Gotweb

Commit Diff

Commit:: 0f8eee61992c809b47f89d1c34c192cfe607aa2d
From:: Omar Polo <op@omarpolo.com>
Date:: Sat May 17 16:14:02 2025 UTC
Message:: gotwebd: handle the ?login query parameter for now the token is just a dummy "42". We still need to parse this in incoming requests too.
Actions:: Patch | Tree
commit - 0d6b67e271d1f497a862858fce73c5a9b430ef11
commit + 0f8eee61992c809b47f89d1c34c192cfe607aa2d
blob - 86caae0a2edf5c2a511c9da7f3b02a08a8586dff
blob + a392cac3f02e8a6e6be4488c768edde81e6d1655
--- gotwebd/gotweb.c
+++ gotwebd/gotweb.c
@@ -64,6 +64,7 @@ static const struct querystring_keys querystring_keys[
 	{ "headref",		HEADREF },
 	{ "index_page",		INDEX_PAGE },
 	{ "path",		PATH },
+	{ "login",		LOGIN },
 };
 
 static const struct action_keys action_keys[] = {
@@ -281,7 +282,33 @@ gotweb_process_request(struct request *c)
 		log_warnx("%s: %s", __func__, error->msg);
 		goto err;
 	}
+
+	if (qs->login) {
+		if (gotwebd_env->gotwebd_verbose > 0)
+			log_info("processing login: code='%s'", qs->login);
+
+		/* xxx */
+		if (strcmp(qs->login, "42") != 0) {
+			log_warnx("invalid code for login");
+			if (gotweb_reply(c, 401, "text/html", NULL) == -1)
+				return (-1);
+			return gotweb_render_page(c->tp,
+			    gotweb_render_unauthorized);
+		}
 
+		/* Set cookie */
+		r = tp_writef(c->tp, "Set-Cookie: gwdauth=%s;"
+		    " SameSite=Strict; Secure; Path=/; HttpOnly\r\n",
+		    qs->login);
+		if (r == -1)
+			return (-1);
+
+		if (gotweb_reply(c, 200, "text/html", NULL) == -1)
+			return (-1);
+
+		return gotweb_render_page(c->tp, gotweb_render_authorized);
+	}
+
 	/* Log the request. */
 	if (gotwebd_env->gotwebd_verbose > 0) {
 		char *server_name = NULL;
@@ -773,6 +800,15 @@ gotweb_assign_querystring(struct querystring *qs, char
 		case PATH:
 			qs->path = strdup(value);
 			if (qs->path == NULL) {
+				error = got_error_from_errno2(__func__,
+				    "strdup");
+				goto done;
+			}
+			break;
+
+		case LOGIN:
+			qs->login = strdup(value);
+			if (qs->login == NULL) {
 				error = got_error_from_errno2(__func__,
 				    "strdup");
 				goto done;
@@ -825,6 +861,7 @@ gotweb_free_querystring(struct querystring *qs)
 		free(qs->folder);
 		free(qs->headref);
 		free(qs->path);
+		free(qs->login);
 	}
 	free(qs);
 }
blob - de79e10e1ae83e816658c6bac0274e5223f2cc12
blob + d5aac58e76bff711acb2cff1d174502b13a6f039
--- gotwebd/gotwebd.c
+++ gotwebd/gotwebd.c
@@ -722,7 +722,7 @@ gotwebd_configure_done(struct gotwebd *env)
 		        -1, NULL, 0) == -1)
 			fatal("main_compose_sockets GOTWEBD_IMSG_CTL_START");
 	}
-	
+
 	if (env->servers_pending == 0 && env->gotweb_pending == 0) {
 		if (main_compose_auth(env, GOTWEBD_IMSG_CTL_START,
 			-1, NULL, 0) == -1)
blob - 48619aa37f78c35dc4c873b7d3d8ea3c0ae218c8
blob + 737a37ad20b63c7ae87bf64f804979d32603ba64
--- gotwebd/gotwebd.h
+++ gotwebd/gotwebd.h
@@ -413,6 +413,7 @@ struct querystring {
 	char		*headref;
 	int		 index_page;
 	char		*path;
+	char		*login;
 };
 
 struct querystring_keys {
@@ -433,6 +434,7 @@ enum querystring_elements {
 	HEADREF,
 	INDEX_PAGE,
 	PATH,
+	LOGIN,
 };
 
 enum query_actions {
@@ -512,6 +514,8 @@ int	gotweb_render_summary(struct template *);
 int	gotweb_render_blame(struct template *);
 int	gotweb_render_patch(struct template *);
 int	gotweb_render_rss(struct template *);
+int	gotweb_render_unauthorized(struct template *);
+int	gotweb_render_authorized(struct template *);
 
 /* parse.y */
 int parse_config(const char *, struct gotwebd *);
blob - d5af2ffcb28eb41174cdfe8a016103fbb42d50da
blob + 9b46656ffff885365e7547a0729ee44bccf53edc
--- gotwebd/pages.tmpl
+++ gotwebd/pages.tmpl
@@ -1368,4 +1368,12 @@ date: {{ datebuf }} {{ " UTC" }} {{ "\n" }}
 <author>
   {{ mail }} {{" "}} ({{ author }})
 </author>
+{{ end }}
+
+{{ define gotweb_render_unauthorized(struct template *tp) }}
+<p>Wrong or missing authentication code</p>
+{{ end }}
+
+{{ define gotweb_render_authorized(struct template *tp) }}
+<p>Successfully authenticated!</p>
 {{ end }}