commit 0f8eee61992c809b47f89d1c34c192cfe607aa2d from: Omar Polo date: Sat May 17 16:14:02 2025 UTC gotwebd: handle the ?login query parameter for now the token is just a dummy "42". We still need to parse this in incoming requests too. commit - 0d6b67e271d1f497a862858fce73c5a9b430ef11 commit + 0f8eee61992c809b47f89d1c34c192cfe607aa2d blob - 86caae0a2edf5c2a511c9da7f3b02a08a8586dff blob + a392cac3f02e8a6e6be4488c768edde81e6d1655 --- gotwebd/gotweb.c +++ gotwebd/gotweb.c @@ -64,6 +64,7 @@ static const struct querystring_keys querystring_keys[ { "headref", HEADREF }, { "index_page", INDEX_PAGE }, { "path", PATH }, + { "login", LOGIN }, }; static const struct action_keys action_keys[] = { @@ -281,7 +282,33 @@ gotweb_process_request(struct request *c) log_warnx("%s: %s", __func__, error->msg); goto err; } + + if (qs->login) { + if (gotwebd_env->gotwebd_verbose > 0) + log_info("processing login: code='%s'", qs->login); + + /* xxx */ + if (strcmp(qs->login, "42") != 0) { + log_warnx("invalid code for login"); + if (gotweb_reply(c, 401, "text/html", NULL) == -1) + return (-1); + return gotweb_render_page(c->tp, + gotweb_render_unauthorized); + } + /* Set cookie */ + r = tp_writef(c->tp, "Set-Cookie: gwdauth=%s;" + " SameSite=Strict; Secure; Path=/; HttpOnly\r\n", + qs->login); + if (r == -1) + return (-1); + + if (gotweb_reply(c, 200, "text/html", NULL) == -1) + return (-1); + + return gotweb_render_page(c->tp, gotweb_render_authorized); + } + /* Log the request. */ if (gotwebd_env->gotwebd_verbose > 0) { char *server_name = NULL; @@ -773,6 +800,15 @@ gotweb_assign_querystring(struct querystring *qs, char case PATH: qs->path = strdup(value); if (qs->path == NULL) { + error = got_error_from_errno2(__func__, + "strdup"); + goto done; + } + break; + + case LOGIN: + qs->login = strdup(value); + if (qs->login == NULL) { error = got_error_from_errno2(__func__, "strdup"); goto done; @@ -825,6 +861,7 @@ gotweb_free_querystring(struct querystring *qs) free(qs->folder); free(qs->headref); free(qs->path); + free(qs->login); } free(qs); } blob - de79e10e1ae83e816658c6bac0274e5223f2cc12 blob + d5aac58e76bff711acb2cff1d174502b13a6f039 --- gotwebd/gotwebd.c +++ gotwebd/gotwebd.c @@ -722,7 +722,7 @@ gotwebd_configure_done(struct gotwebd *env) -1, NULL, 0) == -1) fatal("main_compose_sockets GOTWEBD_IMSG_CTL_START"); } - + if (env->servers_pending == 0 && env->gotweb_pending == 0) { if (main_compose_auth(env, GOTWEBD_IMSG_CTL_START, -1, NULL, 0) == -1) blob - 48619aa37f78c35dc4c873b7d3d8ea3c0ae218c8 blob + 737a37ad20b63c7ae87bf64f804979d32603ba64 --- gotwebd/gotwebd.h +++ gotwebd/gotwebd.h @@ -413,6 +413,7 @@ struct querystring { char *headref; int index_page; char *path; + char *login; }; struct querystring_keys { @@ -433,6 +434,7 @@ enum querystring_elements { HEADREF, INDEX_PAGE, PATH, + LOGIN, }; enum query_actions { @@ -512,6 +514,8 @@ int gotweb_render_summary(struct template *); int gotweb_render_blame(struct template *); int gotweb_render_patch(struct template *); int gotweb_render_rss(struct template *); +int gotweb_render_unauthorized(struct template *); +int gotweb_render_authorized(struct template *); /* parse.y */ int parse_config(const char *, struct gotwebd *); blob - d5af2ffcb28eb41174cdfe8a016103fbb42d50da blob + 9b46656ffff885365e7547a0729ee44bccf53edc --- gotwebd/pages.tmpl +++ gotwebd/pages.tmpl @@ -1368,4 +1368,12 @@ date: {{ datebuf }} {{ " UTC" }} {{ "\n" }} {{ mail }} {{" "}} ({{ author }}) +{{ end }} + +{{ define gotweb_render_unauthorized(struct template *tp) }} +

Wrong or missing authentication code

+{{ end }} + +{{ define gotweb_render_authorized(struct template *tp) }} +

Successfully authenticated!

{{ end }}