summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile2
-rw-r--r--auth.c56
-rw-r--r--blog.c14
-rw-r--r--blog.h6
4 files changed, 10 insertions, 68 deletions
diff --git a/Makefile b/Makefile
index ed2bc04..13e4de8 100644
--- a/Makefile
+++ b/Makefile
@@ -1,7 +1,7 @@
.POSIX:
CFLAGS=-static
-OBJECTS=blog.o post.o auth.o index.o
+OBJECTS=blog.o post.o index.o
all: blog
diff --git a/auth.c b/auth.c
deleted file mode 100644
index 7c20f9d..0000000
--- a/auth.c
+++ /dev/null
@@ -1,56 +0,0 @@
-#define _XOPEN_SOURCE 700
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include "blog.h"
-
-int authenticate(const char *username, const char *password)
-{
- int authenticated = 0;
-
- char *pwline = NULL;
- FILE *pwfile = fopen(PASSWORD_FILE, "r");
-
- if (!pwfile) {
- goto end;
- }
-
- size_t ulen = strlen(username);
-
- while (pwline == NULL) {
- char *line = NULL;
- size_t n = 0;
-
- if (getline(&line, &n, pwfile) == -1) {
- goto end;
- }
-
- if (strncmp(username, line, ulen) == 0 && line[ulen] == ':') {
- pwline = line;
- break;
- }
-
- free(line);
- }
-
- if (pwline == NULL) {
- goto end;
- }
-
- char *stored_password = pwline + ulen + 1;
- char *match = crypt(password, stored_password);
- if (!strncmp(match, stored_password, strlen(match))) {
- authenticated = 1;
- }
-
-end:
- if (pwline) {
- free(pwline);
- }
-
- if (pwfile) {
- fclose(pwfile);
- }
- return authenticated;
-}
diff --git a/blog.c b/blog.c
index 9772361..3c69802 100644
--- a/blog.c
+++ b/blog.c
@@ -51,15 +51,16 @@ char *user_email(const char *user)
int handle_post(void)
{
- read_post_data();
- char *user = find_post_data("username");
- if (!authenticate(user, find_post_data("password"))) {
+ char *user = getenv("REMOTE_USER");
+ if (!user) {
printf("Status 403 Forbidden\r\n");
printf("Content-Type: text/plain\r\n\r\n");
puts("Incorrect username or password. Go back and try again.");
return 0;
}
+ read_post_data();
+
chdir("/");
int blogdir = open(user, O_DIRECTORY);
if (blogdir == -1) {
@@ -132,6 +133,7 @@ int handle_post(void)
int main(void)
{
+ char *user = getenv("REMOTE_USER");
char *method = getenv("REQUEST_METHOD");
if (!strcmp(method, "POST")) {
return handle_post();
@@ -142,9 +144,11 @@ int main(void)
printf(HTML_HEAD, "new blog entry");
+ if (user) {
+ printf("<p>Posting as %s</p>\n", user);
+ }
+
printf("<form method=\"POST\" action=\"%s\">\n", getenv("DOCUMENT_URI"));
- puts("<input type=\"text\" name=\"username\" placeholder=\"username\" size=\"80\"><br>");
- puts("<input type=\"password\" name=\"password\" placeholder=\"password\" size=\"80\"><br>");
puts("<input type=\"text\" name=\"title\" placeholder=\"title\" size=\"80\"><br>");
puts("<textarea name=\"body\" cols=\"80\" rows=\"24\"><p></p></textarea><br>");
puts("<input type=\"submit\">");
diff --git a/blog.h b/blog.h
index 85bf490..1aad4e7 100644
--- a/blog.h
+++ b/blog.h
@@ -1,8 +1,6 @@
#ifndef BLOG_H
#define BLOG_H
-#define PASSWORD_FILE "/blog/password"
-
#define DOCTYPE "<!DOCTYPE html>\n"
#define HTML "<html lang=\"en\">\n"
#define META "<meta charset=\"utf-8\">\n"
@@ -23,12 +21,8 @@ char *find_post_data(char *key);
char *user_name(const char *user);
char *user_email(const char *user);
-int authenticate(const char *username, const char *password);
-
int handle_post(void);
-int show_entry(const char *path);
-
void add_to_index(const char *user, const char *path, const char *title);
int current_year(void);