Mercurial > prosody-modules

view mod_auth_custom_http/README.markdown @ 2670:6e01878103c0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_smacks: Ignore user when writing or reading session_cache on prosody 0.9 At least under some circumstances it seems that session.username is nil when a user tries to resume his session in prosody 0.9. The username is not relevant when no limiting is done (limiting the number of entries in the session cache is only possible in prosody 0.10), so this commit removes the usage of the username when accessing the prosody 0.9 session cache.
author tmolitor <thilo@eightysoft.de>
date Thu, 06 Apr 2017 02:12:14 +0200
parents 6c569c481ffa
children f90cf59bee8e
line wrap: on
line source

---
summary: HTTP Authentication using custom JSON protocol
...

Introduction
============

To authenticate users, this module does a `POST` request to a configured
URL with a JSON payload. It is not async so requests block the server
until answered.

Configuration
=============

``` lua
VirtualHost "example.com"
authentication = "custom_http"
auth_custom_http = "http://api.example.com/auth"
```

Protocol
========

The JSON payload consists of an object with `username` and `password`
members:

    {"username":"john","password":"secr1t"}

The module expects the response body to be exactly `true` if the
username and password are correct.