projects / project / luci.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
luci-mod-rpc: fix unresolved controller reference in rpc_auth()
[project/luci.git] / modules / luci-mod-rpc / luasrc / controller / rpc.lua
1 -- Copyright 2008 Steven Barth <steven@midlink.org>
2 -- Copyright 2008 Jo-Philipp Wich <jow@openwrt.org>
3 -- Licensed to the public under the Apache License 2.0.
4
5 module("luci.controller.rpc", package.seeall)
6
7
8 function session_retrieve(sid, allowed_users)
9         local util = require "luci.util"
10         local sdat = util.ubus("session", "get", {
11                 ubus_rpc_session = sid
12         })
13
14         if type(sdat) == "table" and
15            type(sdat.values) == "table" and
16            type(sdat.values.token) == "string" and
17            type(sdat.values.secret) == "string" and
18            type(sdat.values.username) == "string" and
19            util.contains(allowed_users, sdat.values.username)
20         then
21                 return sid, sdat.values
22         end
23
24         return nil
25 end
26
27 function authenticator(validator, accs)
28         local http = require "luci.http"
29         local ctrl = require "luci.controller.rpc"
30         local auth = http.formvalue("auth", true) or http.getcookie("sysauth")
31
32         if auth then -- if authentication token was given
33                 local sid, sdat = ctrl.session_retrieve(auth, accs)
34                 if sdat then -- if given token is valid
35                         return sdat.username, sid
36                 end
37                 http.status(403, "Forbidden")
38         end
39 end
40
41
42 function index()
43         local ctrl = require "luci.controller.rpc"
44
45         local rpc = node("rpc")
46         rpc.sysauth = "root"
47         rpc.sysauth_authenticator = ctrl.authenticator
48         rpc.notemplate = true
49
50         entry({"rpc", "uci"}, call("rpc_uci"))
51         entry({"rpc", "fs"}, call("rpc_fs"))
52         entry({"rpc", "sys"}, call("rpc_sys"))
53         entry({"rpc", "ipkg"}, call("rpc_ipkg"))
54         entry({"rpc", "ip"}, call("rpc_ip"))
55         entry({"rpc", "auth"}, call("rpc_auth")).sysauth = false
56 end
57
58 function rpc_auth()
59         local ctrl    = require "luci.controller.rpc"
60         local jsonrpc = require "luci.jsonrpc"
61         local http    = require "luci.http"
62         local sys     = require "luci.sys"
63         local ltn12   = require "luci.ltn12"
64         local util    = require "luci.util"
65
66         local server = {}
67         server.challenge = function(user, pass)
68                 local config = require "luci.config"
69                 local login = util.ubus("session", "login", {
70                         username = user,
71                         password = pass,
72                         timeout  = tonumber(config.sauth.sessiontime)
73                 })
74
75                 if type(login) == "table" and
76                    type(login.ubus_rpc_session) == "string"
77                 then
78                         util.ubus("session", "set", {
79                                 ubus_rpc_session = login.ubus_rpc_session,
80                                 values = {
81                                         token = sys.uniqueid(16),
82                                         secret = sys.uniqueid(16)
83                                 }
84                         })
85
86                         local sid, sdat = ctrl.session_retrieve(login.ubus_rpc_session, { user })
87                         if sdat then
88                                 return {
89                                         sid = sid,
90                                         token = sdat.token,
91                                         secret = sdat.secret
92                                 }
93                         end
94                 end
95
96                 return nil
97         end
98
99         server.login = function(...)
100                 local challenge = server.challenge(...)
101                 if challenge then
102                         http.header("Set-Cookie", 'sysauth=%s; path=%s' %{
103                                 challenge.sid,
104                                 http.getenv("SCRIPT_NAME")
105                         })
106                         return challenge.sid
107                 end
108         end
109
110         http.prepare_content("application/json")
111         ltn12.pump.all(jsonrpc.handle(server, http.source()), http.write)
112 end
113
114 function rpc_uci()
115         if not pcall(require, "luci.model.uci") then
116                 luci.http.status(404, "Not Found")
117                 return nil
118         end
119         local uci     = require "luci.jsonrpcbind.uci"
120         local jsonrpc = require "luci.jsonrpc"
121         local http    = require "luci.http"
122         local ltn12   = require "luci.ltn12"
123
124         http.prepare_content("application/json")
125         ltn12.pump.all(jsonrpc.handle(uci, http.source()), http.write)
126 end
127
128 function rpc_fs()
129         local util    = require "luci.util"
130         local io      = require "io"
131         local fs2     = util.clone(require "nixio.fs")
132         local jsonrpc = require "luci.jsonrpc"
133         local http    = require "luci.http"
134         local ltn12   = require "luci.ltn12"
135
136         function fs2.readfile(filename)
137                 local stat, mime = pcall(require, "mime")
138                 if not stat then
139                         error("Base64 support not available. Please install LuaSocket.")
140                 end
141
142                 local fp = io.open(filename)
143                 if not fp then
144                         return nil
145                 end
146
147                 local output = {}
148                 local sink = ltn12.sink.table(output)
149                 local source = ltn12.source.chain(ltn12.source.file(fp), mime.encode("base64"))
150                 return ltn12.pump.all(source, sink) and table.concat(output)
151         end
152
153         function fs2.writefile(filename, data)
154                 local stat, mime = pcall(require, "mime")
155                 if not stat then
156                         error("Base64 support not available. Please install LuaSocket.")
157                 end
158
159                 local  file = io.open(filename, "w")
160                 local  sink = file and ltn12.sink.chain(mime.decode("base64"), ltn12.sink.file(file))
161                 return sink and ltn12.pump.all(ltn12.source.string(data), sink) or false
162         end
163
164         http.prepare_content("application/json")
165         ltn12.pump.all(jsonrpc.handle(fs2, http.source()), http.write)
166 end
167
168 function rpc_sys()
169         local util    = require "luci.util"
170         local sys     = require "luci.sys"
171         local jsonrpc = require "luci.jsonrpc"
172         local http    = require "luci.http"
173         local ltn12   = require "luci.ltn12"
174
175         local sys2 = util.clone(sys)
176               sys2.net = util.clone(sys.net)
177               sys2.wifi = util.clone(sys.wifi)
178
179         function sys2.wifi.getiwinfo(ifname, operation)
180                 local iw = sys.wifi.getiwinfo(ifname)
181                 if iw then
182                         if operation then
183                                 assert(type(iwinfo[iw.type][operation]) == "function")
184                                 return iw[operation]
185                         end
186
187                         local n, f
188                         local rv = { ifname = ifname }
189                         for n, f in pairs(iwinfo[iw.type]) do
190                                 if type(f) == "function" and
191                                    n ~= "scanlist" and n ~= "countrylist"
192                                 then
193                                         rv[n] = iw[n]
194                                 end
195                         end
196                         return rv
197                 end
198                 return nil
199         end
200
201         http.prepare_content("application/json")
202         ltn12.pump.all(jsonrpc.handle(sys2, http.source()), http.write)
203 end
204
205 function rpc_ipkg()
206         if not pcall(require, "luci.model.ipkg") then
207                 luci.http.status(404, "Not Found")
208                 return nil
209         end
210         local ipkg    = require "luci.model.ipkg"
211         local jsonrpc = require "luci.jsonrpc"
212         local http    = require "luci.http"
213         local ltn12   = require "luci.ltn12"
214
215         http.prepare_content("application/json")
216         ltn12.pump.all(jsonrpc.handle(ipkg, http.source()), http.write)
217 end
218
219 function rpc_ip()
220         if not pcall(require, "luci.ip") then
221                 luci.http.status(404, "Not Found")
222                 return nil
223         end
224
225         local util    = require "luci.util"
226         local ip      = require "luci.ip"
227         local jsonrpc = require "luci.jsonrpc"
228         local http    = require "luci.http"
229         local ltn12   = require "luci.ltn12"
230
231         local ip2 = util.clone(ip)
232
233         local _, n
234         for _, n in ipairs({ "new", "IPv4", "IPv6", "MAC" }) do
235                 ip2[n] = function(address, netmask, operation, argument)
236                         local cidr = ip[n](address, netmask)
237                         if cidr and operation then
238                                 assert(type(cidr[operation]) == "function")
239                                 local cidr2 = cidr[operation](cidr, argument)
240                                 return (type(cidr2) == "userdata") and cidr2:string() or cidr2
241                         end
242                         return (type(cidr) == "userdata") and cidr:string() or cidr
243                 end
244         end
245
246         http.prepare_content("application/json")
247         ltn12.pump.all(jsonrpc.handle(ip2, http.source()), http.write)
248 end
Lua Configuration Interface (mirror)