From 7f45430ee81d6ebefcf95cd35f312a71ead5e09e Mon Sep 17 00:00:00 2001
From: Holger Cremer <HolgerCremer@gmail.com>
Date: Sat, 6 Jun 2015 23:16:58 +0200
Subject: Using post for login and more logging

---
 src/web/websession.vala | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/web/websession.vala b/src/web/websession.vala
index a3bf973..1b2e223 100644
--- a/src/web/websession.vala
+++ b/src/web/websession.vala
@@ -122,13 +122,20 @@ public class WebSession {
 			}
 		}
 
-		/* check for login query */
-		if(query == null || !query.contains("user") || !query.contains("password"))
+		/* check for login request */
+		//GLib.HashTable<string,string>? form_data = null;
+		if(msg.method != "POST") {
 			return;
+		}
+		var form_data = Soup.Form.decode((string) msg.request_body.data);
+		if (form_data == null || !form_data.contains("user") || !form_data.contains("password")) {		
+			return;					
+		}			
+
 
 		/* get credentials */
-		var userid   = int.parse(query["user"]);
-		var password = query["password"];
+		var userid   = int.parse(form_data["user"]);
+		var password = form_data["password"];
 
 		/* check credentials */
 		if(db.check_user_password(userid, password)) {
@@ -155,6 +162,7 @@ public class WebSession {
 
 			setup_auth(user);
 		} else {
+			stderr.printf("Login for user id %d failed\n", userid);
 			/* login failed */
 			failed=true;
 		}
-- 
cgit v1.2.3