mod_http_oauth2: Reject non-local hosts in more code paths We're not issuing tokens for users on remote hosts, we can't even authenticate them since they're remote. Thus the host is always the local module.host so no need to pass around the host in most cases or use it for anything but enforcing the same host.

local actions = {};

function actions.auth(data)
	local user, host, pass = data:match("^([^:]+):([^:]+):(.+)$");
	if user == "someone" then
		return "1";
	end
end

for line in io.lines() do
	local action, data = line:match("^([^:]+)(.*)$");
	print(actions[action] and actions[action](data) or "0");
end