1 files changed, 28 insertions, 12 deletions

diff --git a/web.go b/web.go
index 1646b31..ea9e5cd 100644
--- a/web.go
+++ b/web.go
@@ -1,12 +1,14 @@
 package main
 
 import (
+	"database/sql"
 	"encoding/hex"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
 	"log"
 	"net/http"
+	"net/url"
 	"time"
 
 	_ "github.com/lib/pq"
@@ -96,12 +98,18 @@ func (app *App) callback(w http.ResponseWriter, r *http.Request) {
 	s.UserName = user.Name
 	app.InsertUserSession(s)
 	app.SetCookie(w, "session", s, 86400*30)
-	var lfmtoken string
-	app.GetCookie(r, "lfmtoken", &lfmtoken)
-	if lfmtoken != "" {
-		http.Redirect(w, r, "api/auth", http.StatusTemporaryRedirect)
+
+	var lfmauth struct {
+		Token  string
+		ApiKey string
 	}
-	if newUser {
+
+	if err := app.GetCookie(r, "lfmauth", &lfmauth); err == nil {
+		v := url.Values{}
+		v.Set("token", lfmauth.Token)
+		v.Add("api_key", lfmauth.ApiKey)
+		http.Redirect(w, r, "api/auth/?"+v.Encode(), http.StatusTemporaryRedirect)
+	} else if newUser {
 		http.Redirect(w, r, "/settings", http.StatusTemporaryRedirect)
 	} else {
 		http.Redirect(w, r, "/", http.StatusFound)
@@ -112,19 +120,27 @@ func (app *App) auth(w http.ResponseWriter, r *http.Request) {
 	se := new(UserSession)
 	err := app.GetCookie(r, "session", se)
 	if err != nil {
-		app.SetCookie(w, "lfmtoken", r.FormValue("token"), 120)
-		app.SetCookie(w, "lfmkey", r.FormValue("api_key"), 120)
+		app.SetCookie(w, "lfmauth",
+			struct {
+				Token  string
+				ApiKey string
+			}{r.FormValue("token"),
+				r.FormValue("api_key")}, 120)
 		http.Redirect(w, r, "/login", http.StatusFound)
 		return
 	}
-	key := r.FormValue("api_key")
-	if c, err := app.GetClient(key); err != nil {
-		fmt.Printf("%v\n", err)
+	if r.FormValue("api_key") == "" || r.FormValue("token") == "" {
+		log.Println("Invalid parameters")
+		return
+	}
+	if c, err := app.GetClient(r.FormValue("api_key")); err != nil {
+		log.Println(err)
 	} else {
 		if token, err := app.GetToken(r.FormValue("token")); err != nil {
-			return
+			log.Println(err)
 		} else {
-			token.UserId = se.UserId
+			token.UserId = sql.NullInt64{Int64: int64(se.UserId),
+				Valid: true}
 			app.PutToken(token)
 			app.Template.ExecuteTemplate(w, "auth.tmpl", c.Name)
 		}