Comparison

mod_invites_api/mod_invites_api.lua @ 4216:35b678609b79

mod_invites_api: Allow restricting HTTP methods per key (once implemented)
author Matthew Wild <mwild1@gmail.com>
date Fri, 16 Oct 2020 14:26:53 +0100
parent 4115:165ade4ce97b
child 5142:410d7c8d210d
comparison
equal deleted inserted replaced
4215:86f8ece24029 4216:35b678609b79
52 52
53 if not api_user then 53 if not api_user then
54 return 403; 54 return 403;
55 end 55 end
56 56
57 if api_user.allowed_methods and not api_user.allowed_methods[event.request.method] then
58 return 405;
59 end
60
57 local invite = invites.create_account(nil, { source = "api/token/"..api_user.id }); 61 local invite = invites.create_account(nil, { source = "api/token/"..api_user.id });
58 if not invite then 62 if not invite then
59 return 500; 63 return 500;
60 end 64 end
61 65
102 api_key_store:set(nil, id, { 106 api_key_store:set(nil, id, {
103 id = id; 107 id = id;
104 token = token; 108 token = token;
105 name = arg[1]; 109 name = arg[1];
106 created_at = os.time(); 110 created_at = os.time();
111 allowed_methods = { GET = true, POST = true };
107 }); 112 });
108 print(id.."/"..token); 113 print(id.."/"..token);
109 elseif command == "delete" then 114 elseif command == "delete" then
110 local id = table.remove(arg, 1); 115 local id = table.remove(arg, 1);
111 if not api_key_store:get(nil, id) then 116 if not api_key_store:get(nil, id) then