git.oblomov.eu Git - ikiwiki/blob - IkiWiki/Plugin/httpauth.pm

   1 #!/usr/bin/perl
   2 # HTTP basic auth plugin.
   3 package IkiWiki::Plugin::httpauth;
   4
   5 use warnings;
   6 use strict;
   7 use IkiWiki 3.00;
   8
   9 sub import {
  10         hook(type => "getsetup", id => "httpauth", call => \&getsetup);
  11         hook(type => "auth", id => "httpauth", call => \&auth);
  12         hook(type => "formbuilder_setup", id => "httpauth",
  13                 call => \&formbuilder_setup);
  14         hook(type => "canedit", id => "httpauth", call => \&canedit,
  15                 first => 1);
  16 }
  17
  18 sub getsetup () {
  19         return
  20                 plugin => {
  21                         safe => 1,
  22                         rebuild => 0,
  23                 },
  24                 cgiauthurl => {
  25                         type => "string",
  26                         example => "http://example.com/wiki/auth/ikiwiki.cgi",
  27                         description => "url to redirect to when authentication is needed",
  28                         safe => 1,
  29                         rebuild => 0,
  30                 },
  31                 httpauth_pagespec => {
  32                         type => "pagespec",
  33                         example => "!*/Discussion",
  34                         description => "PageSpec of pages where only httpauth will be used for authentication",
  35                         safe => 0,
  36                         rebuild => 0,
  37                 },
  38 }
  39
  40 sub redir_cgiauthurl ($;@) {
  41         my $cgi=shift;
  42
  43         IkiWiki::redirect($cgi,
  44                 @_ > 1 ? IkiWiki::cgiurl(cgiurl => $config{cgiauthurl}, @_)
  45                        : $config{cgiauthurl}."?@_"
  46         );
  47         exit;
  48 }
  49
  50 sub auth ($$) {
  51         my $cgi=shift;
  52         my $session=shift;
  53
  54         if (defined $cgi->remote_user()) {
  55                 $session->param("name", $cgi->remote_user());
  56         }
  57 }
  58
  59 sub formbuilder_setup (@) {
  60         my %params=@_;
  61
  62         my $form=$params{form};
  63         my $session=$params{session};
  64         my $cgi=$params{cgi};
  65         my $buttons=$params{buttons};
  66
  67         if ($form->title eq "signin" &&
  68             ! defined $cgi->remote_user() && defined $config{cgiauthurl}) {
  69                 my $button_text="Login with HTTP auth";
  70                 push @$buttons, $button_text;
  71
  72                 if ($form->submitted && $form->submitted eq $button_text) {
  73                         # bounce thru cgiauthurl and then back to
  74                         # the stored postsignin action
  75                         redir_cgiauthurl($cgi, do => "postsignin");
  76                 }
  77         }
  78 }
  79
  80 sub test_httpauth_pagespec ($) {
  81         my $page=shift;
  82
  83         return (
  84        );
  85 }
  86
  87 sub canedit ($$$) {
  88         my $page=shift;
  89         my $cgi=shift;
  90         my $session=shift;
  91
  92         if (! defined $cgi->remote_user() &&
  93             defined $config{httpauth_pagespec} &&
  94             length $config{httpauth_pagespec} &&
  95             defined $config{cgiauthurl} &&
  96             pagespec_match($page, $config{httpauth_pagespec})) {
  97                 return sub {
  98                         # bounce thru cgiauthurl and back to edit action
  99                         redir_cgiauthurl($cgi, $cgi->query_string());
 100                 };
 101         }
 102         else {
 103                 return undef;
 104         }
 105 }
 106
 107 1