4 (c) 2008 Steven Barth <steven@midlink.org>
6 Licensed under the Apache License, Version 2.0 (the "License");
7 you may not use this file except in compliance with the License.
8 You may obtain a copy of the License at
10 http://www.apache.org/licenses/LICENSE-2.0
16 --- LuCI session library.
17 module("luci.sauth", package.seeall)
21 require("luci.config")
22 local nixio = require "nixio", require "nixio.util"
23 local fs = require "nixio.fs"
26 luci.config.sauth = luci.config.sauth or {}
27 sessionpath = luci.config.sauth.sessionpath
28 sessiontime = tonumber(luci.config.sauth.sessiontime) or 15 * 60
30 --- Manually clean up expired sessions.
33 local files = luci.fs.dir(sessionpath)
39 for i, file in pairs(files) do
40 local fname = sessionpath .. "/" .. file
41 local stat = luci.fs.stat(fname)
42 if stat and stat.type == "reg" and stat.mtime + sessiontime < now then
48 --- Prepare session storage by creating the session directory.
50 fs.mkdir(sessionpath, 700)
53 error("Security Exception: Session path is not sane!")
57 --- Read a session and return its content.
58 -- @param id Session identifier
59 -- @return Session data
64 if not id:match("^%w+$") then
65 error("Session ID is not sane!")
68 if not sane(sessionpath .. "/" .. id) then
71 luci.fs.utime(sessionpath .. "/" .. id)
72 return luci.fs.readfile(sessionpath .. "/" .. id)
76 --- Check whether Session environment is sane.
77 -- @return Boolean status
79 return luci.sys.process.info("uid")
80 == luci.fs.stat(file or sessionpath, "uid")
81 and luci.fs.stat(file or sessionpath, "modestr")
82 == (file and "rw-------" or "rwx------")
86 --- Write session data to a session file.
87 -- @param id Session identifier
88 -- @param data Session data
89 function write(id, data)
93 if not id:match("^%w+$") then
94 error("Session ID is not sane!")
97 local f = nixio.open(sessionpath .. "/" .. id, "w", 600)
104 -- @param id Session identifier
106 if not id:match("^%w+$") then
107 error("Session ID is not sane!")
109 luci.fs.unlink(sessionpath .. "/" .. id)