u);
+        {
+	  *ret1 = "Account does not exist";
+	  *ret2 = ap_psprintf (p, "Account <tt>%s</tt> does not exist. Try the <a href=\"new.html\">new account creation</a> page.", u);
+	  return 0;
+        }
       
 #if 0
       buffer_printf (b, "Profile: %s\n", profile->name);
@@ -367,34 +370,70 @@
     }
 
   if (i == n_iter_max)
-    return send_error_page (vr, "Alias loop",
-			    "More than %d levels of alias indirection from %s, indicating an alias loop. This is a problem with the server.",
-			    n_iter_max, u);
+    {
+      *ret1 = "Alias loop";
+      *ret2 = ap_psprintf (p, "More than %d levels of alias indirection from %s, indicating an alias loop. This is a problem with the server.",
+			n_iter_max, u);
+      return 0;
+    }
 
   tree = xml_find_child (root, "auth");
 
   if (tree == NULL)
-    return send_error_page (vr,
-			    "Account is missing auth field",
-			    "Account <tt>%s</tt> is missing its auth field. This is a problem with the server.", u);
+    {
+      *ret1 = "Account is missing auth field";
+      *ret2 = ap_psprintf (p, "Account <tt>%s</tt> is missing its auth field. This is a problem with the server.", u);
+      return 0;
+    }
 
   stored_pass = xmlGetProp (tree, "pass");
 
   if (strcmp (pass, stored_pass))
     {
       xmlFree (stored_pass);
-      return send_error_page (vr,
-			      "Incorrect password",
-			      "Incorrect password, try again.");
+      *ret1 = "Incorrect password";
+      *ret2 = "Incorrect password, try again.";
+      return 0;
     }
 
   xmlFree (stored_pass);
   cookie = xmlGetProp (tree, "cookie");
 
-  acct_set_cookie (vr, u, cookie, 86400 * 365);
-
+  *ret1 = ap_pstrdup (p, u);
+  *ret2 = ap_pstrdup (p, cookie);
   xmlFree (cookie);
+  return 1;
+}
+
+static int
+acct_loginsub_serve (VirguleReq *vr)
+{
+  request_rec *r = vr->r;
+  table *args;
+  const char *u, *pass;
+  const char *ret1, *ret2;
+  const char *cookie;
+  
+  r->content_type = "text/plain";
 
+  args = get_args_table (vr);
+
+  u = ap_table_get (args, "u");
+  pass = ap_table_get (args, "pass");
+
+#if 0
+  buffer_printf (b, "Username: %s\n", u);
+  buffer_printf (b, "Password: %s\n", pass);
+#endif
+
+  if (!acct_login (vr, u, pass, &ret1, &ret2))
+      return send_error_page (vr, ret1, ret2);
+
+  u = ret1;
+  cookie = ret2;
+  
+  acct_set_cookie (vr, u, cookie, 86400 * 365);
+  
   vr->u = u;
 
   return send_error_page (vr,
diff -ru acct_maint.h acct_maint.h
--- acct_maint.h	Sat Nov 13 19:27:39 1999
+++ acct_maint.h	Wed Feb 13 03:02:30 2002
@@ -2,4 +2,8 @@
 acct_dbkey (pool *p, const char *u);
 
 int
+acct_login (VirguleReq *vr, const char *u, const char *pass,
+	    const char **ret1, const char **ret2);
+
+int
 acct_maint_serve (VirguleReq *vr);
diff -ru xmlrpc-methods.c xmlrpc-methods.c
--- xmlrpc-methods.c	Fri Feb 15 21:39:09 2002
+++ xmlrpc-methods.c	Fri Feb 15 22:11:29 2002
@@ -17,11 +17,35 @@
 #include "buffer.h"
 #include "db.h"
 #include "req.h"
+#include "acct_maint.h"
 
 #include "xmlrpc.h"
 #include "xmlrpc-methods.h"
 
 
+/* Authentication
+ */
+static int
+authenticate (VirguleReq *vr, xmlNode *params)
+{
+  char *user, *pass;
+  const char *ret1, *ret2;
+  char *id_cookie;
+  int ret;
+  
+  ret = xmlrpc_unmarshal_params (vr, params, "ss", &user, &pass);
+  if (ret != OK)
+    return ret;
+
+  ret = acct_login (vr, user, pass, &ret1, &ret2);
+  if (ret == 0)
+    return xmlrpc_fault (vr, 1, ret1);
+
+  id_cookie = ap_pstrcat (vr->r->pool, ret1, ":", ret2, NULL);
+  return xmlrpc_response (vr, "s", id_cookie);
+}
+  
+
 /* Simple functions to test the stuff in xmlrpc.c
  */
 
@@ -97,6 +120,7 @@
 /* Method table
  */
 xmlrpc_method xmlrpc_method_table[] = {
+  { "authenticate",    authenticate    },
   { "test.guess",      test_guess      },
   { "test.square",     test_square     },
   { "test.sumprod",    test_sumprod    },