prosody
1ecda954fe97
plugins/mod_http_file_share.lua
Software / code / prosody
Comparison
plugins/mod_http_file_share.lua @ 11326:1ecda954fe97
mod_http_file_share: Strip authorization type prefix a bit earlier
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Wed, 27 Jan 2021 18:26:24 +0100 |
| parent | 11325:76fc73d39092 |
| child | 11327:6f2b69469060 |
comparison
equal
deleted
inserted
replaced
| 11325:76fc73d39092 | 11326:1ecda954fe97 |
|---|---|
| 150 end | 150 end |
| 151 | 151 |
| 152 function handle_upload(event, path) -- PUT /upload/:slot | 152 function handle_upload(event, path) -- PUT /upload/:slot |
| 153 local request = event.request; | 153 local request = event.request; |
| 154 local authz = request.headers.authorization; | 154 local authz = request.headers.authorization; |
| 155 if not authz or not authz:find"^Bearer ." then | 155 if authz then |
| 156 authz = authz:match("^Bearer (.*)") | |
| 157 end | |
| 158 if not authz then | |
| 156 module:log("debug", "Missing Authorization"); | 159 module:log("debug", "Missing Authorization"); |
| 157 return 403; | 160 return 403; |
| 158 end | 161 end |
| 159 local authed, upload_info = jwt.verify(secret, authz:match("^Bearer (.*)")); | 162 local authed, upload_info = jwt.verify(secret, authz); |
| 160 if not (authed and type(upload_info) == "table" and type(upload_info.exp) == "number") then | 163 if not (authed and type(upload_info) == "table" and type(upload_info.exp) == "number") then |
| 161 module:log("debug", "Unauthorized or invalid token: %s, %q", authed, upload_info); | 164 module:log("debug", "Unauthorized or invalid token: %s, %q", authed, upload_info); |
| 162 return 401; | 165 return 401; |
| 163 end | 166 end |
| 164 if upload_info.exp < os.time() then | 167 if upload_info.exp < os.time() then |
