Allow Basic-Auth pass-through

[project/luci.git] / libs / web / luasrc / dispatcher.lua

diff --git a/libs/web/luasrc/dispatcher.lua b/libs/web/luasrc/dispatcher.lua
index c863d9f..01cc109 100644 (file)
--- a/libs/web/luasrc/dispatcher.lua
+++ b/libs/web/luasrc/dispatcher.lua
@@ -258,7 +258,7 @@ function dispatch(request)
                local verifytoken = false
                if not sess then
                        sess = luci.http.getcookie("sysauth")
-                       sess = sess and sess:match("^[a-f0-9]+$")
+                       sess = sess and sess:match("^[a-f0-9]*$")
                        verifytoken = true
                end
 
@@ -272,6 +272,12 @@ function dispatch(request)
                        if not verifytoken or ctx.urltoken.stok == sdat.token then
                                user = sdat.user
                        end
+               else
+                       local eu = http.getenv("HTTP_AUTH_USER")
+                       local ep = http.getenv("HTTP_AUTH_PASS")
+                       if eu and ep and luci.sys.user.checkpasswd(eu, ep) then
+                               authen = function() return eu end
+                       end
                end
 
                if not util.contains(accs, user) then