#include "cgic.h"
#include "auth.h"
#include "config.h"
#include "utils.h"
#define UUID_SIZE 37
/* TODO: place cookie normally */
char *
validate_credentials()
{
char username[RA_USER_MAX_LENGTH + 1], password[RA_PASSWORD_MAX_LENGTH + 1];
char session_id[UUID_SIZE];
cgiFormResultType err;
int auth;
err = cgiFormString("username", username, RA_USER_MAX_LENGTH + 1);
if (err == cgiFormTruncated) {
return "Username too long\n";
}
if (err == cgiFormNotFound) {
return "Username not provided\n";
}
err = cgiFormString("password", password, RA_PASSWORD_MAX_LENGTH + 1);
if (err == cgiFormTruncated) {
return "Password too long\n";
}
if (err == cgiFormNotFound) {
return "Password not provided\n";
}
if (!is_valid_username(username)) {
return "Username must be [A-Za-z0-9_]\n";
}
if (!is_valid_password(password)) {
return "Password must be a sequence of bytes in range 32-255\n";
}
auth = authenticate(username, password, session_id);
if (auth < 0) {
return "Some error occured, contact system administrator\n";
}
if (auth) {
cgiHeaderCookieSet(SESSION_COOKIE_NAME, session_id, RA_SESSION_EXPIRE, "/", HOSTNAME, 0);
return "You've successfully logged in!\n";
} else {
return "Failed to log in, check credentials\n";
}
}
void
print_login_form()
{
fputs("\n", cgiOut);
}
int
cgiMain()
{
char *message;
if (cgiFormSubmitClicked("login") == cgiFormSuccess) {
message = validate_credentials();
} else {
message = "";
}
cgiHeaderContentType("text/html; charset=utf-8");
fprintf(cgiOut, "\n");
fprintf(cgiOut, "\n");
fprintf(cgiOut, " Simple discuss powered by qments \n");
fprintf(cgiOut, "\n");
fprintf(cgiOut, "\n");
fputs(message, cgiOut);
print_login_form();
fprintf(cgiOut, "\n");
fprintf(cgiOut, "\n");
return 0;
}