prosody-modules
33c149d0261d
mod_http_auth_check/mod_http_auth_check.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_http_auth_check/mod_http_auth_check.lua @ 4530:33c149d0261d

mod_rest: Add mappings for a whole pile of XEPs Look ma, programming in JSON! XEP-0012: Last Activity XEP-0077: In-Band Registration XEP-0115: Entity Capabilities XEP-0153: vCard-Based Avatars XEP-0297: Stanza Forwarding XEP-0308: Last Message Correction XEP-0319: Last User Interaction in Presence XEP-0333: Chat Markers XEP-0367: Message Attaching XEP-0372: References XEP-0421: Anonymous unique occupant identifiers for MUCs XEP-0428: Fallback Indication XEP-0444: Message Reactions
author Kim Alvefur <zash@zash.se>
date Tue, 23 Mar 2021 23:18:33 +0100
parent 2886:5ca6d53d3186
line wrap: on
line source

-- HTTP Is User Valid
-- By Nicolas Cedilnik <nicoco@nicoco.fr>

local jid_prep = require "util.jid".prep;
local jid_split = require "util.jid".split;
local test_password = require "core.usermanager".test_password;
local b64_decode = require "util.encodings".base64.decode;
local saslprep = require "util.encodings".stringprep.saslprep;
local realm = module:get_host() .. "/" .. module:get_name();
module:depends"http";

local function authenticate (event, path)
	local request = event.request;
	local response = event.response;
	local headers = request.headers;
	if not headers.authorization then
		response.headers.www_authenticate = ("Basic realm=%q"):format(realm);
		return 401
	end
	local from_jid, password = b64_decode(headers.authorization:match"[^ ]*$"):match"([^:]*):(.*)";
	from_jid = jid_prep(from_jid);
	password = saslprep(password);
	if from_jid and password then
		local user, host = jid_split(from_jid);
		local ok, err = test_password(user, host, password);
		if ok and user and host then
			return 200
		elseif err then
			return 401
		end
	end
end

module:provides("http", {
	route = {
		GET = authenticate
	};
});