Mercurial > prosody-hg
comparison plugins/mod_http_file_share.lua @ 11336:b05331cff47a
mod_http_file_share: Indicate missing token via WWW-Authenticate header
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 29 Jan 2021 15:34:36 +0100 |
| parents | b7acab5e7f57 |
| children | f125ac529c22 |
comparison
equal
deleted
inserted
replaced
| 11335:b7acab5e7f57 | 11336:b05331cff47a |
|---|---|
| 160 if authz then | 160 if authz then |
| 161 authz = authz:match("^Bearer (.*)") | 161 authz = authz:match("^Bearer (.*)") |
| 162 end | 162 end |
| 163 if not authz then | 163 if not authz then |
| 164 module:log("debug", "Missing or malformed Authorization header"); | 164 module:log("debug", "Missing or malformed Authorization header"); |
| 165 event.response.headers.www_authenticate = "Bearer"; | |
| 165 return 403; | 166 return 403; |
| 166 end | 167 end |
| 167 local authed, upload_info = jwt.verify(secret, authz); | 168 local authed, upload_info = jwt.verify(secret, authz); |
| 168 if not (authed and type(upload_info) == "table" and type(upload_info.exp) == "number") then | 169 if not (authed and type(upload_info) == "table" and type(upload_info.exp) == "number") then |
| 169 module:log("debug", "Unauthorized or invalid token: %s, %q", authed, upload_info); | 170 module:log("debug", "Unauthorized or invalid token: %s, %q", authed, upload_info); |
