Mercurial > prosody-modules

view mod_auth_custom_http/README.markdown @ 4340:7cd3b7ec59e9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Rudimentary support for scopes (but not really) We don't support limiting access, but this change will inform the client what permissions the created token has (e.g. is the user an admin or not). There is some work in progress on real scope support.
author Matthew Wild <mwild1@gmail.com>
date Sat, 16 Jan 2021 19:47:22 +0000
parents f90cf59bee8e
children
line wrap: on
line source

---
summary: HTTP Authentication using custom JSON protocol
...

Introduction
============

To authenticate users, this module does a `POST` request to a configured
URL with a JSON payload. It is not async so requests block the server
until answered.

Configuration
=============

``` lua
VirtualHost "example.com"
authentication = "custom_http"
auth_custom_http = {
  post_url = "http://api.example.com/auth";
}
```

Protocol
========

The JSON payload consists of an object with `username` and `password`
members:

    {"username":"john","password":"secr1t"}

The module expects the response body to be exactly `true` if the
username and password are correct.