Mercurial > prosody-modules

view mod_auth_custom_http/README.markdown @ 2417:5e7badecf7fe

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_smacks: Check if a session is an authenticated c2s session by looking for a username (fix for change in 0.10 9f70d35a1602)
author Kim Alvefur <zash@zash.se>
date Thu, 15 Dec 2016 02:57:03 +0100
parents 6c569c481ffa
children f90cf59bee8e
line wrap: on
line source

---
summary: HTTP Authentication using custom JSON protocol
...

Introduction
============

To authenticate users, this module does a `POST` request to a configured
URL with a JSON payload. It is not async so requests block the server
until answered.

Configuration
=============

``` lua
VirtualHost "example.com"
authentication = "custom_http"
auth_custom_http = "http://api.example.com/auth"
```

Protocol
========

The JSON payload consists of an object with `username` and `password`
members:

    {"username":"john","password":"secr1t"}

The module expects the response body to be exactly `true` if the
username and password are correct.