diff options
| -rw-r--r-- | html.c | 13 | ||||
| -rw-r--r-- | httpd.c | 4 |
2 files changed, 13 insertions, 4 deletions
| @@ -1565,8 +1565,10 @@ int html_get_handler(const xs_dict *req, const char *q_path, | |||
| 1565 | } | 1565 | } |
| 1566 | else | 1566 | else |
| 1567 | if (strcmp(p_path, "admin") == 0) { /** private timeline **/ | 1567 | if (strcmp(p_path, "admin") == 0) { /** private timeline **/ |
| 1568 | if (!login(&snac, req)) | 1568 | if (!login(&snac, req)) { |
| 1569 | *body = xs_dup(uid); | ||
| 1569 | status = 401; | 1570 | status = 401; |
| 1571 | } | ||
| 1570 | else { | 1572 | else { |
| 1571 | if (cache && history_mtime(&snac, "timeline.html_") > timeline_mtime(&snac)) { | 1573 | if (cache && history_mtime(&snac, "timeline.html_") > timeline_mtime(&snac)) { |
| 1572 | snac_debug(&snac, 1, xs_fmt("serving cached timeline")); | 1574 | snac_debug(&snac, 1, xs_fmt("serving cached timeline")); |
| @@ -1593,8 +1595,10 @@ int html_get_handler(const xs_dict *req, const char *q_path, | |||
| 1593 | } | 1595 | } |
| 1594 | else | 1596 | else |
| 1595 | if (strcmp(p_path, "people") == 0) { /** the list of people **/ | 1597 | if (strcmp(p_path, "people") == 0) { /** the list of people **/ |
| 1596 | if (!login(&snac, req)) | 1598 | if (!login(&snac, req)) { |
| 1599 | *body = xs_dup(uid); | ||
| 1597 | status = 401; | 1600 | status = 401; |
| 1601 | } | ||
| 1598 | else { | 1602 | else { |
| 1599 | *body = html_people(&snac); | 1603 | *body = html_people(&snac); |
| 1600 | *b_size = strlen(*body); | 1604 | *b_size = strlen(*body); |
| @@ -1603,8 +1607,10 @@ int html_get_handler(const xs_dict *req, const char *q_path, | |||
| 1603 | } | 1607 | } |
| 1604 | else | 1608 | else |
| 1605 | if (strcmp(p_path, "notifications") == 0) { /** the list of notifications **/ | 1609 | if (strcmp(p_path, "notifications") == 0) { /** the list of notifications **/ |
| 1606 | if (!login(&snac, req)) | 1610 | if (!login(&snac, req)) { |
| 1611 | *body = xs_dup(uid); | ||
| 1607 | status = 401; | 1612 | status = 401; |
| 1613 | } | ||
| 1608 | else { | 1614 | else { |
| 1609 | *body = html_notifications(&snac); | 1615 | *body = html_notifications(&snac); |
| 1610 | *b_size = strlen(*body); | 1616 | *b_size = strlen(*body); |
| @@ -1758,6 +1764,7 @@ int html_post_handler(const xs_dict *req, const char *q_path, | |||
| 1758 | /* all posts must be authenticated */ | 1764 | /* all posts must be authenticated */ |
| 1759 | if (!login(&snac, req)) { | 1765 | if (!login(&snac, req)) { |
| 1760 | user_free(&snac); | 1766 | user_free(&snac); |
| 1767 | *body = xs_dup(uid); | ||
| 1761 | return 401; | 1768 | return 401; |
| 1762 | } | 1769 | } |
| 1763 | 1770 | ||
| @@ -251,7 +251,9 @@ void httpd_connection(FILE *f) | |||
| 251 | headers = xs_dict_append(headers, "location", body); | 251 | headers = xs_dict_append(headers, "location", body); |
| 252 | 252 | ||
| 253 | if (status == 401) { | 253 | if (status == 401) { |
| 254 | xs *www_auth = xs_fmt("Basic realm=\"%s snac login\"", xs_dict_get(srv_config, "host")); | 254 | xs *www_auth = xs_fmt("Basic realm=\"@%s@%s snac login\"", |
| 255 | body, xs_dict_get(srv_config, "host")); | ||
| 256 | |||
| 255 | headers = xs_dict_append(headers, "WWW-Authenticate", www_auth); | 257 | headers = xs_dict_append(headers, "WWW-Authenticate", www_auth); |
| 256 | } | 258 | } |
| 257 | 259 | ||