summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorSteven Barth <steven@midlink.org>2008-06-28 16:03:54 +0000
committerSteven Barth <steven@midlink.org>2008-06-28 16:03:54 +0000
commit00aceaf624d8e5da2a8f3df161d52599aae2ac41 (patch)
treec18d8c411f8d4a02762a478348fd8a86b4f56f5a
parent7f56bf947599b20e2cf50018e160e602d5516e5f (diff)
* libs/web: Switched from HTTP-Basic-Auth to Session-Auth
* Updated Makefiles for better testing environment integration * Fixed libs/sgi-luci
-rw-r--r--Makefile4
-rw-r--r--i18n/english/luasrc/i18n/default.en.lua1
-rw-r--r--i18n/english/luasrc/i18n/sysauth.en.lua3
-rw-r--r--i18n/german/luasrc/i18n/default.de.lua2
-rw-r--r--i18n/german/luasrc/i18n/sysauth.de.lua3
-rw-r--r--libs/core/luasrc/fs.lua3
-rw-r--r--libs/core/luasrc/sys.lua16
-rwxr-xr-xlibs/sgi-cgi/ipkg/postinst10
-rw-r--r--libs/sgi-cgi/luasrc/sgi/cgi.lua2
-rwxr-xr-xlibs/sgi-luci/root/usr/bin/luci-httpd6
-rw-r--r--libs/web/luasrc/dispatcher.lua77
-rw-r--r--libs/web/luasrc/http.lua15
-rw-r--r--libs/web/luasrc/i18n.lua4
-rw-r--r--libs/web/luasrc/sauth.lua11
-rw-r--r--modules/admin-core/luasrc/view/sysauth.htm26
-rw-r--r--themes/fledermaus/luasrc/view/themes/fledermaus/header.htm2
-rw-r--r--themes/openwrt.org/luasrc/view/themes/openwrt.org/header.htm2
17 files changed, 116 insertions, 71 deletions
diff --git a/Makefile b/Makefile
index 8ce59c2683..8ac0ac664a 100644
--- a/Makefile
+++ b/Makefile
@@ -35,10 +35,14 @@ hostcopy:
ln -s .$(LUCI_MODULEDIR) host/luci
runboa: host
+ export LUA_PATH="`pwd`/host$(LUCI_MODULEDIR);;"
+ export LUA_CPATH="`pwd`/host$(LUCI_LIBRARYDIR);;"
libs/sgi-webuci/host/buildconfig.sh `pwd`/host > host/etc/boa/boa.conf
./host/usr/bin/boa -c ./host/etc/boa -d
runluci: luahost
+ export LUA_PATH="`pwd`/host$(LUCI_MODULEDIR);;"
+ export LUA_CPATH="`pwd`/host$(LUCI_LIBRARYDIR);;"
libs/httpd/host/runluci host$(HTDOCS)
hostclean: clean
diff --git a/i18n/english/luasrc/i18n/default.en.lua b/i18n/english/luasrc/i18n/default.en.lua
index 92ee1625f3..593c11ea3c 100644
--- a/i18n/english/luasrc/i18n/default.en.lua
+++ b/i18n/english/luasrc/i18n/default.en.lua
@@ -46,6 +46,7 @@ key = "Key"
language = "Language"
limit = "Limit"
load = "Load"
+login = "Login"
macaddress = "MAC-Address"
manpage = "see '%s' manpage"
diff --git a/i18n/english/luasrc/i18n/sysauth.en.lua b/i18n/english/luasrc/i18n/sysauth.en.lua
new file mode 100644
index 0000000000..a87774a861
--- /dev/null
+++ b/i18n/english/luasrc/i18n/sysauth.en.lua
@@ -0,0 +1,3 @@
+sysauth_head = "Authorization Required"
+sysauth_prompt = "Please enter your username and password."
+sysauth_failed = "Invalid username and/or password! Please try again."
diff --git a/i18n/german/luasrc/i18n/default.de.lua b/i18n/german/luasrc/i18n/default.de.lua
index 8fd96d5b25..0eec9cf833 100644
--- a/i18n/german/luasrc/i18n/default.de.lua
+++ b/i18n/german/luasrc/i18n/default.de.lua
@@ -40,6 +40,8 @@ ipaddress = "IP-Adresse"
legend = "Legende"
library = "Bibliothek"
+load = "Last"
+login = "Anmelden"
key = "Schlüssel"
diff --git a/i18n/german/luasrc/i18n/sysauth.de.lua b/i18n/german/luasrc/i18n/sysauth.de.lua
new file mode 100644
index 0000000000..c01a4b9187
--- /dev/null
+++ b/i18n/german/luasrc/i18n/sysauth.de.lua
@@ -0,0 +1,3 @@
+sysauth_head = "Autorisation benötigt"
+sysauth_prompt = "Bitte Benutzernamen und Passwort eingeben."
+sysauth_failed = "Ungültiger Benutzername und/oder ungültiges Passwort! Bitte nocheinmal versuchen."
diff --git a/libs/core/luasrc/fs.lua b/libs/core/luasrc/fs.lua
index 5c1f2a051b..415e8e567c 100644
--- a/libs/core/luasrc/fs.lua
+++ b/libs/core/luasrc/fs.lua
@@ -28,6 +28,9 @@ module("luci.fs", package.seeall)
require("posix")
+-- Access
+access = posix.access
+
-- Glob
glob = posix.glob
diff --git a/libs/core/luasrc/sys.lua b/libs/core/luasrc/sys.lua
index 54c4e06137..540a636fb8 100644
--- a/libs/core/luasrc/sys.lua
+++ b/libs/core/luasrc/sys.lua
@@ -285,10 +285,18 @@ user = {}
user.getuser = posix.getpasswd
-- checks whether a string matches the password of a certain system user
-function user.checkpasswd(user, password)
- local account = user.getuser(user)
- if posix.crypt and account then
- return (account.passwd == posix.crypt(account.passwd, password))
+function user.checkpasswd(username, password)
+ local account = user.getuser(username)
+
+ -- FIXME: detect testing environment
+ if luci.fs.isfile("/etc/shadow") and not luci.fs.access("/etc/shadow", "r") then
+ return true
+ elseif account then
+ if account.passwd == "!" then
+ return true
+ else
+ return (account.passwd == posix.crypt(account.passwd, password))
+ end
end
end
diff --git a/libs/sgi-cgi/ipkg/postinst b/libs/sgi-cgi/ipkg/postinst
deleted file mode 100755
index d8780c2e7e..0000000000
--- a/libs/sgi-cgi/ipkg/postinst
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-PATTERNS='/cgi-bin/luci/admin:root:$p$root'
-
-for i in $PATTERNS
-do
- grep "$i" ${IPKG_INSTROOT}/etc/httpd.conf >/dev/null 2>/dev/null || echo "$i" >> ${IPKG_INSTROOT}/etc/httpd.conf
-done
-
-[ -n "${IPKG_INSTROOT}" ] || /etc/init.d/httpd restart
-
diff --git a/libs/sgi-cgi/luasrc/sgi/cgi.lua b/libs/sgi-cgi/luasrc/sgi/cgi.lua
index 8ba4c54a3a..5555e4a058 100644
--- a/libs/sgi-cgi/luasrc/sgi/cgi.lua
+++ b/libs/sgi-cgi/luasrc/sgi/cgi.lua
@@ -47,7 +47,7 @@ function run()
print(id)
break;
end
-
+
if id == 1 then
io.write("Status: " .. tostring(data1) .. " " .. data2 .. "\n")
elseif id == 2 then
diff --git a/libs/sgi-luci/root/usr/bin/luci-httpd b/libs/sgi-luci/root/usr/bin/luci-httpd
index 7f2ee50fa5..091e38b21b 100755
--- a/libs/sgi-luci/root/usr/bin/luci-httpd
+++ b/libs/sgi-luci/root/usr/bin/luci-httpd
@@ -27,7 +27,5 @@ vhost:set_handler("/luci", lucihandler)
io.stderr:write("Starting LuCI HTTPD on port " .. PORT .. "...\n")
io.stderr:write("Point your browser to http://localhost:" .. PORT .. "/luci\n")
-daemon = luci.httpd.Daemon()
---daemon.debug = true
-daemon:register(serversocket, server:create_daemon_handlers())
-daemon:run()
+luci.httpd.register(serversocket, server:create_daemon_handlers())
+luci.httpd.run()
diff --git a/libs/web/luasrc/dispatcher.lua b/libs/web/luasrc/dispatcher.lua
index 5bf3fc1d6f..989eb44021 100644
--- a/libs/web/luasrc/dispatcher.lua
+++ b/libs/web/luasrc/dispatcher.lua
@@ -43,18 +43,6 @@ function build_url(...)
return luci.http.getenv("SCRIPT_NAME") .. "/" .. table.concat(arg, "/")
end
--- Prints an error message or renders the "error401" template if available
-function error401(message)
- message = message or "Unauthorized"
-
- require("luci.template")
- if not luci.util.copcall(luci.template.render, "error401") then
- luci.http.prepare_content("text/plain")
- luci.http.write(message)
- end
- return false
-end
-
-- Sends a 404 error code and renders the "error404" template if available
function error404(message)
luci.http.status(404, "Not Found")
@@ -80,6 +68,25 @@ function error500(message)
return false
end
+-- Renders an authorization form
+function sysauth(default)
+ local user = luci.http.formvalue("username")
+ local pass = luci.http.formvalue("password")
+
+ if user and luci.sys.user.checkpasswd(user, pass) then
+ local sid = luci.sys.uniqueid(16)
+ luci.http.header("Set-Cookie", "sysauth=" .. sid)
+ luci.sauth.write(sid, user)
+ return true
+ else
+ require("luci.i18n")
+ require("luci.template")
+ context.path = {}
+ luci.template.render("sysauth", {duser=default, fuser=user})
+ return false
+ end
+end
+
-- Creates a request object for dispatching
function httpdispatch(request)
luci.http.context.request = request
@@ -119,34 +126,9 @@ function dispatch(request)
end
end
- if track.sysauth then
- local accs = track.sysauth
- accs = (type(accs) == "string") and {accs} or accs
-
- --[[
- local function sysauth(user, password)
- return (luci.util.contains(accs, user)
- and luci.sys.user.checkpasswd(user, password))
- end
-
- if not luci.http.basic_auth(sysauth) then
- error401()
- return
- end
- ]]--
- end
-
if track.i18n then
require("luci.i18n").loadc(track.i18n)
end
-
- if track.setgroup then
- luci.sys.process.setgroup(track.setgroup)
- end
-
- if track.setuser then
- luci.sys.process.setuser(track.setuser)
- end
-- Init template engine
local tpl = require("luci.template")
@@ -159,6 +141,27 @@ function dispatch(request)
viewns.resource = luci.config.main.resourcebase
viewns.REQUEST_URI = luci.http.getenv("SCRIPT_NAME") .. (luci.http.getenv("PATH_INFO") or "")
+ if track.sysauth then
+ require("luci.sauth")
+ local def = (type(track.sysauth) == "string") and track.sysauth
+ local accs = def and {track.sysauth} or track.sysauth
+ local user = luci.sauth.read(luci.http.getcookie("sysauth"))
+
+
+ if not luci.util.contains(accs, user) then
+ if not sysauth(def) then
+ return
+ end
+ end
+ end
+
+ if track.setgroup then
+ luci.sys.process.setgroup(track.setgroup)
+ end
+
+ if track.setuser then
+ luci.sys.process.setuser(track.setuser)
+ end
if c and type(c.target) == "function" then
context.dispatched = c
diff --git a/libs/web/luasrc/http.lua b/libs/web/luasrc/http.lua
index 37050e4785..f37d67343e 100644
--- a/libs/web/luasrc/http.lua
+++ b/libs/web/luasrc/http.lua
@@ -51,13 +51,13 @@ function Request.__init__(self, env, sourcein, sinkerr)
self.parsed_input = false
end
-function Request.formvalue(self, name, default)
+function Request.formvalue(self, name)
if not self.parsed_input then
self:_parse_input()
end
if name then
- return self.message.params[name] and tostring(self.message.params[name]) or default
+ return self.message.params[name]
else
return self.message.params
end
@@ -84,7 +84,7 @@ end
function Request.getcookie(self, name)
local c = string.gsub(";" .. (self:getenv("HTTP_COOKIE") or "") .. ";", "%s*;%s*", ";")
local p = ";" .. name .. "=(.-);"
- local i, j, value = cookies:find(p)
+ local i, j, value = c:find(p)
return value and urldecode(value)
end
@@ -130,6 +130,10 @@ function formvaluetable(...)
return context.request:formvaluetable(...)
end
+function getcookie(...)
+ return context.request:getcookie(...)
+end
+
function getvalue(...)
return context.request:getvalue(...)
end
@@ -147,9 +151,6 @@ function setfilehandler(...)
end
function header(key, value)
- if not context.status then
- status()
- end
if not context.headers then
context.headers = {}
end
@@ -187,7 +188,7 @@ function write(content)
end
function redirect(url)
- header("Status", "302 Found")
+ status(302, "Found")
header("Location", url)
close()
end
diff --git a/libs/web/luasrc/i18n.lua b/libs/web/luasrc/i18n.lua
index 35ad0965d0..2c2bb2e1a2 100644
--- a/libs/web/luasrc/i18n.lua
+++ b/libs/web/luasrc/i18n.lua
@@ -71,10 +71,10 @@ function setlanguage(lang)
end
-- Returns the i18n-value defined by "key" or if there is no such: "default"
-function translate(key, default)
+function translate(key, def)
return (table[context.lang] and table[context.lang][key])
or (table[default] and table[default][key])
- or default
+ or def
end
-- Translate shourtcut with sprintf/string.format inclusion
diff --git a/libs/web/luasrc/sauth.lua b/libs/web/luasrc/sauth.lua
index 724e22d201..d838f84f69 100644
--- a/libs/web/luasrc/sauth.lua
+++ b/libs/web/luasrc/sauth.lua
@@ -19,7 +19,7 @@ require("luci.config")
luci.config.sauth = luci.config.sauth or {}
sessionpath = luci.config.sauth.sessionpath
-sessiontime = luci.config.sauth.sessiontime
+sessiontime = tonumber(luci.config.sauth.sessiontime)
function clean()
@@ -30,7 +30,7 @@ function clean()
return nil
end
- for i, file in files do
+ for i, file in pairs(files) do
local fname = sessionpath .. "/" .. file
local stat = luci.fs.stat(fname)
if stat and stat.type == "regular" and stat.atime + sessiontime < now then
@@ -41,11 +41,14 @@ end
function prepare()
luci.fs.mkdir(sessionpath)
- luci.fs.chmod(sessionpath, "a-rwx,u+rw")
+ luci.fs.chmod(sessionpath, "a-rwx,u+rwx")
end
function read(id)
- cleansessions()
+ if not id then
+ return
+ end
+ clean()
return luci.fs.readfile(sessionpath .. "/" .. id)
end
diff --git a/modules/admin-core/luasrc/view/sysauth.htm b/modules/admin-core/luasrc/view/sysauth.htm
new file mode 100644
index 0000000000..4e5367a86d
--- /dev/null
+++ b/modules/admin-core/luasrc/view/sysauth.htm
@@ -0,0 +1,26 @@
+<%+header%>
+<% luci.i18n.loadc("sysauth") %>
+<h1><%:sysauth_head%></h1>
+<p><%:sysauth_prompt%></p>
+<% if fuser then %>
+<div class="error"><%:sysauth_failed%></div>
+<br />
+<% end %>
+<form method="post" action="<%=REQUEST_URI%>">
+ <div class="cbi-section-node">
+ <div class="cbi-value">
+ <div class="cbi-value-title"><%:username%></div>
+ <div class="cbi-value-field"><input type="text" name="username" value="<%=duser%>" /></div>
+ </div>
+ <div class="cbi-value">
+ <div class="cbi-value-title"><%:password%></div>
+ <div class="cbi-value-field"><input type="password" name="password" /></div>
+ </div>
+ <br />
+ <div>
+ <input type="submit" value="<%:login%>" />
+ <input type="reset" value="<%:reset%>" />
+ </div>
+ </div>
+</form>
+<%+footer%> \ No newline at end of file
diff --git a/themes/fledermaus/luasrc/view/themes/fledermaus/header.htm b/themes/fledermaus/luasrc/view/themes/fledermaus/header.htm
index 9f27f98b8b..f1343a0e1b 100644
--- a/themes/fledermaus/luasrc/view/themes/fledermaus/header.htm
+++ b/themes/fledermaus/luasrc/view/themes/fledermaus/header.htm
@@ -26,7 +26,7 @@ require("luci.http").prepare_content("text/html")
<% if node and node.css then %><link rel="stylesheet" type="text/css" href="<%=resource%>/<%=node.css%>" /><% end %>
<meta http-equiv="content-type" content="text/xhtml+xml; charset=utf-8" />
<meta http-equiv="content-script-type" content="text/javascript" />
- <title>LuCI - Lua Configuration Interface - <%=node.title%></title>
+ <title>LuCI - Lua Configuration Interface - <%=(node and node.title)%></title>
</head>
<body>
<div id="header">
diff --git a/themes/openwrt.org/luasrc/view/themes/openwrt.org/header.htm b/themes/openwrt.org/luasrc/view/themes/openwrt.org/header.htm
index 6852b386e0..2501051a77 100644
--- a/themes/openwrt.org/luasrc/view/themes/openwrt.org/header.htm
+++ b/themes/openwrt.org/luasrc/view/themes/openwrt.org/header.htm
@@ -26,7 +26,7 @@ require("luci.http").prepare_content("text/html")
<% if node and node.css then %><link rel="stylesheet" type="text/css" href="<%=resource%>/<%=node.css%>" /><% end %>
<meta http-equiv="content-type" content="text/xhtml+xml; charset=utf-8" />
<meta http-equiv="content-script-type" content="text/javascript" />
- <title>LuCI - Lua Configuration Interface - <%=node.title%></title>
+ <title>LuCI - Lua Configuration Interface - <%=(node and node.title)%></title>
</head>
<body>
<div id="header">