Allow Basic-Auth pass-through

diff --git a/libs/lucid-http/luasrc/lucid/http/server.lua b/libs/lucid-http/luasrc/lucid/http/server.lua
index 0fe9473..cb10813 100644 (file)
--- a/libs/lucid-http/luasrc/lucid/http/server.lua
+++ b/libs/lucid-http/luasrc/lucid/http/server.lua
@@ -132,6 +132,7 @@ function Handler.checkrestricted(self, request)
                end
                
                if stat then
+                       request.env.HTTP_AUTH_USER, request.env.HTTP_AUTH_PASS = user, pass
                        return
                end
        end

diff --git a/libs/web/luasrc/dispatcher.lua b/libs/web/luasrc/dispatcher.lua
index c863d9f..01cc109 100644 (file)
--- a/libs/web/luasrc/dispatcher.lua
+++ b/libs/web/luasrc/dispatcher.lua
@@ -258,7 +258,7 @@ function dispatch(request)
                local verifytoken = false
                if not sess then
                        sess = luci.http.getcookie("sysauth")
-                       sess = sess and sess:match("^[a-f0-9]+$")
+                       sess = sess and sess:match("^[a-f0-9]*$")
                        verifytoken = true
                end
 
@@ -272,6 +272,12 @@ function dispatch(request)
                        if not verifytoken or ctx.urltoken.stok == sdat.token then
                                user = sdat.user
                        end
+               else
+                       local eu = http.getenv("HTTP_AUTH_USER")
+                       local ep = http.getenv("HTTP_AUTH_PASS")
+                       if eu and ep and luci.sys.user.checkpasswd(eu, ep) then
+                               authen = function() return eu end
+                       end
                end
 
                if not util.contains(accs, user) then