diff options
author | Steven Barth <steven@midlink.org> | 2008-08-22 22:13:54 +0000 |
---|---|---|
committer | Steven Barth <steven@midlink.org> | 2008-08-22 22:13:54 +0000 |
commit | 3bcab661283d5b9886e46d6bcdab0e756b044997 (patch) | |
tree | f54e9021438e8c7a28abf238f07279c3198620cd /modules/rpc/luasrc | |
parent | 69cab40a9aa145adcba2ca41841884109452774e (diff) |
RPC initial authentication API completed
Diffstat (limited to 'modules/rpc/luasrc')
-rw-r--r-- | modules/rpc/luasrc/controller/rpc.lua | 56 | ||||
-rw-r--r-- | modules/rpc/luasrc/jsonrpc.lua | 13 |
2 files changed, 48 insertions, 21 deletions
diff --git a/modules/rpc/luasrc/controller/rpc.lua b/modules/rpc/luasrc/controller/rpc.lua index dd00f63c37..a004d0dd92 100644 --- a/modules/rpc/luasrc/controller/rpc.lua +++ b/modules/rpc/luasrc/controller/rpc.lua @@ -15,30 +15,52 @@ $Id$ module("luci.controller.rpc", package.seeall) function index() - local authenticator = function(validator) - require "luci.jsonrpc" - require "luci.http" - luci.http.setfilehandler() - - local loginstat - - local server = {} - server.login = function(...) - loginstat = validator(...) - return loginstat + local function authenticator(validator, accs) + local args = luci.dispatcher.context.args + if args and #args > 0 then + local user = luci.sauth.read(args[1]) + if user and luci.util.contains(accs, user) then + return user + end end - - luci.http.prepare_content("application/json") - luci.http.write(luci.jsonrpc.handle(server, luci.http.content())) - - return loginstat + luci.http.status(403, "Forbidden") end uci = entry({"rpc", "uci"}, call("rpc_uci")) uci.sysauth = "root" uci.sysauth_authenticator = authenticator + uci.leaf = true + + uci = entry({"rpc", "auth"}, call("rpc_auth")) +end + +function rpc_auth() + require "luci.jsonrpc" + require "luci.sauth" + + luci.http.setfilehandler() + + local loginstat + + local server = {} + server.login = function(user, pass) + local sid + + if luci.sys.user.checkpasswd(user, pass) then + sid = luci.sys.uniqueid(16) + luci.http.header("Set-Cookie", "sysauth=" .. sid.."; path=/") + luci.sauth.write(sid, user) + end + + return sid + end + + luci.http.prepare_content("application/json") + luci.http.write(luci.jsonrpc.handle(server, luci.http.content())) + + return loginstat end function rpc_uci() - luci.http.write("HELLO THAR!") + end
\ No newline at end of file diff --git a/modules/rpc/luasrc/jsonrpc.lua b/modules/rpc/luasrc/jsonrpc.lua index 61524476ab..84a7f7056c 100644 --- a/modules/rpc/luasrc/jsonrpc.lua +++ b/modules/rpc/luasrc/jsonrpc.lua @@ -14,9 +14,10 @@ $Id$ ]]-- module("luci.jsonrpc", package.seeall) +require "luci.json" function resolve(mod, method) - local path = luci.util.split(value, ".") + local path = luci.util.split(method, ".") for j=1, #path-1 do if not type(mod) == "table" then @@ -43,7 +44,7 @@ function handle(tbl, rawdata) and (not json.params or type(json.params) == "table") then if tbl[json.method] then response = reply(json.jsonrpc, json.id, - proxy(resolve(tbl, json.method), unpack(json.params))) + proxy(resolve(tbl, json.method), unpack(json.params or {}))) else response = reply(json.jsonrpc, json.id, nil, {code=-32601, message="Method not found."}) @@ -75,12 +76,16 @@ function reply(jsonrpc, id, res, err) end function proxy(method, ...) - local res = {luci.util.copcall(method, unpack(params))} + local res = {luci.util.copcall(method, ...)} local stat = table.remove(res, 1) if not stat then return nil, {code=-32602, message="Invalid params.", data=table.remove(res, 1)} else - return (#res <= 1) and res[1] or res + if #res <= 1 then + return res[1] or luci.json.Null + else + return res + end end end
\ No newline at end of file |