Mercurial > prosody-modules
diff mod_rest/mod_rest.lua @ 3802:f88e07630e4e
mod_rest: Add support for simple Bearer token auth
Token specified in config
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 31 Dec 2019 03:37:46 +0100 |
| parents | d59fb4dcf100 |
| children | dc2b5a412286 |
line wrap: on
line diff
--- a/mod_rest/mod_rest.lua Mon Dec 30 07:22:15 2019 +0100 +++ b/mod_rest/mod_rest.lua Tue Dec 31 03:37:46 2019 +0100 @@ -13,9 +13,23 @@ local allow_any_source = module:get_host_type() == "component"; local validate_from_addresses = module:get_option_boolean("validate_from_addresses", true); +local secret = assert(module:get_option_string("rest_credentials"), "rest_credentials is a required setting"); +local auth_type = assert(secret:match("^%S+"), "Format of rest_credentials MUST be like 'Bearer secret'"); +assert(auth_type == "Bearer", "Only 'Bearer' is supported in rest_credentials"); + +-- Bearer token +local function check_credentials(request) + return request.headers.authorization == secret; +end local function handle_post(event) local request, response = event.request, event.response; + if not request.headers.authorization then + response.headers.www_authenticate = ("%s realm=%q"):format(auth_type, module.host.."/"..module.name); + return 401; + elseif not check_credentials(request) then + return 401; + end if request.headers.content_type ~= "application/xmpp+xml" then return errors.new({ code = 415, text = "'application/xmpp+xml' expected" }); end