Skip to content

duhoobo/lua-resty-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
lib/resty
lib/resty
 
 
tools
tools
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
dist.ini
dist.ini
 
 

Repository files navigation

lua-resty-auth

A Lua resty module for HTTP Authentication (both basic and digest scheme supported, referring to RFC 2617).

TODO

  • md5crpyt for scheme basic
  • crypt for scheme basic
  • test case
  • stress test
  • security audit

Missing Features

  • qop option auth-int
  • algorithm MD5-sess

Example Usage

lua_shared_dict nonce 2m;

init_by_lua '
    local auth = require("resty.auth")

    local ok, msg = auth.setup {
        scheme= "digest", 
        shm= "nonce", 
        user_file= "htdigest",
        expires= 10,
        replays= 5,
        timeout= 10,
    }
    if not ok then error(msg) end

    local ok, msg = auth.setup {
        scheme= "basic", 
        user_file= "htpasswd"
    )
    if not ok then print msg end
';

server {
    location /auth_basic/ {
        access_by_lua '
            local auth = require("resty.auth")
            auth.new("basic", "you@site"):auth()
        ';
    }

    location /auth_digest/ {
        access_by_lua '
            local auth = require("resty.auth")
            auth.new("digest", "you@site"):auth()
        ';
    }
}

Thanks

  • The idea and some of the code are borrowed from here
  • The module parameters mimic the directives of ngx_http_auth_digest

About

A Lua resty module for HTTP Authentication

Resources

Readme
Activity

Stars

14 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages