return false
end
-function authenticator.htmlauth(validator, default)
+function authenticator.htmlauth(validator, accs, default)
local user = luci.http.formvalue("username")
local pass = luci.http.formvalue("password")
local c = context.tree
local track = {}
local args = {}
- context.args = context.path
+ context.args = args
local n
for i, s in ipairs(request) do
if not luci.util.contains(accs, user) then
if authen then
- local user = authen(luci.sys.user.checkpasswd, def)
+ local user = authen(luci.sys.user.checkpasswd, accs, def)
if not user or not luci.util.contains(accs, user) then
return
else
module("luci.controller.rpc", package.seeall)
function index()
- local authenticator = function(validator)
- require "luci.jsonrpc"
- require "luci.http"
- luci.http.setfilehandler()
-
- local loginstat
-
- local server = {}
- server.login = function(...)
- loginstat = validator(...)
- return loginstat
+ local function authenticator(validator, accs)
+ local args = luci.dispatcher.context.args
+ if args and #args > 0 then
+ local user = luci.sauth.read(args[1])
+ if user and luci.util.contains(accs, user) then
+ return user
+ end
end
-
- luci.http.prepare_content("application/json")
- luci.http.write(luci.jsonrpc.handle(server, luci.http.content()))
-
- return loginstat
+ luci.http.status(403, "Forbidden")
end
uci = entry({"rpc", "uci"}, call("rpc_uci"))
uci.sysauth = "root"
uci.sysauth_authenticator = authenticator
+ uci.leaf = true
+
+ uci = entry({"rpc", "auth"}, call("rpc_auth"))
+end
+
+function rpc_auth()
+ require "luci.jsonrpc"
+ require "luci.sauth"
+
+ luci.http.setfilehandler()
+
+ local loginstat
+
+ local server = {}
+ server.login = function(user, pass)
+ local sid
+
+ if luci.sys.user.checkpasswd(user, pass) then
+ sid = luci.sys.uniqueid(16)
+ luci.http.header("Set-Cookie", "sysauth=" .. sid.."; path=/")
+ luci.sauth.write(sid, user)
+ end
+
+ return sid
+ end
+
+ luci.http.prepare_content("application/json")
+ luci.http.write(luci.jsonrpc.handle(server, luci.http.content()))
+
+ return loginstat
end
function rpc_uci()
- luci.http.write("HELLO THAR!")
+
end
\ No newline at end of file
]]--
module("luci.jsonrpc", package.seeall)
+require "luci.json"
function resolve(mod, method)
- local path = luci.util.split(value, ".")
+ local path = luci.util.split(method, ".")
for j=1, #path-1 do
if not type(mod) == "table" then
and (not json.params or type(json.params) == "table") then
if tbl[json.method] then
response = reply(json.jsonrpc, json.id,
- proxy(resolve(tbl, json.method), unpack(json.params)))
+ proxy(resolve(tbl, json.method), unpack(json.params or {})))
else
response = reply(json.jsonrpc, json.id,
nil, {code=-32601, message="Method not found."})
end
function proxy(method, ...)
- local res = {luci.util.copcall(method, unpack(params))}
+ local res = {luci.util.copcall(method, ...)}
local stat = table.remove(res, 1)
if not stat then
return nil, {code=-32602, message="Invalid params.", data=table.remove(res, 1)}
else
- return (#res <= 1) and res[1] or res
+ if #res <= 1 then
+ return res[1] or luci.json.Null
+ else
+ return res
+ end
end
end
\ No newline at end of file
projects / oweals / luci.git / commitdiff