Using post for login and more logging

2 files changed, 13 insertions, 5 deletions

diff --git a/src/web/websession.vala b/src/web/websession.vala
index a3bf973..1b2e223 100644
--- a/src/web/websession.vala
+++ b/src/web/websession.vala
@@ -122,13 +122,20 @@ public class WebSession {
 			}
 		}
 
-		/* check for login query */
-		if(query == null || !query.contains("user") || !query.contains("password"))
+		/* check for login request */
+		//GLib.HashTable<string,string>? form_data = null;
+		if(msg.method != "POST") {
 			return;
+		}
+		var form_data = Soup.Form.decode((string) msg.request_body.data);
+		if (form_data == null || !form_data.contains("user") || !form_data.contains("password")) {		
+			return;					
+		}			
+
 
 		/* get credentials */
-		var userid   = int.parse(query["user"]);
-		var password = query["password"];
+		var userid   = int.parse(form_data["user"]);
+		var password = form_data["password"];
 
 		/* check credentials */
 		if(db.check_user_password(userid, password)) {
@@ -155,6 +162,7 @@ public class WebSession {
 
 			setup_auth(user);
 		} else {
+			stderr.printf("Login for user id %d failed\n", userid);
 			/* login failed */
 			failed=true;
 		}
diff --git a/templates/menu_login.html b/templates/menu_login.html
index a7f6b09..3a1f34f 100644
--- a/templates/menu_login.html
+++ b/templates/menu_login.html
@@ -1,4 +1,4 @@
-<form action="#" class="navbar-form pull-right">
+<form action="" method="post" class="navbar-form pull-right">
 	<input type="text" name="user" class="span2" placeholder="User ID" />
 	<input type="password" name="password" class="span2" placeholder="Password" />
 	<button type="submit" class="btn">Login</button>