projects
/
project
/
luci.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
2787a7f
)
* libs/web: Reworked authentication
author
Steven Barth
<steven@midlink.org>
Sun, 10 Aug 2008 12:58:05 +0000
(12:58 +0000)
committer
Steven Barth
<steven@midlink.org>
Sun, 10 Aug 2008 12:58:05 +0000
(12:58 +0000)
libs/httpd/host/runluci
patch
|
blob
|
history
libs/httpd/luasrc/httpd/handler/luci.lua
patch
|
blob
|
history
libs/sys/luasrc/sys.lua
patch
|
blob
|
history
libs/web/luasrc/dispatcher.lua
patch
|
blob
|
history
modules/admin-full/luasrc/controller/admin/index.lua
patch
|
blob
|
history
modules/admin-mini/luasrc/controller/mini/index.lua
patch
|
blob
|
history
diff --git
a/libs/httpd/host/runluci
b/libs/httpd/host/runluci
index
6f6cdde
..
d31b3f7
100755
(executable)
--- a/
libs/httpd/host/runluci
+++ b/
libs/httpd/host/runluci
@@
-23,6
+23,9
@@
if pcall(require, "uci") and pcall(require, "luci.model.uci") then
luci.model.uci.set_confdir(luci.model.uci.confdir_default)
end
luci.model.uci.set_confdir(luci.model.uci.confdir_default)
end
+require("luci.sys")
+luci.sys.user.checkpasswd = function() return true end
+
filehandler = luci.httpd.handler.file.Simple(DOCROOT)
vhost:set_default_handler(filehandler)
filehandler = luci.httpd.handler.file.Simple(DOCROOT)
vhost:set_default_handler(filehandler)
diff --git
a/libs/httpd/luasrc/httpd/handler/luci.lua
b/libs/httpd/luasrc/httpd/handler/luci.lua
index
2328832
..
ac3ed78
100644
(file)
--- a/
libs/httpd/luasrc/httpd/handler/luci.lua
+++ b/
libs/httpd/luasrc/httpd/handler/luci.lua
@@
-32,7
+32,6
@@
end
function Luci.handle_head(self, ...)
local response, sourceout = self:handle_get(...)
function Luci.handle_head(self, ...)
local response, sourceout = self:handle_get(...)
- self.running = self.running - 1
return response
end
return response
end
@@
-67,7
+66,6
@@
function Luci.handle_get(self, request, sourcein, sinkerr)
status = 500
headers["Content-Type"] = "text/plain"
local err = {id}
status = 500
headers["Content-Type"] = "text/plain"
local err = {id}
- self.running = self.running - 1
return Response( status, headers ), function() return table.remove(err) end
end
return Response( status, headers ), function() return table.remove(err) end
end
diff --git
a/libs/sys/luasrc/sys.lua
b/libs/sys/luasrc/sys.lua
index
b8ec10e
..
56beafe
100644
(file)
--- a/
libs/sys/luasrc/sys.lua
+++ b/
libs/sys/luasrc/sys.lua
@@
-295,10
+295,7
@@
user.getuser = posix.getpasswd
function user.checkpasswd(username, password)
local account = user.getuser(username)
function user.checkpasswd(username, password)
local account = user.getuser(username)
- -- FIXME: detect testing environment
- if luci.fs.stat("/etc/shadow") and not luci.fs.access("/etc/shadow", "r") then
- return true
- elseif account then
+ if account then
if account.passwd == "!" then
return true
else
if account.passwd == "!" then
return true
else
diff --git
a/libs/web/luasrc/dispatcher.lua
b/libs/web/luasrc/dispatcher.lua
index
d9917c2
..
b74c5bd
100644
(file)
--- a/
libs/web/luasrc/dispatcher.lua
+++ b/
libs/web/luasrc/dispatcher.lua
@@
-33,6
+33,8
@@
require("luci.fs")
context = luci.util.threadlocal()
context = luci.util.threadlocal()
+authenticator = {}
+
-- Index table
local index = nil
-- Index table
local index = nil
@@
-76,25
+78,20
@@
function error500(message)
return false
end
return false
end
---- Render and evaluate the system authentication login form.
--- @param default Default username
--- @return Authentication status
-function sysauth(default)
+function authenticator.htmlauth(validator, default)
local user = luci.http.formvalue("username")
local pass = luci.http.formvalue("password")
local user = luci.http.formvalue("username")
local pass = luci.http.formvalue("password")
- if user and luci.sys.user.checkpasswd(user, pass) then
- local sid = luci.sys.uniqueid(16)
- luci.http.header("Set-Cookie", "sysauth=" .. sid.."; path=/")
- luci.sauth.write(sid, user)
- return true
- else
- require("luci.i18n")
- require("luci.template")
- context.path = {}
- luci.template.render("sysauth", {duser=default, fuser=user})
- return false
+ if user and validator(user, pass) then
+ return user
end
end
+
+ require("luci.i18n")
+ require("luci.template")
+ context.path = {}
+ luci.template.render("sysauth", {duser=default, fuser=user})
+ return false
+
end
--- Dispatch an HTTP request.
end
--- Dispatch an HTTP request.
@@
-172,13
+169,23
@@
function dispatch(request)
if track.sysauth then
require("luci.sauth")
if track.sysauth then
require("luci.sauth")
+ local authen = authenticator[track.sysauth_authenticator]
local def = (type(track.sysauth) == "string") and track.sysauth
local accs = def and {track.sysauth} or track.sysauth
local user = luci.sauth.read(luci.http.getcookie("sysauth"))
local def = (type(track.sysauth) == "string") and track.sysauth
local accs = def and {track.sysauth} or track.sysauth
local user = luci.sauth.read(luci.http.getcookie("sysauth"))
-
if not luci.util.contains(accs, user) then
if not luci.util.contains(accs, user) then
- if not sysauth(def) then
+ if authen then
+ local user = authen(luci.sys.user.checkpasswd, def)
+ if not user or not luci.util.contains(accs, user) then
+ return
+ else
+ local sid = luci.sys.uniqueid(16)
+ luci.http.header("Set-Cookie", "sysauth=" .. sid.."; path=/")
+ luci.sauth.write(sid, user)
+ end
+ else
+ luci.http.status(403, "Forbidden")
return
end
end
return
end
end
diff --git
a/modules/admin-full/luasrc/controller/admin/index.lua
b/modules/admin-full/luasrc/controller/admin/index.lua
index
9583f4f
..
cab9441
100644
(file)
--- a/
modules/admin-full/luasrc/controller/admin/index.lua
+++ b/
modules/admin-full/luasrc/controller/admin/index.lua
@@
-30,6
+30,7
@@
function index()
page.order = 10
page.i18n = "admin-core"
page.sysauth = "root"
page.order = 10
page.i18n = "admin-core"
page.sysauth = "root"
+ page.sysauth_authenticator = "htmlauth"
page.ucidata = true
local page = node("admin", "index")
page.ucidata = true
local page = node("admin", "index")
diff --git
a/modules/admin-mini/luasrc/controller/mini/index.lua
b/modules/admin-mini/luasrc/controller/mini/index.lua
index
fd960bb
..
a1a29b5
100644
(file)
--- a/
modules/admin-mini/luasrc/controller/mini/index.lua
+++ b/
modules/admin-mini/luasrc/controller/mini/index.lua
@@
-29,6
+29,7
@@
function index()
local page = entry({"mini"}, alias("mini", "index"), i18n("essentials", "Essentials"), 10)
page.i18n = "admin-core"
page.sysauth = "root"
local page = entry({"mini"}, alias("mini", "index"), i18n("essentials", "Essentials"), 10)
page.i18n = "admin-core"
page.sysauth = "root"
+ page.sysauth_authenticator = "htmlauth"
page.ucidata = true
entry({"mini", "index"}, alias("mini", "index", "index"), i18n("overview"), 10)
page.ucidata = true
entry({"mini", "index"}, alias("mini", "index", "index"), i18n("overview"), 10)