summaryrefslogtreecommitdiff
path: root/IkiWiki/Plugin/httpauth.pm
blob: 478f6744656f5bdbd4baa00f79cadb9a74ebd255 (plain)
  1. #!/usr/bin/perl
  2. # HTTP basic auth plugin.
  3. package IkiWiki::Plugin::httpauth;
  4. use warnings;
  5. use strict;
  6. use IkiWiki 3.00;
  7. sub import {
  8. hook(type => "getsetup", id => "httpauth", call => \&getsetup);
  9. hook(type => "auth", id => "httpauth", call => \&auth);
  10. hook(type => "formbuilder_setup", id => "httpauth",
  11. call => \&formbuilder_setup);
  12. hook(type => "canedit", id => "httpauth", call => \&canedit,
  13. first => 1);
  14. }
  15. sub getsetup () {
  16. return
  17. plugin => {
  18. safe => 1,
  19. rebuild => 0,
  20. section => "auth",
  21. },
  22. cgiauthurl => {
  23. type => "string",
  24. example => "http://example.com/wiki/auth/ikiwiki.cgi",
  25. description => "url to redirect to when authentication is needed",
  26. safe => 1,
  27. rebuild => 0,
  28. },
  29. httpauth_pagespec => {
  30. type => "pagespec",
  31. example => "!*/Discussion",
  32. description => "PageSpec of pages where only httpauth will be used for authentication",
  33. safe => 0,
  34. rebuild => 0,
  35. },
  36. }
  37. sub redir_cgiauthurl ($;@) {
  38. my $cgi=shift;
  39. IkiWiki::redirect($cgi,
  40. @_ > 1 ? IkiWiki::cgiurl(cgiurl => $config{cgiauthurl}, @_)
  41. : $config{cgiauthurl}."?@_"
  42. );
  43. exit;
  44. }
  45. sub auth ($$) {
  46. my $cgi=shift;
  47. my $session=shift;
  48. if (defined $cgi->remote_user()) {
  49. $session->param("name", $cgi->remote_user());
  50. }
  51. }
  52. sub formbuilder_setup (@) {
  53. my %params=@_;
  54. my $form=$params{form};
  55. my $session=$params{session};
  56. my $cgi=$params{cgi};
  57. my $buttons=$params{buttons};
  58. if ($form->title eq "signin" &&
  59. ! defined $cgi->remote_user() && defined $config{cgiauthurl}) {
  60. my $button_text="Login with HTTP auth";
  61. push @$buttons, $button_text;
  62. if ($form->submitted && $form->submitted eq $button_text) {
  63. # bounce thru cgiauthurl and then back to
  64. # the stored postsignin action
  65. redir_cgiauthurl($cgi, do => "postsignin");
  66. }
  67. }
  68. }
  69. sub test_httpauth_pagespec ($) {
  70. my $page=shift;
  71. return (
  72. );
  73. }
  74. sub canedit ($$$) {
  75. my $page=shift;
  76. my $cgi=shift;
  77. my $session=shift;
  78. if (! defined $cgi->remote_user() &&
  79. defined $config{httpauth_pagespec} &&
  80. length $config{httpauth_pagespec} &&
  81. defined $config{cgiauthurl} &&
  82. pagespec_match($page, $config{httpauth_pagespec})) {
  83. return sub {
  84. # bounce thru cgiauthurl and back to edit action
  85. redir_cgiauthurl($cgi, $cgi->query_string());
  86. };
  87. }
  88. else {
  89. return undef;
  90. }
  91. }
  92. 1