prosody-modules
fa3059e653fa
mod_auth_custom_http/README.markdown

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

Annotate

mod_auth_custom_http/README.markdown @ 5186:fa3059e653fa

mod_http_oauth2: Implement the Implicit flow Everyone says this is insecure and bad, but it's also the only thing that makes sense for e.g. pure JavaScript clients, but hey implement this even more complicated thing instead!
author Kim Alvefur <zash@zash.se>
date Thu, 02 Mar 2023 22:06:50 +0100
parent 2868:f90cf59bee8e
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1934
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 ---
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 summary: HTTP Authentication using custom JSON protocol
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 ...
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 Introduction
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 ============
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 To authenticate users, this module does a `POST` request to a configured
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9 URL with a JSON payload. It is not async so requests block the server
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 until answered.
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 Configuration
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 =============
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 ``` lua
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 VirtualHost "example.com"
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 authentication = "custom_http"
2868
f90cf59bee8e mod_auth_custom_http: fix documentation config example
Senya <senya@kinetiksoft.com>
parents: 1934
diff changeset
18 auth_custom_http = {
f90cf59bee8e mod_auth_custom_http: fix documentation config example
Senya <senya@kinetiksoft.com>
parents: 1934
diff changeset
19 post_url = "http://api.example.com/auth";
f90cf59bee8e mod_auth_custom_http: fix documentation config example
Senya <senya@kinetiksoft.com>
parents: 1934
diff changeset
20 }
1934
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21 ```
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23 Protocol
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 ========
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 The JSON payload consists of an object with `username` and `password`
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27 members:
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 {"username":"john","password":"secr1t"}
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
31 The module expects the response body to be exactly `true` if the
6c569c481ffa mod_auth_custom_http: Add README
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32 username and password are correct.