RPC initial authentication API completed

libs/web/luasrc/dispatcher.lua

@@ -79,7 +79,7 @@ function error500(message)
 	return false
 end
 
-function authenticator.htmlauth(validator, default)
+function authenticator.htmlauth(validator, accs, default)
 	local user = luci.http.formvalue("username")
 	local pass = luci.http.formvalue("password")
 	
@@ -125,7 +125,7 @@ function dispatch(request)
 	local c = context.tree
 	local track = {}
 	local args = {}
-	context.args = context.path
+	context.args = args
 	local n
 
 	for i, s in ipairs(request) do
@@ -187,7 +187,7 @@ function dispatch(request)
 		
 		if not luci.util.contains(accs, user) then
 			if authen then
-				local user = authen(luci.sys.user.checkpasswd, def)
+				local user = authen(luci.sys.user.checkpasswd, accs, def)
 				if not user or not luci.util.contains(accs, user) then
 					return
 				else

modules/rpc/luasrc/controller/rpc.lua

@@ -15,17 +15,44 @@ $Id$
 module("luci.controller.rpc", package.seeall)
 
 function index()
-	local authenticator = function(validator)
+	local function authenticator(validator, accs)
+		local args = luci.dispatcher.context.args
+		if args and #args > 0 then
+			local user = luci.sauth.read(args[1])
+			if user and luci.util.contains(accs, user) then
+				return user
+			end
+		end
+		luci.http.status(403, "Forbidden")
+	end
+	
+	uci = entry({"rpc", "uci"}, call("rpc_uci"))
+	uci.sysauth = "root"
+	uci.sysauth_authenticator = authenticator
+	uci.leaf = true
+	
+	uci = entry({"rpc", "auth"}, call("rpc_auth"))
+end
+
+function rpc_auth()
 	require "luci.jsonrpc"
-		require "luci.http"
+	require "luci.sauth"
+	
 	luci.http.setfilehandler()
 	
 	local loginstat
 	
 	local server = {}
-		server.login = function(...)
+	server.login = function(user, pass)
-			loginstat = validator(...)
+		local sid
-			return loginstat
+		
+		if luci.sys.user.checkpasswd(user, pass) then
+			sid = luci.sys.uniqueid(16)
+			luci.http.header("Set-Cookie", "sysauth=" .. sid.."; path=/")
+			luci.sauth.write(sid, user)
+		end
+		
+		return sid
 	end
 	
 	luci.http.prepare_content("application/json")
@@ -34,11 +61,6 @@ function index()
 	return loginstat
 end
 
-	uci = entry({"rpc", "uci"}, call("rpc_uci"))
-	uci.sysauth = "root"
-	uci.sysauth_authenticator = authenticator
-end
-
 function rpc_uci()
-	luci.http.write("HELLO THAR!")
+	
 end

modules/rpc/luasrc/jsonrpc.lua

@@ -14,9 +14,10 @@ $Id$
 ]]--
 
 module("luci.jsonrpc", package.seeall)
+require "luci.json"
 
 function resolve(mod, method)
-	local path = luci.util.split(value, ".")
+	local path = luci.util.split(method, ".")
 	
 	for j=1, #path-1 do
 		if not type(mod) == "table" then
@@ -43,7 +44,7 @@ function handle(tbl, rawdata)
 		 and (not json.params or type(json.params) == "table") then
 			if tbl[json.method] then
 				response = reply(json.jsonrpc, json.id,
-				 proxy(resolve(tbl, json.method), unpack(json.params)))
+				 proxy(resolve(tbl, json.method), unpack(json.params or {})))
 			else
 		 		response = reply(json.jsonrpc, json.id,
 			 	 nil, {code=-32601, message="Method not found."})
@@ -75,12 +76,16 @@ function reply(jsonrpc, id, res, err)
 end
 
 function proxy(method, ...)
-	local res = {luci.util.copcall(method, unpack(params))}
+	local res = {luci.util.copcall(method, ...)}
 	local stat = table.remove(res, 1)
 	
 	if not stat then
 		return nil, {code=-32602, message="Invalid params.", data=table.remove(res, 1)} 
 	else
-		return (#res <= 1) and res[1] or res
+		if #res <= 1 then
+			return res[1] or luci.json.Null
+		else
+			return res
+		end
 	end
 end