function index()
local function authenticator(validator, accs)
local auth = luci.http.formvalue("auth", true)
- if auth then
- local user = luci.sauth.read(auth)
- if user and luci.util.contains(accs, user) then
- return user, auth
+ if auth then -- if authentication token was given
+ local sdat = luci.sauth.read(auth)
+ if sdat then -- if given token is valid
+ user = luci.sauth.decode(sdat).user
+ if user and luci.util.contains(accs, user) then
+ return user, auth
+ end
end
end
luci.http.status(403, "Forbidden")
end
- uci = entry({"rpc", "uci"}, call("rpc_uci"))
- uci.sysauth = "root"
- uci.sysauth_authenticator = authenticator
+ local rpc = node("rpc")
+ rpc.sysauth = "root"
+ rpc.sysauth_authenticator = authenticator
+ rpc.notemplate = true
- fs = entry({"rpc", "fs"}, call("rpc_fs"))
- fs.sysauth = "root"
- fs.sysauth_authenticator = authenticator
-
- fs = entry({"rpc", "sys"}, call("rpc_sys"))
- fs.sysauth = "root"
- fs.sysauth_authenticator = authenticator
-
- uci = entry({"rpc", "auth"}, call("rpc_auth"))
+ entry({"rpc", "uci"}, call("rpc_uci"))
+ entry({"rpc", "fs"}, call("rpc_fs"))
+ entry({"rpc", "sys"}, call("rpc_sys"))
+ entry({"rpc", "ipkg"}, call("rpc_ipkg"))
+ entry({"rpc", "auth"}, call("rpc_auth")).sysauth = false
end
function rpc_auth()
local http = require "luci.http"
local sys = require "luci.sys"
local ltn12 = require "luci.ltn12"
-
- http.setfilehandler()
+ local util = require "luci.util"
local loginstat
local server = {}
- server.login = function(user, pass)
- local sid
-
+ server.challenge = function(user, pass)
+ local sid, token, secret
+
if sys.user.checkpasswd(user, pass) then
sid = sys.uniqueid(16)
+ token = sys.uniqueid(16)
+ secret = sys.uniqueid(16)
+
http.header("Set-Cookie", "sysauth=" .. sid.."; path=/")
- sauth.write(sid, user)
+ sauth.write(sid, sauth.encode({
+ user=user,
+ token=token,
+ secret=secret
+ }))
end
- return sid
+ return sid and {sid=sid, token=token, secret=secret}
+ end
+
+ server.login = function(...)
+ local challenge = server.challenge(...)
+ return challenge and challenge.sid
end
http.prepare_content("application/json")
end
function rpc_uci()
- local uci = require "luci.controller.rpc.uci"
+ if not pcall(require, "luci.model.uci") then
+ luci.http.status(404, "Not Found")
+ return nil
+ end
+ local uci = require "luci.jsonrpcbind.uci"
local jsonrpc = require "luci.jsonrpc"
local http = require "luci.http"
local ltn12 = require "luci.ltn12"
function rpc_fs()
local util = require "luci.util"
local io = require "io"
- local fs2 = util.clone(require "luci.fs")
+ local fs2 = util.clone(require "nixio.fs")
local jsonrpc = require "luci.jsonrpc"
local http = require "luci.http"
local ltn12 = require "luci.ltn12"
http.prepare_content("application/json")
ltn12.pump.all(jsonrpc.handle(sys, http.source()), http.write)
end
+
+function rpc_ipkg()
+ if not pcall(require, "luci.model.ipkg") then
+ luci.http.status(404, "Not Found")
+ return nil
+ end
+ local ipkg = require "luci.model.ipkg"
+ local jsonrpc = require "luci.jsonrpc"
+ local http = require "luci.http"
+ local ltn12 = require "luci.ltn12"
+
+ http.prepare_content("application/json")
+ ltn12.pump.all(jsonrpc.handle(ipkg, http.source()), http.write)
+end
projects / project / luci.git / blobdiff