lua-resty-auth

A Lua resty module for HTTP Authentication (both basic and digest scheme supported, referring to RFC 2617)

lua-resty-auth

A Lua resty module for HTTP Authentication (both basic and digest scheme supported, referring to RFC 2617).

TODO

  • md5crpyt for scheme basic

  • crypt for scheme basic

  • test case

  • stress test

  • security audit

Missing Features

  • qop option auth-int

  • algorithm MD5-sess

Example Usage

    lua_shared_dict nonce 2m;

    init_by_lua '
        local auth = require("resty.auth")

        local ok, msg = auth.setup {
            scheme= "digest", 
            shm= "nonce", 
            user_file= "htdigest",
            expires= 10,
            replays= 5,
            timeout= 10,
        }
        if not ok then error(msg) end

        local ok, msg = auth.setup {
            scheme= "basic", 
            user_file= "htpasswd"
        )
        if not ok then print msg end
    ';

    server {
        location /auth_basic/ {
            access_by_lua '
                local auth = require("resty.auth")
                auth.new("basic", "you@site"):auth()
            ';
        }

        location /auth_digest/ {
            access_by_lua '
                local auth = require("resty.auth")
                auth.new("digest", "you@site"):auth()
            ';
        }
    }

Thanks

  • The idea and some of the code are borrowed from here

  • The module parameters mimic the directives of ngx_http_auth_digest

Authors

Hungpu DU (duhoobo)

License

2bsd

Dependencies

nginx

Versions

  • A Lua resty module for HTTP Authentication (both basic and digest scheme supported, referring to RFC 2617) 2016-09-30 05:59:47