Allow Basic-Auth pass-through

diff --git a/libs/lucid-http/luasrc/lucid/http/server.lua b/libs/lucid-http/luasrc/lucid/http/server.lua
index 0fe947316635251c6f207c6c793514bd92324335..cb10813b9ee7aee499c3a75b2e2c92c0653b280c 100644 (file)
--- a/libs/lucid-http/luasrc/lucid/http/server.lua
+++ b/libs/lucid-http/luasrc/lucid/http/server.lua
@@ -132,6 +132,7 @@ function Handler.checkrestricted(self, request)
                end
                
                if stat then
+                       request.env.HTTP_AUTH_USER, request.env.HTTP_AUTH_PASS = user, pass
                        return
                end
        end

diff --git a/libs/web/luasrc/dispatcher.lua b/libs/web/luasrc/dispatcher.lua
index c863d9ff724e2dd2c2c51ebc64315026f688eaff..01cc109219cbac9596246d75d999a673f458dccc 100644 (file)
--- a/libs/web/luasrc/dispatcher.lua
+++ b/libs/web/luasrc/dispatcher.lua
@@ -258,7 +258,7 @@ function dispatch(request)
                local verifytoken = false
                if not sess then
                        sess = luci.http.getcookie("sysauth")
-                       sess = sess and sess:match("^[a-f0-9]+$")
+                       sess = sess and sess:match("^[a-f0-9]*$")
                        verifytoken = true
                end
 
@@ -272,6 +272,12 @@ function dispatch(request)
                        if not verifytoken or ctx.urltoken.stok == sdat.token then
                                user = sdat.user
                        end
+               else
+                       local eu = http.getenv("HTTP_AUTH_USER")
+                       local ep = http.getenv("HTTP_AUTH_PASS")
+                       if eu and ep and luci.sys.user.checkpasswd(eu, ep) then
+                               authen = function() return eu end
+                       end
                end
 
                if not util.contains(accs, user) then