From 972306d8136bda503f6788b8d4b65400b03e571c Mon Sep 17 00:00:00 2001
From: Jaroslav Kysela <perex@perex.cz>
Date: Tue, 16 Sep 2014 14:44:55 +0200
Subject: [PATCH] HTTP server: use cookie to remember the logout state

---
 src/http.c        |  7 +++++++
 src/http.h        |  1 +
 src/webui/webui.c | 13 +++++++++++++
 3 files changed, 21 insertions(+)

diff --git a/src/http.c b/src/http.c
index 15297e69..f5913174 100644
--- a/src/http.c
+++ b/src/http.c
@@ -252,6 +252,11 @@ http_send_header(http_connection_t *hc, int rc, const char *content,
 
   if(rc == HTTP_STATUS_UNAUTHORIZED)
     htsbuf_qprintf(&hdrs, "WWW-Authenticate: Basic realm=\"tvheadend\"\r\n");
+  if (hc->hc_logout_cookie == 1) {
+    htsbuf_qprintf(&hdrs, "Set-Cookie: logout=1; Path=\"/logout\"\r\n");
+  } else if (hc->hc_logout_cookie == 2) {
+    htsbuf_qprintf(&hdrs, "Set-Cookie: logout=0; Path=\"/logout'\"; expires=Thu, 01 Jan 1970 00:00:00 GMT\r\n");
+  }
 
   htsbuf_qprintf(&hdrs, "Connection: %s\r\n", 
 	      hc->hc_keep_alive ? "Keep-Alive" : "Close");
@@ -918,6 +923,8 @@ http_serve_requests(http_connection_t *hc, htsbuf_queue_t *spill)
     free(hc->hc_password);
     hc->hc_password = NULL;
 
+    hc->hc_logout_cookie = 0;
+
   } while(hc->hc_keep_alive && http_server);
 
 error:
diff --git a/src/http.h b/src/http.h
index 7a4baf61..544db669 100644
--- a/src/http.h
+++ b/src/http.h
@@ -137,6 +137,7 @@ typedef struct http_connection {
   struct config_head *hc_user_config;
 
   int hc_no_output;
+  int hc_logout_cookie;
 
   /* Support for HTTP POST */
   
diff --git a/src/webui/webui.c b/src/webui/webui.c
index 2d631ea7..04b213f0 100644
--- a/src/webui/webui.c
+++ b/src/webui/webui.c
@@ -182,9 +182,22 @@ page_logout(http_connection_t *hc, const char *remain, void *opaque)
   if (hc->hc_access == NULL ||
       hc->hc_access->aa_username == NULL ||
       hc->hc_access->aa_username == '\0') {
+redirect:
     http_redirect(hc, "/", &hc->hc_req_args);
     return 0;
   } else {
+    const char *s = http_arg_get(&hc->hc_args, "Cookie");
+    if (s) {
+      while (*s && *s != ';')
+        s++;
+      if (*s) s++;
+      while (*s && *s <= ' ') s++;
+      if (!strncmp(s, "logout=1", 8)) {
+        hc->hc_logout_cookie = 2;
+        goto redirect;
+      }
+      hc->hc_logout_cookie = 1;
+    }
     return HTTP_STATUS_UNAUTHORIZED;
   }
 }