fix

git-svn-id: file:///raid/svn-main/nishi-mandshurica/trunk@64 f982e544-4a7d-3444-ad1a-fde59a2a69f1

diff --git a/Module/http.c b/Module/http.c
index fd24422e8013a2f7ede3cd90b3ff553d85ece830..caf4681fcf9fc865262f9538207e55edd31fcd8d 100644 (file)
--- a/Module/http.c
+++ b/Module/http.c
@@ -199,8 +199,8 @@ void http_handler(int sock) {
                                                                                                char* usr = mandshurica_parse_form(postbuf, "username");
                                                                                                char* pwd = mandshurica_parse_form(postbuf, "password");
                                                                                                if(usr != NULL && pwd != NULL) {
-                                                                                                       char* ptr;
-                                                                                                       int res = mod_auth(usr, pwd, &ptr);
+                                                                                                       char* token;
+                                                                                                       int res = mod_auth(usr, pwd, &token);
                                                                                                        if(res == MS_AUTH_OK) {
                                                                                                                char* type;
                                                                                                                uint64_t len;
@@ -245,6 +245,11 @@ void http_handler(int sock) {
                                                                                                                        send(sock, lenstr, strlen(lenstr), 0);
                                                                                                                        free(lenstr);
 
+                                                                                                                       send(sock, "\r\n", 2, 0);
+                                                                                                                       send(sock, "Set-Cookie: ", 11, 0);
+                                                                                                                       send(sock, "TOKEN=", 6, 0);
+                                                                                                                       send(sock, token, strlen(token), 0);
+                                                                                                                       send(sock, "; HttpOnly", 10, 0);
                                                                                                                        send(sock, "\r\n", 2, 0);
                                                                                                                        send(sock, "\r\n", 2, 0);
                                                                                                                        send(sock, data, len, 0);
@@ -253,9 +258,14 @@ void http_handler(int sock) {
                                                                                                                        send(sock, "HTTP/1.1 200 OK\r\n", 9 + 8, 0);
                                                                                                                        send(sock, "Connection: keep-alive\r\n", 24, 0);
                                                                                                                        send(sock, "Content-Length: 0\r\n", 19, 0);
+                                                                                                                       send(sock, "Set-Cookie: ", 11, 0);
+                                                                                                                       send(sock, "TOKEN=", 6, 0);
+                                                                                                                       send(sock, token, strlen(token), 0);
+                                                                                                                       send(sock, "; HttpOnly", 10, 0);
+                                                                                                                       send(sock, "\r\n", 2, 0);
                                                                                                                        send(sock, "\r\n", 2, 0);
                                                                                                                }
-                                                                                                               free(ptr);
+                                                                                                               free(token);
                                                                                                        } else if(res == MS_AUTH_ERROR) {
                                                                                                                send(sock, "HTTP/1.1 400 Bad Request\r\n", 17 + 9, 0);
                                                                                                                send(sock, "Connection: keep-alive\r\n", 24, 0);