Skip to content

M
mongoose
Commit af98854c authored by Deomid Ryabkov's avatar Deomid Ryabkov Committed by Cesanta Bot
Browse files
Options

Delete old cookie_auth example 

PUBLISHED_FROM=c118b2796f697e8d5493bb3d534cee7406060c1a
parent 7cace648
Show whitespace changes
Inline Side-by-side
Showing with 0 additions and 193 deletions
examples/cookie_authentication/Makefile deleted 100644 → 0
View file @ 7cace648
PROG = cookie_auth
include ../examples.mk
examples/cookie_authentication/cookie_auth.c deleted 100644 → 0
View file @ 7cace648
// Copyright (c) 2014 Cesanta Software
// All rights reserved
#include <stdio.h>
#include <string.h>
#include <time.h>
#include "mongoose.h"
static const char *s_http_port = "8000";
static struct mg_serve_http_opts s_http_server_opts;
static const char *s_login_uri = "/login.html";
static const char *s_secret = ":-)"; // Must be known only to server
static void generate_ssid(const char *user_name, const char *expiration_date,
char *ssid, size_t ssid_size) {
char hash[33];
cs_md5(hash, user_name, strlen(user_name), ":", (size_t) 1, expiration_date,
strlen(expiration_date), ":", (size_t) 1, s_secret, strlen(s_secret),
NULL);
snprintf(ssid, ssid_size, "%s|%s|%s", user_name, expiration_date, hash);
}
static int check_auth(struct http_message *hm) {
int authenticated = 0;
char ssid[100], calculated_ssid[100], name[100], expire[100];
if (mg_vcmp(&hm->uri, s_login_uri) == 0) {
// Always authenticate requests to login page
authenticated = 1;
} else {
// Look for session ID in the Cookie.
// That session ID can be validated against the database that stores
// current active sessions.
mg_http_parse_header(mg_get_http_header(hm, "Cookie"), "ssid", ssid,
sizeof(ssid));
if (sscanf(ssid, "%[^|]|%[^|]|", name, expire) == 2) {
generate_ssid(name, expire, calculated_ssid, sizeof(calculated_ssid));
if (strcmp(ssid, calculated_ssid) == 0) {
authenticated = 1;
}
}
}
return authenticated;
}
static void check_login_form_submission(struct mg_connection *c,
struct http_message *hm) {
char name[100], password[100], ssid[100], expire[100], expire_epoch[100];
mg_get_http_var(&hm->body, "name", name, sizeof(name));
mg_get_http_var(&hm->body, "password", password, sizeof(password));
// A real authentication mechanism should be employed here.
// Also, the whole site should be served through HTTPS.
if (strcmp(name, "Joe") == 0 && strcmp(password, "Doe") == 0) {
// Generate expiry date
time_t t = time(NULL) + 3600; // Valid for 1 hour
snprintf(expire_epoch, sizeof(expire_epoch), "%lu", (unsigned long) t);
strftime(expire, sizeof(expire), "%a, %d %b %Y %H:%M:%S GMT", gmtime(&t));
generate_ssid(name, expire_epoch, ssid, sizeof(ssid));
// Set "session id" cookie, there could be some data encoded in it.
mg_printf(c,
"HTTP/1.1 302 Moved\r\n"
"Set-Cookie: ssid=%s; expire=\"%s\"; http-only; HttpOnly;\r\n"
"Location: /\r\n\r\n",
ssid, expire);
} else {
mg_printf(c, "%s", "HTTP/1.1 302 Moved\r\nLocation: /\r\n\r\n");
}
}
static void ev_handler(struct mg_connection *c, int ev, void *ev_data) {
if (ev == MG_EV_HTTP_REQUEST) {
struct http_message *hm = (struct http_message *) ev_data;
if (mg_vcmp(&hm->uri, s_login_uri) == 0 &&
mg_vcmp(&hm->method, "POST") == 0) {
check_login_form_submission(c, hm);
} else if (check_auth(hm)) {
// Authenticated. Serve files.
mg_serve_http(c, (struct http_message *) ev_data, s_http_server_opts);
} else {
// Not authenticated. Redirect to the login page.
mg_printf(c, "HTTP/1.1 302 Moved\r\nLocation: %s\r\n\r\n", s_login_uri);
}
}
}
int main(void) {
struct mg_mgr mgr;
struct mg_connection *c;
mg_mgr_init(&mgr, NULL);
c = mg_bind(&mgr, s_http_port, ev_handler);
if (c == NULL) {
printf("Cannot start server on port %s\n", s_http_port);
exit(1);
}
// Set up HTTP server parameters
mg_set_protocol_http_websocket(c);
s_http_server_opts.document_root = "."; // Serve current directory
printf("Starting web server on port %s\n", s_http_port);
for (;;) {
mg_mgr_poll(&mgr, 1000);
}
mg_mgr_free(&mgr);
return 0;
}
examples/cookie_authentication/index.html deleted 100644 → 0
View file @ 7cace648
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>WebSocket Test</title>
<meta name="viewport" content="width=device-width, initial-scale=1" />
<style type="text/css">
body {
background-color: #cde; margin: 0;
padding: 0; font: 14px Helvetica, Arial, sans-serif;
}
* { outline: none; }
div.content {
width: 800px; margin: 2em auto; padding: 20px 50px;
background-color: #fff; border-radius: 1em;
}
label { display: inline-block; min-width: 7em; }
input { border: 1px solid #ccc; padding: 0.4em; margin: 0 0 10px 0; }
a:link, a:visited { color: #69c; text-decoration: none; }
@media (max-width: 700px) {
body { background-color: #fff; }
div.content {
width: auto; margin: 0 auto; border-radius: 0; padding: 1em;
}
}
</style>
<body>
<div class="content">
<h1>Mongoose Cookie Base Authentication</h1>
<p>This is an index page. Authentication succeeded.</p>
</body>
</html>
examples/cookie_authentication/login.html deleted 100644 → 0
View file @ 7cace648
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>WebSocket Test</title>
<meta name="viewport" content="width=device-width, initial-scale=1" />
<style type="text/css">
body {
background-color: #cde; margin: 0;
padding: 0; font: 14px Helvetica, Arial, sans-serif;
}
* { outline: none; }
div.content {
width: 800px; margin: 2em auto; padding: 20px 50px;
background-color: #fff; border-radius: 1em;
}
label { display: inline-block; min-width: 7em; }
input { border: 1px solid #ccc; padding: 0.4em; margin: 0 0 10px 0; }
a:link, a:visited { color: #69c; text-decoration: none; }
@media (max-width: 700px) {
body { background-color: #fff; }
div.content {
width: auto; margin: 0 auto; border-radius: 0; padding: 1em;
}
}
</style>
<body>
<div class="content">
<h1>Mongoose Cookie Based Authentication</h1>
<p>Use name "Joe", password "Doe" to login.</p>
<form method="POST">
<div>
<label>Name:</label>
<input type="text" name="name"/>
</div><div>
<label>Password:</label>
<input type="password" name="password"/>
</div><div>
<input type="submit" value="Login"/>
</div>
</form>
</body>
</html>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment