4 local b64_decode
= require
"util.encodings".base64
.decode
;
5 local server
= require
"net.http.server";
7 local credentials
= module
:get_option_string("http_credentials", "username:secretpassword");
8 local unauthed_endpoints
= module
:get_option_set("unauthenticated_http_endpoints", { "/http-bind", "/http-bind/" })._items
;
10 module
:wrap_object_event(server
._events
, false, function (handlers
, event_name
, event_data
)
11 local request
= event_data
.request
;
12 if event_name
~= "http-error" and request
and not unauthed_endpoints
[request
.path
] then
13 local response
= event_data
.response
;
14 local headers
= request
.headers
;
15 if not headers
.authorization
then
16 response
.headers
.www_authenticate
= ("Basic realm=%q"):format(module
.host
.."/"..module
.name
);
19 local user_password
= b64_decode(headers
.authorization
:match("%s(%S*)$"));
20 if user_password
~= credentials
then
24 return handlers(event_name
, event_data
);