Allow Basic-Auth pass-through

2009-07-25 10:47:26 +00:00 · 2009-07-25 10:47:26 +00:00 · a77f1b91ae
commit a77f1b91ae
parent b8ab3b9dac
2 changed files with 8 additions and 1 deletions
--- a/libs/lucid-http/luasrc/lucid/http/server.lua
+++ b/libs/lucid-http/luasrc/lucid/http/server.lua
@ -132,6 +132,7 @@ function Handler.checkrestricted(self, request)
 		end
 		
 		if stat then
+			request.env.HTTP_AUTH_USER, request.env.HTTP_AUTH_PASS = user, pass
 			return
 		end
 	end
--- a/libs/web/luasrc/dispatcher.lua
+++ b/libs/web/luasrc/dispatcher.lua
@ -258,7 +258,7 @@ function dispatch(request)
 		local verifytoken = false
 		if not sess then
 			sess = luci.http.getcookie("sysauth")
-			sess = sess and sess:match("^[a-f0-9]+$")
+			sess = sess and sess:match("^[a-f0-9]*$")
 			verifytoken = true
 		end

@ -272,6 +272,12 @@ function dispatch(request)
 			if not verifytoken or ctx.urltoken.stok == sdat.token then
 				user = sdat.user
 			end
+		else
+			local eu = http.getenv("HTTP_AUTH_USER")
+			local ep = http.getenv("HTTP_AUTH_PASS")
+			if eu and ep and luci.sys.user.checkpasswd(eu, ep) then
+				authen = function() return eu end
+			end
 		end

 		if not util.contains(accs, user) then