diff options
author | Steven Barth <steven@midlink.org> | 2008-08-22 22:13:54 +0000 |
---|---|---|
committer | Steven Barth <steven@midlink.org> | 2008-08-22 22:13:54 +0000 |
commit | 3bcab661283d5b9886e46d6bcdab0e756b044997 (patch) | |
tree | f54e9021438e8c7a28abf238f07279c3198620cd /modules/rpc/luasrc/controller | |
parent | 69cab40a9aa145adcba2ca41841884109452774e (diff) |
RPC initial authentication API completed
Diffstat (limited to 'modules/rpc/luasrc/controller')
-rw-r--r-- | modules/rpc/luasrc/controller/rpc.lua | 56 |
1 files changed, 39 insertions, 17 deletions
diff --git a/modules/rpc/luasrc/controller/rpc.lua b/modules/rpc/luasrc/controller/rpc.lua index dd00f63c37..a004d0dd92 100644 --- a/modules/rpc/luasrc/controller/rpc.lua +++ b/modules/rpc/luasrc/controller/rpc.lua @@ -15,30 +15,52 @@ $Id$ module("luci.controller.rpc", package.seeall) function index() - local authenticator = function(validator) - require "luci.jsonrpc" - require "luci.http" - luci.http.setfilehandler() - - local loginstat - - local server = {} - server.login = function(...) - loginstat = validator(...) - return loginstat + local function authenticator(validator, accs) + local args = luci.dispatcher.context.args + if args and #args > 0 then + local user = luci.sauth.read(args[1]) + if user and luci.util.contains(accs, user) then + return user + end end - - luci.http.prepare_content("application/json") - luci.http.write(luci.jsonrpc.handle(server, luci.http.content())) - - return loginstat + luci.http.status(403, "Forbidden") end uci = entry({"rpc", "uci"}, call("rpc_uci")) uci.sysauth = "root" uci.sysauth_authenticator = authenticator + uci.leaf = true + + uci = entry({"rpc", "auth"}, call("rpc_auth")) +end + +function rpc_auth() + require "luci.jsonrpc" + require "luci.sauth" + + luci.http.setfilehandler() + + local loginstat + + local server = {} + server.login = function(user, pass) + local sid + + if luci.sys.user.checkpasswd(user, pass) then + sid = luci.sys.uniqueid(16) + luci.http.header("Set-Cookie", "sysauth=" .. sid.."; path=/") + luci.sauth.write(sid, user) + end + + return sid + end + + luci.http.prepare_content("application/json") + luci.http.write(luci.jsonrpc.handle(server, luci.http.content())) + + return loginstat end function rpc_uci() - luci.http.write("HELLO THAR!") + end
\ No newline at end of file |