From a77f1b91aeb9d6770a2fa5bc83a6100119e825d1 Mon Sep 17 00:00:00 2001
From: Steven Barth <steven@midlink.org>
Date: Sat, 25 Jul 2009 10:47:26 +0000
Subject: [PATCH] Allow Basic-Auth pass-through

---
 libs/lucid-http/luasrc/lucid/http/server.lua | 1 +
 libs/web/luasrc/dispatcher.lua               | 8 +++++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/libs/lucid-http/luasrc/lucid/http/server.lua b/libs/lucid-http/luasrc/lucid/http/server.lua
index 0fe947316..cb10813b9 100644
--- a/libs/lucid-http/luasrc/lucid/http/server.lua
+++ b/libs/lucid-http/luasrc/lucid/http/server.lua
@@ -132,6 +132,7 @@ function Handler.checkrestricted(self, request)
 		end
 		
 		if stat then
+			request.env.HTTP_AUTH_USER, request.env.HTTP_AUTH_PASS = user, pass
 			return
 		end
 	end
diff --git a/libs/web/luasrc/dispatcher.lua b/libs/web/luasrc/dispatcher.lua
index c863d9ff7..01cc10921 100644
--- a/libs/web/luasrc/dispatcher.lua
+++ b/libs/web/luasrc/dispatcher.lua
@@ -258,7 +258,7 @@ function dispatch(request)
 		local verifytoken = false
 		if not sess then
 			sess = luci.http.getcookie("sysauth")
-			sess = sess and sess:match("^[a-f0-9]+$")
+			sess = sess and sess:match("^[a-f0-9]*$")
 			verifytoken = true
 		end
 
@@ -272,6 +272,12 @@ function dispatch(request)
 			if not verifytoken or ctx.urltoken.stok == sdat.token then
 				user = sdat.user
 			end
+		else
+			local eu = http.getenv("HTTP_AUTH_USER")
+			local ep = http.getenv("HTTP_AUTH_PASS")
+			if eu and ep and luci.sys.user.checkpasswd(eu, ep) then
+				authen = function() return eu end
+			end
 		end
 
 		if not util.contains(accs, user) then
-- 
2.25.1