diff options
| -rw-r--r-- | filters/simple-authentication.lua | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/filters/simple-authentication.lua b/filters/simple-authentication.lua index 9291302..230d3a3 100644 --- a/filters/simple-authentication.lua +++ b/filters/simple-authentication.lua | |||
| @@ -12,17 +12,27 @@ | |||
| 12 | -- | 12 | -- |
| 13 | -- | 13 | -- |
| 14 | 14 | ||
| 15 | -- A list of password protected repositories along with the users who can access them. | ||
| 15 | local protected_repos = { | 16 | local protected_repos = { |
| 16 | glouglou = { laurent = true, jason = true }, | 17 | glouglou = { laurent = true, jason = true }, |
| 17 | qt = { jason = true, bob = true } | 18 | qt = { jason = true, bob = true } |
| 18 | } | 19 | } |
| 19 | 20 | ||
| 21 | -- Please note that, in production, you'll want to replace this simple lookup | ||
| 22 | -- table with either a table of salted and hashed passwords (using something | ||
| 23 | -- smart like scrypt), or replace this table lookup with an external support, | ||
| 24 | -- such as consulting your system's pam / shadow system, or an external | ||
| 25 | -- database, or an external validating web service. For testing, or for | ||
| 26 | -- extremely low-security usage, you may be able, however, to get away with | ||
| 27 | -- compromising on hardcoding the passwords in cleartext, as we have done here. | ||
| 20 | local users = { | 28 | local users = { |
| 21 | jason = "secretpassword", | 29 | jason = "secretpassword", |
| 22 | laurent = "s3cr3t", | 30 | laurent = "s3cr3t", |
| 23 | bob = "ilikelua" | 31 | bob = "ilikelua" |
| 24 | } | 32 | } |
| 25 | 33 | ||
| 34 | -- All cookies will be authenticated based on this secret. Make it something | ||
| 35 | -- totally random and impossible to guess. It should be large. | ||
| 26 | local secret = "BE SURE TO CUSTOMIZE THIS STRING TO SOMETHING BIG AND RANDOM" | 36 | local secret = "BE SURE TO CUSTOMIZE THIS STRING TO SOMETHING BIG AND RANDOM" |
| 27 | 37 | ||
| 28 | 38 | ||