diff options
-rw-r--r-- | filters/simple-authentication.lua | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/filters/simple-authentication.lua b/filters/simple-authentication.lua index 9291302..230d3a3 100644 --- a/filters/simple-authentication.lua +++ b/filters/simple-authentication.lua | |||
@@ -12,17 +12,27 @@ | |||
12 | -- | 12 | -- |
13 | -- | 13 | -- |
14 | 14 | ||
15 | -- A list of password protected repositories along with the users who can access them. | ||
15 | local protected_repos = { | 16 | local protected_repos = { |
16 | glouglou = { laurent = true, jason = true }, | 17 | glouglou = { laurent = true, jason = true }, |
17 | qt = { jason = true, bob = true } | 18 | qt = { jason = true, bob = true } |
18 | } | 19 | } |
19 | 20 | ||
21 | -- Please note that, in production, you'll want to replace this simple lookup | ||
22 | -- table with either a table of salted and hashed passwords (using something | ||
23 | -- smart like scrypt), or replace this table lookup with an external support, | ||
24 | -- such as consulting your system's pam / shadow system, or an external | ||
25 | -- database, or an external validating web service. For testing, or for | ||
26 | -- extremely low-security usage, you may be able, however, to get away with | ||
27 | -- compromising on hardcoding the passwords in cleartext, as we have done here. | ||
20 | local users = { | 28 | local users = { |
21 | jason = "secretpassword", | 29 | jason = "secretpassword", |
22 | laurent = "s3cr3t", | 30 | laurent = "s3cr3t", |
23 | bob = "ilikelua" | 31 | bob = "ilikelua" |
24 | } | 32 | } |
25 | 33 | ||
34 | -- All cookies will be authenticated based on this secret. Make it something | ||
35 | -- totally random and impossible to guess. It should be large. | ||
26 | local secret = "BE SURE TO CUSTOMIZE THIS STRING TO SOMETHING BIG AND RANDOM" | 36 | local secret = "BE SURE TO CUSTOMIZE THIS STRING TO SOMETHING BIG AND RANDOM" |
27 | 37 | ||
28 | 38 | ||