Mercurial > prosody-modules
comparison mod_http_auth_check/mod_http_auth_check.lua @ 2886:5ca6d53d3186
Return 401 with correct realm when no user/pass is provided
| author | Nicolas Cedilnik <nicoco@nicoco.fr> |
|---|---|
| date | Tue, 20 Feb 2018 17:30:17 +0100 |
| parents | 16e9f37b3f82 |
| children |
comparison
equal
deleted
inserted
replaced
| 2885:88b16084eda7 | 2886:5ca6d53d3186 |
|---|---|
| 12 local function authenticate (event, path) | 12 local function authenticate (event, path) |
| 13 local request = event.request; | 13 local request = event.request; |
| 14 local response = event.response; | 14 local response = event.response; |
| 15 local headers = request.headers; | 15 local headers = request.headers; |
| 16 if not headers.authorization then | 16 if not headers.authorization then |
| 17 return 400 | 17 response.headers.www_authenticate = ("Basic realm=%q"):format(realm); |
| 18 return 401 | |
| 18 end | 19 end |
| 19 local from_jid, password = b64_decode(headers.authorization:match"[^ ]*$"):match"([^:]*):(.*)"; | 20 local from_jid, password = b64_decode(headers.authorization:match"[^ ]*$"):match"([^:]*):(.*)"; |
| 20 from_jid = jid_prep(from_jid); | 21 from_jid = jid_prep(from_jid); |
| 21 password = saslprep(password); | 22 password = saslprep(password); |
| 22 if from_jid and password then | 23 if from_jid and password then |