Add basic auth. Fixes #4

src/web/auth_basic.c

@@ -0,0 +1,59 @@
+#import "auth_basic.h"
+
+#define UNAUTHORIZED_TEXT "Unauthorized"
+
+typedef struct auth_basic_data {
+    onion_handler *inside;
+    const char *b64credentials;
+} auth_basic_data_t;
+
+
+int authenticate(const char *expected, const char *credentials) {
+
+    if (expected == NULL) {
+        return TRUE;
+    }
+
+    if (credentials && strncmp(credentials, "Basic ", 6) == 0) {
+        if (strcmp((credentials + 6), expected) == 0) {
+            return TRUE;
+        }
+    }
+
+    return FALSE;
+}
+
+int auth_basic_handler(auth_basic_data_t *d,
+                       onion_request *req,
+                       onion_response *res) {
+
+    const char *credentials = onion_request_get_header(req, "Authorization");
+
+    if (authenticate(d->b64credentials, credentials)) {
+        return onion_handler_handle(d->inside, req, res);
+    }
+
+    onion_response_set_header(res, "WWW-Authenticate", "Basic realm=\"sist2\"");
+    onion_response_set_code(res, HTTP_UNAUTHORIZED);
+    onion_response_write(res, UNAUTHORIZED_TEXT, sizeof(UNAUTHORIZED_TEXT));
+    onion_response_set_length(res, sizeof(UNAUTHORIZED_TEXT));
+
+    return OCS_PROCESSED;
+}
+
+void auth_basic_free(auth_basic_data_t *data) {
+    onion_handler_free(data->inside);
+    free(data);
+}
+
+onion_handler *auth_basic(const char *b64credentials, onion_handler *inside_level) {
+
+    auth_basic_data_t *privdata = malloc(sizeof(auth_basic_data_t));
+
+    privdata->b64credentials = b64credentials;
+    privdata->inside = inside_level;
+
+    return onion_handler_new((onion_handler_handler) auth_basic_handler, privdata,
+                             (onion_handler_private_data_free) auth_basic_free);
+}
+

src/web/auth_basic.h

@@ -0,0 +1,4 @@
+#include "src/sist.h"
+
+
+onion_handler *auth_basic(const char *b64credentials, onion_handler *inside_level);

src/web/serve.c

@@ -245,6 +245,8 @@ int search(void *p, onion_request *req, onion_response *res) {
 
     if (r->status_code == 200) {
         onion_response_write(res, r->body, r->size);
+    } else {
+        onion_response_set_code(res, HTTP_INTERNAL_ERROR);
     }
 
     free_response(r);
@@ -391,9 +393,11 @@ void serve(const char *hostname, const char *port) {
     onion_set_hostname(o, hostname);
     onion_set_port(o, port);
 
-    onion_url *urls = onion_root_url(o);
+    onion_url *urls = onion_url_new();
 
     // Static paths
+    onion_set_root_handler(o, auth_basic(WebCtx.b64credentials, onion_url_to_handler(urls)));
+
     onion_url_add(urls, "", search_index);
     onion_url_add(urls, "css", style);
     onion_url_add(urls, "js", javascript);
@@ -410,6 +414,7 @@ void serve(const char *hostname, const char *port) {
     onion_url_add(urls, "^f/([a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12})$", file);
     onion_url_add(urls, "i", index_info);
 
+
     printf("Starting web server @ http://%s:%s\n", hostname, port);
 
     onion_listen(o);