/* Web form login service routine. Called in response to a form-based login request when defined via httpSetAuthLogin. It is expected that "authCondition" has already authenticated the request. */ static void loginServiceProc(HttpConn *conn) { HttpAuth *auth; auth = conn->rx->route->auth; if (httpIsAuthenticated(conn)) { httpRedirect(conn, HTTP_CODE_MOVED_TEMPORARILY, auth->loggedInPage ? auth->loggedInPage : "~"); } else { httpRedirect(conn, HTTP_CODE_MOVED_TEMPORARILY, auth->loginPage); } }
/* Common base run for every request. */ static void commonBase(HttpStream *stream) { cchar *uri; if (!httpIsAuthenticated(stream)) { /* Access to certain pages are permitted without authentication so the user can login and logout. */ uri = getUri(); if (sstarts(uri, "/public/") || smatch(uri, "/user/login") || smatch(uri, "/user/logout")) { return; } feedback("error", "Access Denied. Login required."); redirect("/public/login.esp"); } }