Older/Server/lua/basic_authentication.lua
2024-06-17 16:27:43 +00:00

34 lines
840 B
Lua

local auth_header = ngx.var.http_authorization
local function authenticate()
ngx.header.content_type = 'text/plain'
ngx.header.www_authenticate = 'Basic realm="Restricted Area"'
ngx.status = ngx.HTTP_UNAUTHORIZED
ngx.say('Unauthorized')
ngx.exit(ngx.HTTP_UNAUTHORIZED)
end
if not auth_header then
return authenticate()
end
local _, _, encoded = string.find(auth_header, "Basic%s+(.+)")
if not encoded then
return authenticate()
end
local decoded = ngx.decode_base64(encoded)
local user_account, user_password = decoded:match("([^:]+):(.+)")
ngx.log(ngx.INFO, encoded, " ", user_account, " ", user_password)
local accounts = require("lua/accounts")
local credentials = accounts.credentials()
if credentials and credentials[user_account] == user_password then
return
else
return authenticate()
end