# HG changeset patch # User Kim Alvefur # Date 1680029111 -7200 # Node ID cc89c97befe7e5e8cd82f537e6bec2c578c91311 # Parent 0566a71a7076b8f8c7535b2357d8a6588bce2f9d mod_http_admin_api: Tweak token session to please module:may() module:may() checks for type == "c2s", but mod_tokenauth does not currently include that or most common session properties. Fixes a traceback resulting from a different code path where module:may() tries to index event.stanza, which does not exist for http events. diff -r 0566a71a7076 -r cc89c97befe7 mod_http_admin_api/mod_http_admin_api.lua --- a/mod_http_admin_api/mod_http_admin_api.lua Tue Mar 28 12:43:05 2023 +0100 +++ b/mod_http_admin_api/mod_http_admin_api.lua Tue Mar 28 20:45:11 2023 +0200 @@ -48,6 +48,9 @@ event.response.headers.authorization = www_authenticate_header; return false, 401; end + -- FIXME this should probably live in mod_tokenauth or similar + session.type = "c2s"; + session.full_jid = jid.join(session.username, session.host, session.resource); event.session = session; if not module:may(":access-admin-api", event) then return false, 403;