* Added native basic authentication support

* Cleanups
2008-06-02 17:49:27 +00:00 · 2008-06-02 17:49:27 +00:00 · f56890a573
commit f56890a573
parent 92d76ed836
7 changed files with 71 additions and 10 deletions
--- a/libs/cbi/luasrc/cbi.lua
+++ b/libs/cbi/luasrc/cbi.lua
@ -579,11 +579,6 @@ function AbstractValue.render(self, s, scope)
 	if not self.optional or self:cfgvalue(s) or self:formcreated(s) then
 		scope = scope or {}
 		scope.section = s
-
-		-- fixup size for MultiValue fields
-		if instanceof(self, MultiValue) and self.widget == "select" and not self.size then
-			self.size = #self.vallist
-		end
 		
 		Node.render(self, scope)
 	end
@ -741,6 +736,14 @@ function MultiValue.__init__(self, ...)
 	self.delimiter = " "
 end

+function MultiValue.render(self, ...)
+	if self.widget == "select" and not self.size then
+		self.size = #self.vallist
+	end
+
+	AbstractValue.render(self, ...)
+end
+
 function MultiValue.value(self, key, val)
 	val = val or key
 	table.insert(self.keylist, tostring(key))
--- a/libs/core/luasrc/sys.lua
+++ b/libs/core/luasrc/sys.lua
@ -263,6 +263,14 @@ end
 user = {}
 -- returns user information to a given uid
 user.getuser = posix.getpasswd
+
+-- checks whether a string matches the password of a certain system user
+function user.checkpasswd(user, password)
+	local account = user.getuser(user)
+	if posix.crypt and account then
+		return (account.passwd == posix.crypt(account.passwd, password))
+	end
+end
 	
 -- Changes the user password of given user
 function user.setpasswd(user, pwd)
--- a/libs/sgi-haserl/luasrc/sgi/haserl.lua
+++ b/libs/sgi-haserl/luasrc/sgi/haserl.lua
@ -29,6 +29,12 @@ require("luci.fs")
 -- Environment Table
 luci.http.env = ENV

+-- Enforces user authentification
+function luci.http.basic_auth(verify_callback, realm)
+	-- Dummy for Haserl
+	return true
+end
+
 -- Returns the main dispatcher URL
 function luci.http.dispatcher()
 	return luci.http.env.SCRIPT_NAME or ""
--- a/libs/sgi-webuci/luasrc/sgi/webuci.lua
+++ b/libs/sgi-webuci/luasrc/sgi/webuci.lua
@ -33,6 +33,21 @@ function initenv(env, vars)
 	luci.http.vars = vars
 end

+-- Enforces user authentification
+function luci.http.basic_auth(verify_callback, realm)
+	local user = luci.http.env.auth_user
+	local pass = luci.http.env.auth_password
+	realm = realm or ""
+	
+	if not user or not verify_callback(user, pass) then
+		luci.http.status("401", "Unauthorized")
+		luci.http.header("WWW-Authenticate", string.format('Basic realm="%s"', realm))
+		return false	
+	else
+		return true
+	end
+end
+
 -- Returns the main dispatcher URL
 function luci.http.dispatcher()
 	return luci.http.env.SCRIPT_NAME or ""
--- a/libs/sgi-webuci/root/usr/lib/boa/luci.lua
+++ b/libs/sgi-webuci/root/usr/lib/boa/luci.lua
@ -38,6 +38,8 @@ function init(path)
 		luci.sys.net.routes			= function() return {} end
 		luci.sys.wifi.getiwconfig	= function() return {} end
 		luci.sys.wifi.iwscan		= function() return {} end
+		
+		luci.sys.user.checkpasswd   = function() return true end
 	end
 end

--- a/libs/web/luasrc/dispatcher.lua
+++ b/libs/web/luasrc/dispatcher.lua
@ -58,6 +58,18 @@ function build_url(...)
 	return luci.http.dispatcher() .. "/" .. table.concat(arg, "/")
 end

+-- Prints an error message or renders the "error401" template if available
+function error401(message)
+	message = message or "Unauthorized"
+
+	require("luci.template")
+	if not pcall(luci.template.render, "error401") then
+		luci.http.prepare_content("text/plain")
+		print(message)
+	end
+	return false
+end
+
 -- Sends a 404 error code and renders the "error404" template if available
 function error404(message)
 	luci.http.status(404, "Not Found")
@ -115,6 +127,20 @@ function dispatch()
 		end
 	end

+	if track.sysauth then
+		local accs = track.sysauth
+		accs = (type(accs) == "string") and {accs} or accs
+		
+		local function sysauth(user, password)
+			return (luci.util.contains(accs, user)
+				and luci.sys.user.checkpasswd(user, password)) 
+		end
+		
+		if not luci.http.basic_auth(sysauth) then
+			error401()
+			return
+		end
+	end

 	if track.i18n then
 		require("luci.i18n").loadc(track.i18n)
--- a/modules/admin-core/luasrc/controller/admin/index.lua
+++ b/modules/admin-core/luasrc/controller/admin/index.lua
@ -11,11 +11,12 @@ function index()
 	
 	entry({"about"}, template("about")).i18n = "admin-core"
 	
-	local page  = node("admin")
-	page.target = alias("admin", "index")
-	page.title  = i18n("administration", "Administration")
-	page.order  = 10
-	page.i18n   = "admin-core"
+	local page   = node("admin")
+	page.target  = alias("admin", "index")
+	page.title   = i18n("administration", "Administration")
+	page.order   = 10
+	page.i18n    = "admin-core"
+	page.sysauth = "root"
 	
 	local page  = node("admin", "index")
 	page.target = template("admin_index/index")