Dict session() const{ onion_dict *d=onion_request_get_session_dict(ptr); if (d) return Dict(d); else return Dict(); }
int oterm_nopam(onion_handler *next, onion_request *req, onion_response *res){ onion_dict *session=onion_request_get_session_dict(req); onion_dict_lock_write(session); const char *username=getenv("USER"); if (username) onion_dict_add(session, "username", username, 0); onion_dict_add(session, "nopam", "true", 0); onion_dict_unlock(session); return onion_handler_handle(next, req, res); }
static onion_connection_status ask_session(void *_, onion_request *req, onion_response *res){ onion_dict *session=onion_request_get_session_dict(req); if (set_data_on_session) onion_dict_add(session,"Test","New data to create the session",0); has_set_cookie=0; onion_response_write0(res, "If I write before getting session, then there is no Set-Cookie.\n"); onion_response_printf(res, "%d elements at the session.\n", onion_dict_count(session)); ONION_DEBUG("Session ID is %s, cookies %s",req->session_id, onion_request_get_header(req, "Cookie")); strcpy(lastsessionid, req->session_id); return OCS_PROCESSED; }
int onion_handler_auth_pam_handler(onion_handler_auth_pam_data *d, onion_request *request, onion_response *res){ /// Use session to know if already logged in, so do not mess with PAM so often. if (onion_request_get_session(request, "pam_logged_in")) return onion_handler_handle(d->inside, request, res); const char *o=onion_request_get_header(request, "Authorization"); char *auth=NULL; char *username=NULL; char *passwd=NULL; if (o && strncmp(o,"Basic",5)==0){ //fprintf(stderr,"auth: '%s'\n",&o[6]); auth=onion_base64_decode(&o[6], NULL); username=auth; int i=0; while (auth[i]!='\0' && auth[i]!=':') i++; if (auth[i]==':'){ auth[i]='\0'; // so i have user ready passwd=&auth[i+1]; } else passwd=NULL; } // I have my data, try to authorize if (username && passwd){ int ok=authorize(d->pamname, username, passwd); if (ok){ // I save the username at the session, so it can be accessed later. onion_dict *session=onion_request_get_session_dict(request); onion_dict_lock_write(session); onion_dict_add(session, "username", username, OD_REPLACE|OD_DUP_VALUE); onion_dict_add(session, "pam_logged_in", username, OD_REPLACE|OD_DUP_VALUE); onion_dict_unlock(session); free(auth); return onion_handler_handle(d->inside, request, res); } } if (auth) free(auth); // Not authorized. Ask for it. char temp[256]; sprintf(temp, "Basic realm=\"%s\"",d->realm); onion_response_set_header(res, "WWW-Authenticate",temp); onion_response_set_code(res, HTTP_UNAUTHORIZED); onion_response_set_length(res,sizeof(RESPONSE_UNAUTHORIZED)); onion_response_write(res,RESPONSE_UNAUTHORIZED,sizeof(RESPONSE_UNAUTHORIZED)); return OCS_PROCESSED; }
onion_connection_status sessions(void *ignore, onion_request *req){ onion_response *res=onion_response_new(req); onion_dict *session=onion_request_get_session_dict(req); if (onion_request_get_query(req, "reset")){ onion_request_session_free(req); onion_response_write0(res, "ok"); return onion_response_free(res); } const char *n=onion_dict_get(session, "count"); int count; if (n){ count=atoi(n)+1; } else count=0; char tmp[16]; snprintf(tmp,sizeof(tmp),"%d",count); onion_dict_add(session, "count", tmp, OD_DUP_ALL|OD_REPLACE); if (onion_response_write_headers(res)==OR_SKIP_CONTENT) // Head return onion_response_free(res); onion_response_write0(res, "<html><body>\n<h1>Session data</h1>\n"); if (session){ onion_response_printf(res,"<ul>\n"); onion_dict_preorder(session, print_dict_element, res); onion_response_printf(res,"</ul>\n"); } else{ onion_response_printf(res,"No session data"); } onion_response_write0(res,"</body></html>"); return onion_response_free(res); }
/** * @short Gets session data * @memberof onion_request_t */ const char *onion_request_get_session(onion_request *req, const char *key) { onion_dict *d=onion_request_get_session_dict(req); return onion_dict_get(d, key); }
void t02_cookies(){ INIT_LOCAL(); onion *o=onion_new(O_ONE_LOOP); onion_request *req; onion_dict *session; char *cookieid; char tmp[256]; req=onion_request_new(o->server, NULL, NULL); FAIL_IF_NOT_EQUAL(req->session_id, NULL); session=onion_request_get_session_dict(req); onion_dict_add(session,"Test","tseT", 0); FAIL_IF_EQUAL(req->session_id, NULL); cookieid=strdup(req->session_id); onion_request_free(req); req=onion_request_new(o->server, NULL, NULL); FAIL_IF_NOT_EQUAL(req->session_id, NULL); session=onion_request_get_session_dict(req); FAIL_IF_EQUAL(req->session_id, NULL); session=onion_request_get_session_dict(req); onion_dict_add(session,"Test","Another value", 0); FAIL_IF_EQUAL_STR(req->session_id, cookieid); onion_request_free(req); req=onion_request_new(o->server, NULL, NULL); snprintf(tmp,sizeof(tmp),"sessionid=%s",cookieid); onion_dict_add(req->headers,"Cookie",tmp, OD_DUP_VALUE); FAIL_IF_NOT_EQUAL(req->session_id, NULL); session=onion_request_get_session_dict(req); FAIL_IF_NOT_EQUAL_STR(req->session_id, cookieid); FAIL_IF_NOT_EQUAL_STR(onion_dict_get(session,"Test"),"tseT"); onion_request_free(req); req=onion_request_new(o->server, NULL, NULL); snprintf(tmp,sizeof(tmp),"trashthingish=nothing interesting; sessionid=%s; wtf=ianal",cookieid); onion_dict_add(req->headers,"Cookie",tmp, OD_DUP_VALUE); FAIL_IF_NOT_EQUAL(req->session_id, NULL); session=onion_request_get_session_dict(req); FAIL_IF_NOT_EQUAL_STR(req->session_id, cookieid); FAIL_IF_NOT_EQUAL_STR(onion_dict_get(session,"Test"),"tseT"); onion_request_free(req); req=onion_request_new(o->server, NULL, NULL); snprintf(tmp,sizeof(tmp),"sessionid=nothing interesting; sessionid=%s; other_sessionid=ianal",cookieid); onion_dict_add(req->headers,"Cookie",tmp, OD_DUP_VALUE); FAIL_IF_NOT_EQUAL(req->session_id, NULL); session=onion_request_get_session_dict(req); FAIL_IF_NOT_EQUAL_STR(req->session_id, cookieid); FAIL_IF_NOT_EQUAL_STR(onion_dict_get(session,"Test"),"tseT"); onion_request_free(req); req=onion_request_new(o->server, NULL, NULL); snprintf(tmp,sizeof(tmp),"sessionid=nothing interesting; xsessionid=%s; other_sessionid=ianal",cookieid); onion_dict_add(req->headers,"Cookie",tmp, OD_DUP_VALUE); FAIL_IF_NOT_EQUAL(req->session_id, NULL); session=onion_request_get_session_dict(req); FAIL_IF_EQUAL_STR(req->session_id, cookieid); FAIL_IF_EQUAL_STR(onion_dict_get(session,"Test"),"tseT"); onion_request_free(req); onion_free(o); free(cookieid); END_LOCAL(); }