From be7975aabb4cba23235e460beba549e190175d92 Mon Sep 17 00:00:00 2001
From: Sebastian Harl <sh@tokkee.org>
Date: Wed, 5 Feb 2014 22:07:46 +0100
Subject: [PATCH] frontend/session: Store authenticated user information.

Also, for now, reject access in case no username is provided.
---
 src/frontend/session.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/frontend/session.c b/src/frontend/session.c
index 6403469..a64931e 100644
--- a/src/frontend/session.c
+++ b/src/frontend/session.c
@@ -29,6 +29,8 @@
 
 #include "frontend/connection-private.h"
 
+#include <string.h>
+
 /*
  * public API
  */
@@ -36,13 +38,26 @@
 int
 sdb_fe_session_start(sdb_conn_t *conn)
 {
+	const char *username;
+
 	if ((! conn) || (conn->username))
 		return -1;
 
 	if (conn->cmd != CONNECTION_STARTUP)
 		return -1;
 
+	username = sdb_strbuf_string(conn->buf);
+	if ((! username) || (! conn->cmd_len) || (! *username)) {
+		sdb_strbuf_sprintf(conn->errbuf, "Invalid empty username");
+		return -1;
+	}
+
 	/* XXX: for now, simply accept all connections */
+	conn->username = strndup(username, conn->cmd_len);
+	if (! conn->username) {
+		sdb_strbuf_sprintf(conn->errbuf, "Authentication failed");
+		return -1;
+	}
 	sdb_connection_send(conn, CONNECTION_OK, 0, NULL);
 	return 0;
 } /* sdb_fe_session_start */
-- 
2.30.2