diff options
| author | Jason A. Donenfeld | 2014-01-14 21:49:31 +0100 |
|---|---|---|
| committer | Jason A. Donenfeld | 2014-01-16 02:28:12 +0100 |
| commit | d6e9200cc35411f3f27426b608bcfdef9348e6d3 (patch) | |
| tree | 9cdd921b03465458d10b99ff4357f79a810501c0 /ui-shared.c | |
| parent | 3741254a6989b2837cd8d20480f152f0096bcb9a (diff) | |
| download | cgit-d6e9200cc35411f3f27426b608bcfdef9348e6d3.tar.gz cgit-d6e9200cc35411f3f27426b608bcfdef9348e6d3.tar.bz2 cgit-d6e9200cc35411f3f27426b608bcfdef9348e6d3.zip | |
auth: add basic authentication filter framework
This leverages the new lua support. See
filters/simple-authentication.lua for explaination of how this works.
There is also additional documentation in cgitrc.5.txt.
Though this is a cookie-based approach, cgit's caching mechanism is
preserved for authenticated pages.
Very plugable and extendable depending on user needs.
The sample script uses an HMAC-SHA1 based cookie to store the
currently logged in user, with an expiration date.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'ui-shared.c')
| -rw-r--r-- | ui-shared.c | 28 |
1 files changed, 16 insertions, 12 deletions
diff --git a/ui-shared.c b/ui-shared.c index abe15cd..4f47c50 100644 --- a/ui-shared.c +++ b/ui-shared.c | |||
| @@ -641,6 +641,8 @@ void cgit_print_http_headers(struct cgit_context *ctx) | |||
| 641 | if (ctx->page.filename) | 641 | if (ctx->page.filename) |
| 642 | htmlf("Content-Disposition: inline; filename=\"%s\"\n", | 642 | htmlf("Content-Disposition: inline; filename=\"%s\"\n", |
| 643 | ctx->page.filename); | 643 | ctx->page.filename); |
| 644 | if (!ctx->env.authenticated) | ||
| 645 | html("Cache-Control: no-cache, no-store\n"); | ||
| 644 | htmlf("Last-Modified: %s\n", http_date(ctx->page.modified)); | 646 | htmlf("Last-Modified: %s\n", http_date(ctx->page.modified)); |
| 645 | htmlf("Expires: %s\n", http_date(ctx->page.expires)); | 647 | htmlf("Expires: %s\n", http_date(ctx->page.expires)); |
| 646 | if (ctx->page.etag) | 648 | if (ctx->page.etag) |
| @@ -814,14 +816,16 @@ static void print_header(struct cgit_context *ctx) | |||
| 814 | cgit_index_link("index", NULL, NULL, NULL, NULL, 0); | 816 | cgit_index_link("index", NULL, NULL, NULL, NULL, 0); |
| 815 | html(" : "); | 817 | html(" : "); |
| 816 | cgit_summary_link(ctx->repo->name, ctx->repo->name, NULL, NULL); | 818 | cgit_summary_link(ctx->repo->name, ctx->repo->name, NULL, NULL); |
| 817 | html("</td><td class='form'>"); | 819 | if (ctx->env.authenticated) { |
| 818 | html("<form method='get' action=''>\n"); | 820 | html("</td><td class='form'>"); |
| 819 | cgit_add_hidden_formfields(0, 1, ctx->qry.page); | 821 | html("<form method='get' action=''>\n"); |
| 820 | html("<select name='h' onchange='this.form.submit();'>\n"); | 822 | cgit_add_hidden_formfields(0, 1, ctx->qry.page); |
| 821 | for_each_branch_ref(print_branch_option, ctx->qry.head); | 823 | html("<select name='h' onchange='this.form.submit();'>\n"); |
| 822 | html("</select> "); | 824 | for_each_branch_ref(print_branch_option, ctx->qry.head); |
| 823 | html("<input type='submit' name='' value='switch'/>"); | 825 | html("</select> "); |
| 824 | html("</form>"); | 826 | html("<input type='submit' name='' value='switch'/>"); |
| 827 | html("</form>"); | ||
| 828 | } | ||
| 825 | } else | 829 | } else |
| 826 | html_txt(ctx->cfg.root_title); | 830 | html_txt(ctx->cfg.root_title); |
| 827 | html("</td></tr>\n"); | 831 | html("</td></tr>\n"); |
| @@ -843,11 +847,11 @@ static void print_header(struct cgit_context *ctx) | |||
| 843 | void cgit_print_pageheader(struct cgit_context *ctx) | 847 | void cgit_print_pageheader(struct cgit_context *ctx) |
| 844 | { | 848 | { |
| 845 | html("<div id='cgit'>"); | 849 | html("<div id='cgit'>"); |
| 846 | if (!ctx->cfg.noheader) | 850 | if (!ctx->env.authenticated || !ctx->cfg.noheader) |
| 847 | print_header(ctx); | 851 | print_header(ctx); |
| 848 | 852 | ||
| 849 | html("<table class='tabs'><tr><td>\n"); | 853 | html("<table class='tabs'><tr><td>\n"); |
| 850 | if (ctx->repo) { | 854 | if (ctx->env.authenticated && ctx->repo) { |
| 851 | cgit_summary_link("summary", NULL, hc(ctx, "summary"), | 855 | cgit_summary_link("summary", NULL, hc(ctx, "summary"), |
| 852 | ctx->qry.head); | 856 | ctx->qry.head); |
| 853 | cgit_refs_link("refs", NULL, hc(ctx, "refs"), ctx->qry.head, | 857 | cgit_refs_link("refs", NULL, hc(ctx, "refs"), ctx->qry.head, |
| @@ -886,7 +890,7 @@ void cgit_print_pageheader(struct cgit_context *ctx) | |||
| 886 | html("'/>\n"); | 890 | html("'/>\n"); |
| 887 | html("<input type='submit' value='search'/>\n"); | 891 | html("<input type='submit' value='search'/>\n"); |
| 888 | html("</form>\n"); | 892 | html("</form>\n"); |
| 889 | } else { | 893 | } else if (ctx->env.authenticated) { |
| 890 | site_link(NULL, "index", NULL, hc(ctx, "repolist"), NULL, NULL, 0); | 894 | site_link(NULL, "index", NULL, hc(ctx, "repolist"), NULL, NULL, 0); |
| 891 | if (ctx->cfg.root_readme) | 895 | if (ctx->cfg.root_readme) |
| 892 | site_link("about", "about", NULL, hc(ctx, "about"), | 896 | site_link("about", "about", NULL, hc(ctx, "about"), |
| @@ -902,7 +906,7 @@ void cgit_print_pageheader(struct cgit_context *ctx) | |||
| 902 | html("</form>"); | 906 | html("</form>"); |
| 903 | } | 907 | } |
| 904 | html("</td></tr></table>\n"); | 908 | html("</td></tr></table>\n"); |
| 905 | if (ctx->qry.vpath) { | 909 | if (ctx->env.authenticated && ctx->qry.vpath) { |
| 906 | html("<div class='path'>"); | 910 | html("<div class='path'>"); |
| 907 | html("path: "); | 911 | html("path: "); |
| 908 | cgit_print_path_crumbs(ctx, ctx->qry.vpath); | 912 | cgit_print_path_crumbs(ctx, ctx->qry.vpath); |