From de7b4681c953982fb8e33a5f74eb93ee8e539108 Mon Sep 17 00:00:00 2001
From: Christoph Burschka
Date: Thu, 16 Jan 2014 15:34:03 +0100
Subject: Finished session auth framework for now. (fixes #1)

Doc changes and some implementations remain.
---
 plugins/session/www/rpc.php | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

(limited to 'plugins/session/www')

diff --git a/plugins/session/www/rpc.php b/plugins/session/www/rpc.php
index fca85a0..9e27bc3 100644
--- a/plugins/session/www/rpc.php
+++ b/plugins/session/www/rpc.php
@@ -4,13 +4,18 @@ define('SESS_ROOT', __DIR__ . '/../');
 
 require_once SESS_ROOT . 'main.php';
 
-$entry = (!empty($_POST['salt']) && strlen($_POST['salt']) >= 16) ?
-         create_key($_POST['salt']) : FALSE;
-
-if ($entry) {
-  header('Content-type: text/plain; charset=UTF-8');
-  print json_encode($entry);
+if (!empty($_POST['salt']) && strlen($_POST['salt']) >= 16) {
+  $entry = create_key($_POST['salt']);
+  if ($entry) {
+    header('Content-type: text/plain; charset=UTF-8');
+    print json_encode($entry);
+  }
+  else {
+    header('HTTP/1.1 403 Forbidden');
+    print json_encode(['error' => 'no-session']);
+  }
 }
 else {
   header('HTTP/1.1 403 Forbidden');
+  print json_encode(['error' => 'no-request']);
 }
-- 
cgit v1.1