summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--modules/luci-mod-rpc/luasrc/controller/rpc.lua68
1 files changed, 30 insertions, 38 deletions
diff --git a/modules/luci-mod-rpc/luasrc/controller/rpc.lua b/modules/luci-mod-rpc/luasrc/controller/rpc.lua
index 3326d57a95..571ab7db57 100644
--- a/modules/luci-mod-rpc/luasrc/controller/rpc.lua
+++ b/modules/luci-mod-rpc/luasrc/controller/rpc.lua
@@ -2,50 +2,42 @@
-- Copyright 2008 Jo-Philipp Wich <jow@openwrt.org>
-- Licensed to the public under the Apache License 2.0.
-local require = require
-local pairs = pairs
-local print = print
-local pcall = pcall
-local table = table
-local type = type
-local tonumber = tonumber
-
-module "luci.controller.rpc"
-
-
-local function session_retrieve(sid, allowed_users)
- local util = require "luci.util"
- local sdat = util.ubus("session", "get", {
- ubus_rpc_session = sid
- })
-
- if type(sdat) == "table" and
- type(sdat.values) == "table" and
- type(sdat.values.token) == "string" and
- type(sdat.values.secret) == "string" and
- type(sdat.values.username) == "string" and
- util.contains(allowed_users, sdat.values.username)
- then
- return sid, sdat.values
- end
+module("luci.controller.rpc", package.seeall)
- return nil
-end
-local function authenticator(validator, accs)
- local auth = luci.http.formvalue("auth", true)
- or luci.http.getcookie("sysauth")
+function index()
+ local function session_retrieve(sid, allowed_users)
+ local util = require "luci.util"
+ local sdat = util.ubus("session", "get", {
+ ubus_rpc_session = sid
+ })
+
+ if type(sdat) == "table" and
+ type(sdat.values) == "table" and
+ type(sdat.values.token) == "string" and
+ type(sdat.values.secret) == "string" and
+ type(sdat.values.username) == "string" and
+ util.contains(allowed_users, sdat.values.username)
+ then
+ return sid, sdat.values
+ end
+
+ return nil
+ end
+
+ local function authenticator(validator, accs)
+ local http = require "luci.http"
+ local auth = http.formvalue("auth", true) or http.getcookie("sysauth")
- if auth then -- if authentication token was given
- local sid, sdat = session_retrieve(auth, accs)
- if sdat then -- if given token is valid
- return sdat.username, sid
+ if auth then -- if authentication token was given
+ local sid, sdat = session_retrieve(auth, accs)
+ if sdat then -- if given token is valid
+ return sdat.username, sid
+ end
+ http.status(403, "Forbidden")
end
- luci.http.status(403, "Forbidden")
end
-end
-function index()
local rpc = node("rpc")
rpc.sysauth = "root"
rpc.sysauth_authenticator = authenticator