prosody-modules
86989059de5b
mod_auth_http_cookie/README.md

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_auth_http_cookie/README.md @ 6258:86989059de5b

:multibe Readme.md: correct prosody 0.13 to 13 diff --git a/mod_muc_anonymize_moderation_actions/README.md b/mod_muc_anonymize_moderation_actions/README.md --- a/mod_muc_anonymize_moderation_actions/README.md +++ b/mod_muc_anonymize_moderation_actions/README.md @@ -34,7 +34,7 @@ Component "muc.example.com" "muc" ------ ---------------------- trunk Works as of 25-05-12 - 0.13 Works + 13 Works 0.12 Works ------ ---------------------- diff --git a/mod_sasl2/README.md b/mod_sasl2/README.md --- a/mod_sasl2/README.md +++ b/mod_sasl2/README.md @@ -32,6 +32,6 @@ This module requires Prosody **trunk** a Prosody Version Status ----------------------- ---------------- trunk as of 2025-05-25 Works - 0.13 Works + 13 Works 0.12 Does not work ----------------------- ---------------- diff --git a/mod_sasl2_bind2/README.md b/mod_sasl2_bind2/README.md --- a/mod_sasl2_bind2/README.md +++ b/mod_sasl2_bind2/README.md @@ -17,5 +17,5 @@ This module depends on [mod_sasl2]. It e Prosody-Version Status --------------- ---------------------- trunk Works as of 2025-05-25 - 0.13 Works + 13 Works 0.12 Does not work diff --git a/mod_sasl2_fast/README.md b/mod_sasl2_fast/README.md --- a/mod_sasl2_fast/README.md +++ b/mod_sasl2_fast/README.md @@ -34,5 +34,5 @@ clients being logged out unexpectedly. Prosody-Version Status --------------- ---------------------- trunk Works as of 2025-05-25 - 0.13 Work + 13 Work 0.12 Does not work diff --git a/mod_sasl2_sm/README.md b/mod_sasl2_sm/README.md --- a/mod_sasl2_sm/README.md +++ b/mod_sasl2_sm/README.md @@ -18,5 +18,5 @@ configuration options. Prosody-Version Status --------------- ---------------------- trunk Works as of 2025-05-25 - 0.13 Work + 13 Work 0.12 Does not work diff --git a/mod_sasl_ssdp/README.md b/mod_sasl_ssdp/README.md --- a/mod_sasl_ssdp/README.md +++ b/mod_sasl_ssdp/README.md @@ -21,5 +21,5 @@ There are no configuration options for t Prosody-Version Status --------------- ---------------------- trunk Works as of 2025-05-25 - 0.13 Works + 13 Works 0.12 Does not work diff --git a/mod_vcard_muc/README.md b/mod_vcard_muc/README.md --- a/mod_vcard_muc/README.md +++ b/mod_vcard_muc/README.md @@ -23,7 +23,7 @@ modules_enabled = { # Compatibility ------------------------- ---------------------------------------- - 0.13 Room avatar feature included in Prosody + 13 Room avatar feature included in Prosody 0.12 Works ------------------------- ---------------------------------------- diff --git a/mod_warn_legacy_tls/README.md b/mod_warn_legacy_tls/README.md --- a/mod_warn_legacy_tls/README.md +++ b/mod_warn_legacy_tls/README.md @@ -44,5 +44,5 @@ legacy_tls_versions = { "TLSv1", "TLSv1. Prosody-Version Status --------------- --------------------- trunk Works as of 25-05-25 -0.13 Works +13 Works 0.12 Works
author Menel <menel@snikket.de>
date Wed, 14 May 2025 23:32:04 +0200
parent 6003:fe081789f7b5
line wrap: on
line source

---
labels:
- Stage-Alpha
...

Introduction
============

This is an experimental authentication module that does an asynchronous
HTTP call to verify username and password.

This is a (possibly temporary) fork of mod_http_auth_async that adds
support for authentication using a cookie and SASL EXTERNAL.

Details
=======

When a user attempts to authenticate to Prosody, this module takes the
username and password and does a HTTP GET request with [Basic
authentication][rfc7617] to the configured `http_auth_url`.

Configuration
=============

``` lua
VirtualHost "example.com"
  authentication = "http_auth_cookie"
  http_auth_url = "http://example.com/auth"
  http_cookie_auth_url = "https://example.com/testcookie.php?user=$user"
```

Cookie Authentication
=====================

It is possible to link authentication to an existing web application. This
has the benefit that the user logging into the web application in their
browser will automatically log them into their XMPP account.

There are some prerequisites for this to work:

  - The BOSH or Websocket requests must include the application's cookie in
  the headers sent to Prosody. This typically means the web chat code needs
  to be served from the same domain as the web application.
  
  - The web application must have a URL that returns 200 OK when called with
  a valid cookie, and returns a different status code if the cookie is invalid
  or not currently logged in.
  
  - The XMPP username for the user must be passed to Prosody by the client, or
  returned in the 200 response from the web application.

Set `http_cookie_auth_url` to the web application URL that is used to check the
cookie. You may use the variables `$host` for the XMPP host and `$user` for the
XMPP username.

If the `$user` variable is included in the URL, the client must provide the username
via the "authzid" in the SASL EXTERNAL authentication mechanism.

If the `$user` variable is *not* included in the URL, Prosody expects the web application's response to be the username instead, as UTF-8 text/plain.

Compatibility
=============

Requires Prosody trunk