commit d6e9200cc35411f3f27426b608bcfdef9348e6d3
author Jason A. Donenfeld <Jason@zx2c4.com> Tue Jan 14 21:49:31 2014 +0100
committer Jason A. Donenfeld <Jason@zx2c4.com> Thu Jan 16 02:28:12 2014 +0100
tree 9cdd921b03465458d10b99ff4357f79a810501c0
parent 3741254a6989b2837cd8d20480f152f0096bcb9a

auth: add basic authentication filter framework

This leverages the new lua support. See
filters/simple-authentication.lua for explaination of how this works.
There is also additional documentation in cgitrc.5.txt.

Though this is a cookie-based approach, cgit's caching mechanism is
preserved for authenticated pages.

Very plugable and extendable depending on user needs.

The sample script uses an HMAC-SHA1 based cookie to store the
currently logged in user, with an expiration date.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

filter.c

diff --git a/filter.c b/filter.c
index 0cce7bb..a5e5e4b 100644
--- a/filter.c
+++ b/filter.c
@@ -244,6 +244,11 @@
 	return hook_lua_filter(lua_state, html_url_arg);
 }
 
+static int html_include_lua_filter(lua_State *lua_state)
+{
+	return hook_lua_filter(lua_state, (void (*)(const char *))html_include);
+}
+
 static void cleanup_lua_filter(struct cgit_filter *base)
 {
 	struct lua_filter *filter = (struct lua_filter *)base;
@@ -279,6 +284,8 @@
 	lua_setglobal(filter->lua_state, "html_url_path");
 	lua_pushcfunction(filter->lua_state, html_url_arg_lua_filter);
 	lua_setglobal(filter->lua_state, "html_url_arg");
+	lua_pushcfunction(filter->lua_state, html_include_lua_filter);
+	lua_setglobal(filter->lua_state, "html_include");
 
 	if (luaL_dofile(filter->lua_state, filter->script_file)) {
 		error_lua_filter(filter);
@@ -409,6 +416,10 @@
 		colon = NULL;
 
 	switch (filtertype) {
+		case AUTH:
+			argument_count = 11;
+			break;
+
 		case EMAIL:
 			argument_count = 2;
 			break;