auth: add basic authentication filter framework

This leverages the new lua support. See
filters/simple-authentication.lua for explaination of how this works.
There is also additional documentation in cgitrc.5.txt.

Though this is a cookie-based approach, cgit's caching mechanism is
preserved for authenticated pages.

Very plugable and extendable depending on user needs.

The sample script uses an HMAC-SHA1 based cookie to store the
currently logged in user, with an expiration date.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

1 files changed, 11 insertions, 0 deletions

diff --git a/filter.c b/filter.c
index 0cce7bb..a5e5e4b 100644
--- a/filter.c
+++ b/filter.c
@@ -244,6 +244,11 @@ static int html_url_arg_lua_filter(lua_State *lua_state)
         return hook_lua_filter(lua_state, html_url_arg);
 }
 
+static int html_include_lua_filter(lua_State *lua_state)
+{
+        return hook_lua_filter(lua_state, (void (*)(const char *))html_include);
+}
+
 static void cleanup_lua_filter(struct cgit_filter *base)
 {
         struct lua_filter *filter = (struct lua_filter *)base;
@@ -279,6 +284,8 @@ static int init_lua_filter(struct lua_filter *filter)
         lua_setglobal(filter->lua_state, "html_url_path");
         lua_pushcfunction(filter->lua_state, html_url_arg_lua_filter);
         lua_setglobal(filter->lua_state, "html_url_arg");
+        lua_pushcfunction(filter->lua_state, html_include_lua_filter);
+        lua_setglobal(filter->lua_state, "html_include");
 
         if (luaL_dofile(filter->lua_state, filter->script_file)) {
                 error_lua_filter(filter);
@@ -409,6 +416,10 @@ struct cgit_filter *cgit_new_filter(const char *cmd, filter_type filtertype)
                 colon = NULL;
 
         switch (filtertype) {
+                case AUTH:
+                        argument_count = 11;
+                        break;
+
                 case EMAIL:
                         argument_count = 2;
                         break;