Refactor endpoint authentication flow.

Instead of one MatrixAuthenticate() function, we'll do
MatrixGetAccessToken(), and then UserAuthenticate(). This allows us to
give different error messages depending on what the user provided and what
the server state is.

TODO.txt

@@ -21,6 +21,7 @@ Milestone: v0.2.0
     [x] Username validation
     [x] Password hashing
     [x] User API
+[x] Password login
 
 [x] Document MemoryHexDump()
 [x] Document DbExists()

src/Matrix.c

@@ -302,14 +302,11 @@ MatrixErrorCreate(MatrixError errorArg)
 }
 
 HashMap *
-MatrixAuthenticate(HttpServerContext * context, Db * db)
+MatrixGetAccessToken(HttpServerContext * context, char **accessToken)
 {
     HashMap *params;
     char *token;
 
-    (void) db;                     /* Silence warning about unused var;
-                                    * we'll use it eventually. */
-
     params = HttpRequestHeaders(context);
     token = HashMapGet(params, "authorization");
 
@@ -345,8 +342,7 @@ MatrixAuthenticate(HttpServerContext * context, Db * db)
         }
     }
 
-    /* TODO: Check that "token" is actually valid */
-
+    *accessToken = token;
     return NULL;
 }
 

src/User.c

@@ -118,6 +118,52 @@ UserLock(Db * db, char *name)
     return user;
 }
 
+User *
+UserAuthenticate(Db * db, char *accessToken)
+{
+    User *user;
+    DbRef *atRef;
+
+    char *userName;
+    char *deviceId;
+    long expires;
+
+    if (!db || !accessToken)
+    {
+        return NULL;
+    }
+
+    atRef = DbLock(db, 3, "tokens", "access", accessToken);
+    if (!atRef)
+    {
+        return NULL;
+    }
+
+    userName = JsonValueAsString(HashMapGet(DbJson(atRef), "user"));
+    deviceId = JsonValueAsString(HashMapGet(DbJson(atRef), "device"));
+    expires = JsonValueAsInteger(HashMapGet(DbJson(atRef), "expires"));
+
+    user = UserLock(db, userName);
+    if (!user)
+    {
+        DbUnlock(db, atRef);
+        return NULL;
+    }
+
+    if (UtilServerTs() >= (unsigned long) expires)
+    {
+        UserUnlock(user);
+        DbUnlock(db, atRef);
+        return NULL;
+    }
+
+    /* TODO: Attach deviceId to User */
+    (void) deviceId;
+
+    DbUnlock(db, atRef);
+    return user;
+}
+
 int
 UserUnlock(User * user)
 {

src/include/Matrix.h

@@ -81,7 +81,7 @@ extern HashMap *
  MatrixErrorCreate(MatrixError);
 
 extern HashMap *
- MatrixAuthenticate(HttpServerContext *, Db *);
+ MatrixGetAccessToken(HttpServerContext *, char **);
 
 extern HashMap *
  MatrixRateLimit(HttpServerContext *, Db *);

src/include/User.h

@@ -51,6 +51,9 @@ extern User *
 extern User *
  UserLock(Db *, char *name);
 
+extern User *
+ UserAuthenticate(Db *, char *accessToken);
+
 extern int
  UserUnlock(User *);