little fixes

auth.c

@@ -164,7 +164,7 @@ onion_connection_status auth(_U_ onion_handler *h, onion_request *req, onion_res
     sessinfo *session = qookieSession(req);
     if(!session) DBG("No cookie, need to create\n");
     else if(!logout){
-        onion_response_write0(res, "AuthOK");
+        onion_response_write0(res, AUTH_ANS_AUTHOK);
         goto closeconn;
     }
     const char *username = NULL, *passwd = NULL;
@@ -174,7 +174,7 @@ onion_connection_status auth(_U_ onion_handler *h, onion_request *req, onion_res
             if(deleteSession(session->sessID))
                 WARNX("Can't delete session with ID=%s from database", session->sessID);
         }
-        onion_response_write0(res, "LogOut");
+        onion_response_write0(res, AUTH_ANS_LOGOUT);
         onion_response_add_cookie(res, SESSION_COOKIE_NAME, "clear", 0, "/", NULL, OC_HTTP_ONLY|OC_SECURE);
         goto closeconn;
     }else{ // log in
@@ -182,13 +182,13 @@ onion_connection_status auth(_U_ onion_handler *h, onion_request *req, onion_res
         username = getQdata(req, "login");
         if(!username){
             ONION_WARNING("no login field -> need auth");
-            onion_response_write0(res, "NeedAuth");
+            onion_response_write0(res, AUTH_ANS_NEEDAUTH);
             return OCS_CLOSE_CONNECTION;
         }
         passwd = getQdata(req, "passwd");
         if(!passwd){
             ONION_WARNING("Trying to enter authenticated area without password");
-            onion_response_write0(res, "No password");
+            onion_response_write0(res, AUTH_ANS_NOPASSWD);
             return OCS_FORBIDDEN;
         }
     }
@@ -235,7 +235,7 @@ onion_connection_status auth(_U_ onion_handler *h, onion_request *req, onion_res
         sleep(2);
     }while(1);
     onion_response_add_cookie(res, SESSION_COOKIE_NAME, session->sessID, 366*86400, "/", NULL, OC_HTTP_ONLY|OC_SECURE);
-    onion_response_write0(res, "AuthOK");
+    onion_response_write0(res, AUTH_ANS_AUTHOK);
 closeconn:
     freeSessInfo(&session);
     return OCS_CLOSE_CONNECTION;

auth.h

@@ -24,6 +24,12 @@
 
 #define SESSION_COOKIE_NAME     "Acookie"
 
+// standard answers to client
+#define AUTH_ANS_NEEDAUTH   "NeedAuth"
+#define AUTH_ANS_AUTHOK     "AuthOK"
+#define AUTH_ANS_LOGOUT     "LogOut"
+#define AUTH_ANS_NOPASSWD   "NoPassword"
+
 typedef struct{
     char *username;     // user name
     char *password;     // password hash (SHA512)

static/index.html

@@ -7,7 +7,6 @@
 <body onload="auth.init();">
 <p>Text
 <p>More text
-<button onclick="auth.wsinit();">Push me</button>
 <p>
 <div id="wsmsgs"></div>
 <div id="errmsg" style='background-color: red;'></div>

websockets.c

@@ -16,6 +16,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#include "auth.h"
 #include "websockets.h"
 
 #include <errno.h>
@@ -26,8 +27,14 @@
 
 #define BUFLEN 255
 
-static onion_connection_status websocket_cont(_U_ void *data, onion_websocket *ws, ssize_t dlen){
+// bit-fields of `data` field (websocket_cont)
+#define WS_FLAG_NOTAUTHORIZED   1
+
+TODO: add logout!
+
+static onion_connection_status websocket_cont(void *data, onion_websocket *ws, ssize_t dlen){
     FNAME();
+    uint32_t flags = *((uint32_t*)data);
     char tmp[BUFLEN+1];
     if(dlen > BUFLEN) dlen = BUFLEN;
 
@@ -37,9 +44,30 @@ static onion_connection_status websocket_cont(_U_ void *data, onion_websocket *w
         return OCS_NEED_MORE_DATA;
     }
     tmp[len] = 0;
+    //ONION_INFO("Read from websocket: %s (len=%d)", tmp, len);
     DBG("WS: got %s", tmp);
-    onion_websocket_printf(ws, "Echo: %s", tmp);
-    ONION_INFO("Read from websocket: %d: %s", len, tmp);
+    if(flags & WS_FLAG_NOTAUTHORIZED){ // not authorized over websocket
+        sessinfo *session = NULL;
+        if(strncmp(tmp, "Akey=", 5) == 0){ // got authorized key - check it
+            char *key = tmp + 5;
+            session = getSession(key);
+            /* here we should make a proper check, but for now do simplest */
+        }
+        if(!session){
+            onion_websocket_printf(ws, AUTH_ANS_NEEDAUTH);
+            WARNX("Wrong websocket session ID");
+            return OCS_FORBIDDEN;
+        }
+        flags &= ~WS_FLAG_NOTAUTHORIZED; // clear non-authorized flag
+        return OCS_NEED_MORE_DATA;
+    }
+    char *eq = strchr(tmp, '=');
+    if(eq){
+        *eq++ = 0;
+        onion_websocket_printf(ws, "parameter: '%s', its value: '%s'", tmp, eq);
+    }else{
+        onion_websocket_printf(ws, "Echo: %s", tmp);
+    }
     return OCS_NEED_MORE_DATA;
 }
 
@@ -52,8 +80,11 @@ onion_connection_status websocket_run(_U_ void *data, onion_request *req, onion_
         return OCS_PROCESSED;
     }
     DBG("WS ready");
-    green("RDY\n");
-    onion_websocket_printf(ws, "Hello from server. Write something to echo it");
+    const char *host = onion_request_get_client_description(req);
+    const char *UA = onion_request_get_header(req, "User-Agent");
+    green("Got WS connection from %s (UA: %s)\n", host, UA);
+    uint32_t *flags = calloc(1, 4);
+    onion_websocket_set_userdata(ws, (void*)flags, free);
     onion_websocket_set_callback(ws, websocket_cont);
     return OCS_WEBSOCKET;
 }