forked from marcoskirsch/nodemcu-httpserver
-
Notifications
You must be signed in to change notification settings - Fork 0
/
httpserver-basicauth.lua
42 lines (37 loc) · 1.4 KB
/
httpserver-basicauth.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
-- httpserver-basicauth.lua
-- Part of nodemcu-httpserver, authenticates a user using http basic auth.
-- Author: Sam Dieck
basicAuth = {}
-- Returns true if the user/password match one of the users/passwords in httpserver-conf.lua.
-- Returns false otherwise.
function loginIsValid(user, pwd, users)
if user == nil then return false end
if pwd == nil then return false end
if users[user] == nil then return false end
if users[user] ~= pwd then return false end
return true
end
-- Parse basic auth http header.
-- Returns the username if header contains valid credentials,
-- nil otherwise.
function basicAuth.authenticate(header)
local conf = dofile("httpserver-conf.lc")
local credentials_enc = header:match("Authorization: Basic ([A-Za-z0-9+/=]+)")
if not credentials_enc then
return nil
end
local credentials = dofile("httpserver-b64decode.lc")(credentials_enc)
local user, pwd = credentials:match("^(.*):(.*)$")
if loginIsValid(user, pwd, conf.auth.users) then
print("httpserver-basicauth: User \"" .. user .. "\": Authenticated.")
return user
else
print("httpserver-basicauth: User \"" .. user .. "\": Access denied.")
return nil
end
end
function basicAuth.authErrorHeader()
local conf = dofile("httpserver-conf.lc")
return "WWW-Authenticate: Basic realm=\"" .. conf.auth.realm .. "\""
end
return basicAuth