Mercurial > prosody-modules
view mod_auth_custom_http/README.markdown @ 3216:5d35e6b409e0
mod_http_upload_external: share.php: Use hash_equals() if available to protect against timing attack
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Tue, 07 Aug 2018 19:12:52 +0100 |
parents | f90cf59bee8e |
children |
line wrap: on
line source
--- summary: HTTP Authentication using custom JSON protocol ... Introduction ============ To authenticate users, this module does a `POST` request to a configured URL with a JSON payload. It is not async so requests block the server until answered. Configuration ============= ``` lua VirtualHost "example.com" authentication = "custom_http" auth_custom_http = { post_url = "http://api.example.com/auth"; } ``` Protocol ======== The JSON payload consists of an object with `username` and `password` members: {"username":"john","password":"secr1t"} The module expects the response body to be exactly `true` if the username and password are correct.