Mercurial > sci

comparison scid/http.c @ 50:b474f0985e39

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
scictl: add API key support
author David Demelier <markand@malikania.fr>
date Wed, 17 Aug 2022 09:11:58 +0200
parents e8f24896b484
children 7a4112eec15b
comparison
equal deleted inserted replaced
49:9d8df0c1db63 50:b474f0985e39
50 }; 50 };
51 51
52 static int 52 static int
53 allowed(const struct kreq *req) 53 allowed(const struct kreq *req)
54 { 54 {
55 for (size_t i = 0; i < req->reqsz; ++i) 55 for (size_t i = 0; i < req->reqsz; ++i) {
56 if (strcmp(req->reqs[i].key, "X-Api-Key") == 0 && 56 if (strcmp(req->reqs[i].key, "X-Api-Key") == 0 &&
57 strcmp(req->reqs[i].val, scid.apikey) == 0) 57 strcmp(req->reqs[i].val, scid.apikey) == 0)
58 return 1; 58 return 1;
59 }
59 60
60 return 0; 61 return 0;
61 } 62 }
62 63
63 static void 64 static void
76 }; 77 };
77 78
78 /* Any API page requires authentication key. */ 79 /* Any API page requires authentication key. */
79 if (req->method == KMETHOD_POST && !allowed(req)) { 80 if (req->method == KMETHOD_POST && !allowed(req)) {
80 log_warn("http: client not allowed"); 81 log_warn("http: client not allowed");
81 pageutil_status(req, KHTTP_401); 82 pageutil_json(req, KHTTP_401, NULL);
82 } else { 83 } else {
83 for (size_t i = 0; apis[i].prefix; ++i) 84 for (size_t i = 0; apis[i].prefix; ++i)
84 if (strncmp(req->path, apis[i].prefix, strlen(apis[i].prefix)) == 0) 85 if (strncmp(req->path, apis[i].prefix, strlen(apis[i].prefix)) == 0)
85 return apis[i].handler(req); 86 return apis[i].handler(req);
86 87
87 pageutil_status(req, KHTTP_404); 88 pageutil_json(req, KHTTP_404, NULL);
88 } 89 }
89 } 90 }
90 91
91 static const char * const pages[] = { 92 static const char * const pages[] = {
92 [PAGE_INDEX] = "", 93 [PAGE_INDEX] = "",