annotate mod_http_rest/mod_http_rest.lua @ 5547:d4a2997deae9

mod_http_oauth2: Make CSP configurable E.g. to enable forbidding all scripts if you don't use any scripts, or allow scripts from your separate static content domain, etc.
author Kim Alvefur <zash@zash.se>
date Sun, 11 Jun 2023 14:06:28 +0200
parents 79432b859d21
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2336
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
1 module:depends"http"
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
2
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
3 local jid_split = require "util.jid".split;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
4 local jid_prep = require "util.jid".prep;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
5 local stanza = require "util.stanza";
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
6 local test_password = require "core.usermanager".test_password;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
7 local b64_decode = require "util.encodings".base64.decode;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
8 local formdecode = require "net.http".formdecode;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
9 local xml = require"util.xml";
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
10
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
11 local function handle_post(event, path, authed_user)
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
12 local request = event.request;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
13 local headers = request.headers;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
14 local body_type = headers.content_type;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
15 if body_type == "text/xml" and request.body then
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
16 local parsed, err = xml.parse(request.body);
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
17 if parsed then
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
18 module:log("debug", "Sending %s", parsed);
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
19 module:send(parsed);
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
20 return 201;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
21 end
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
22 else
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
23 return 415;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
24 end
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
25 return 422;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
26 end
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
27
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
28 module:provides("http", {
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
29 default_path = "/rest";
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
30 route = {
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
31 ["POST"] = handle_post;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
32 OPTIONS = function(e)
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
33 local headers = e.response.headers;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
34 headers.allow = "POST";
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
35 headers.accept = "test/xml";
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
36 return 200;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
37 end;
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
38 }
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
39 });