Mercurial Hosting > luan
annotate src/luan/host/Util.luan @ 1517:04615093b19d
use digest_message
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Tue, 09 Jun 2020 12:36:16 -0600 |
parents | 60f6741f000a |
children | f67f972bd648 |
rev | line source |
---|---|
1181
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
1 local Luan = require "luan:Luan.luan" |
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
2 local error = Luan.error |
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
3 local do_file = Luan.do_file or error() |
1210
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
4 local ipairs = Luan.ipairs or error() |
1190 | 5 local stringify = Luan.stringify or error() |
1181
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
6 local Io = require "luan:Io.luan" |
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
7 local String = require "luan:String.luan" |
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
8 local lower = String.lower or error() |
1210
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
9 local format = String.format or error() |
1517 | 10 local to_binary = String.to_binary or error() |
1210
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
11 local Binary = require "luan:Binary.luan" |
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
12 local bytes = Binary.byte or error() |
1472 | 13 local base64_encode = Binary.base64_encode or error() |
1517 | 14 local digest_message = Binary.digest_message or error() |
1418 | 15 local Hosted = require "luan:host/Hosted.luan" |
1394
8fe777ba5045
change postgres password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1384
diff
changeset
|
16 local Sql = require "luan:sql/Sql.luan" |
8fe777ba5045
change postgres password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1384
diff
changeset
|
17 local database = Sql.database or error() |
8fe777ba5045
change postgres password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1384
diff
changeset
|
18 local Logging = require "luan:logging/Logging.luan" |
8fe777ba5045
change postgres password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1384
diff
changeset
|
19 local logger = Logging.logger "Util" |
1181
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
20 |
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
21 |
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
22 local Util = {} |
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
23 |
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
24 function Util.read_password(domain) |
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
25 domain = lower(domain) |
1418 | 26 return do_file(Hosted.sites_dir..domain.."/info.luan").password or error() |
1181
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
27 end |
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
28 |
1210
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
29 local function basic_authentication(dir,password) |
1517 | 30 local sha1 = digest_message("SHA1",to_binary(password)) |
1472 | 31 local encoded = base64_encode(sha1) |
1382 | 32 local file = Io.schemes.file(dir.."/password.nginx") |
33 file.delete() | |
1384
f5368cd8c056
remove template expressions and String.concat
Franklin Schmidt <fschmidt@gmail.com>
parents:
1382
diff
changeset
|
34 file.write_text("admin:{SHA}"..encoded.."\n") |
1181
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
35 end |
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
36 |
1210
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
37 local function digest_authentication(dir,password) |
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
38 local s = "admin:Restricted:"..password |
1517 | 39 local md5 = digest_message("MD5",to_binary(s)) |
1210
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
40 md5 = {bytes(md5,1,#md5)} |
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
41 local encoded = "" |
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
42 for _, n in ipairs(md5) do |
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
43 encoded = encoded..format("%02x",n) |
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
44 end |
1382 | 45 local file = Io.schemes.file(dir.."/password.nginx") |
46 file.delete() | |
1384
f5368cd8c056
remove template expressions and String.concat
Franklin Schmidt <fschmidt@gmail.com>
parents:
1382
diff
changeset
|
47 file.write_text("admin:Restricted:"..encoded.."\n") |
1210
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
48 end |
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
49 |
1394
8fe777ba5045
change postgres password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1384
diff
changeset
|
50 function Util.set_password(domain,password) |
1418 | 51 local dir = Hosted.sites_dir..lower(domain) |
1382 | 52 local file = Io.schemes.file(dir.."/info.luan") |
53 file.delete() | |
1384
f5368cd8c056
remove template expressions and String.concat
Franklin Schmidt <fschmidt@gmail.com>
parents:
1382
diff
changeset
|
54 file.write_text("return "..stringify{password=password}.."\n") |
1210
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
55 digest_authentication(dir,password) |
1396
a5f61890ad84
add check_postgres_password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1394
diff
changeset
|
56 end |
1394
8fe777ba5045
change postgres password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1384
diff
changeset
|
57 |
1396
a5f61890ad84
add check_postgres_password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1394
diff
changeset
|
58 local fn = Luan.load_file("file:postgres.luan") or error() |
a5f61890ad84
add check_postgres_password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1394
diff
changeset
|
59 local pg_admin = fn() |
a5f61890ad84
add check_postgres_password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1394
diff
changeset
|
60 |
a5f61890ad84
add check_postgres_password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1394
diff
changeset
|
61 function Util.set_postgres_password(domain,password) |
a5f61890ad84
add check_postgres_password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1394
diff
changeset
|
62 if pg_admin == nil then |
1394
8fe777ba5045
change postgres password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1384
diff
changeset
|
63 return |
8fe777ba5045
change postgres password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1384
diff
changeset
|
64 end |
1396
a5f61890ad84
add check_postgres_password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1394
diff
changeset
|
65 local db = database(pg_admin) |
1407 | 66 local exists = db.query("select rolname from pg_roles where rolname=?",domain).results() ~= nil; |
1394
8fe777ba5045
change postgres password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1384
diff
changeset
|
67 --logger.info("exists "..exists) |
8fe777ba5045
change postgres password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1384
diff
changeset
|
68 if exists then |
8fe777ba5045
change postgres password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1384
diff
changeset
|
69 db.update( [[alter role "]]..domain..[[" with encrypted password ']]..password..[[']] ) |
8fe777ba5045
change postgres password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1384
diff
changeset
|
70 end |
8fe777ba5045
change postgres password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1384
diff
changeset
|
71 db.close() |
1210
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
72 end |
3db95cc00d09
luanhost - add digest authentication
Franklin Schmidt <fschmidt@gmail.com>
parents:
1190
diff
changeset
|
73 |
1396
a5f61890ad84
add check_postgres_password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1394
diff
changeset
|
74 function Util.check_postgres_password(domain,password) |
a5f61890ad84
add check_postgres_password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1394
diff
changeset
|
75 if pg_admin == nil then |
a5f61890ad84
add check_postgres_password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1394
diff
changeset
|
76 return |
a5f61890ad84
add check_postgres_password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1394
diff
changeset
|
77 end |
1416 | 78 local db = database(pg_admin) |
79 local exists = db.query("select rolname from pg_roles where rolname=?",domain).results() ~= nil; | |
1396
a5f61890ad84
add check_postgres_password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1394
diff
changeset
|
80 db.close() |
1416 | 81 if exists then |
82 db = database{ | |
83 class = "org.postgresql.Driver" | |
84 url = "jdbc:postgresql://localhost:5432/"..domain | |
85 user = domain | |
86 password = password | |
87 } | |
88 db.close() | |
89 end | |
1396
a5f61890ad84
add check_postgres_password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1394
diff
changeset
|
90 end |
a5f61890ad84
add check_postgres_password
Franklin Schmidt <fschmidt@gmail.com>
parents:
1394
diff
changeset
|
91 |
1181
51d1342e25ad
luanhost password handling
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
92 return Util |