PUBLIC cchar *espCreateSession(HttpConn *conn)
{
HttpSession *session;
if ((session = httpCreateSession(getConn())) != 0) {
return session->id;
}
return 0;
}
/*
Login the user and create an authenticated session state store
*/
PUBLIC bool httpLogin(HttpConn *conn, cchar *username, cchar *password)
{
HttpRx *rx;
HttpAuth *auth;
HttpSession *session;
HttpVerifyUser verifyUser;
rx = conn->rx;
auth = rx->route->auth;
if (!username || !*username) {
httpTrace(conn, "auth.login.error", "error", "msg: 'missing username'");
return 0;
}
if (!auth->store) {
mprLog("error http auth", 0, "No AuthStore defined");
return 0;
}
if ((verifyUser = auth->verifyUser) == 0) {
if (auth->parent && (verifyUser = auth->parent->verifyUser) == 0) {
verifyUser = auth->store->verifyUser;
}
}
if (!verifyUser) {
mprLog("error http auth", 0, "No user verification routine defined on route %s", rx->route->name);
return 0;
}
if (auth->username && *auth->username) {
/* If using auto-login, replace the username */
username = auth->username;
password = 0;
}
if (!(verifyUser)(conn, username, password)) {
return 0;
}
if (!auth->store->noSession) {
if ((session = httpCreateSession(conn)) == 0) {
/* Too many sessions */
return 0;
}
httpSetSessionVar(conn, HTTP_SESSION_USERNAME, username);
httpSetSessionVar(conn, HTTP_SESSION_IP, conn->ip);
}
rx->authenticated = 1;
rx->authenticateProbed = 1;
conn->username = sclone(username);
conn->encoded = 0;
return 1;
}
PUBLIC void createSession()
{
httpCreateSession(getConn());
}
