auth: add basic authentication filter framework

This leverages the new lua support. See
filters/simple-authentication.lua for explaination of how this works.
There is also additional documentation in cgitrc.5.txt.

Though this is a cookie-based approach, cgit's caching mechanism is
preserved for authenticated pages.

Very plugable and extendable depending on user needs.

The sample script uses an HMAC-SHA1 based cookie to store the
currently logged in user, with an expiration date.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

1 files changed, 11 insertions, 0 deletions

diff --git a/filter.c b/filter.c
index 0cce7bb..a5e5e4b 100644
--- a/filter.c
+++ b/filter.c
@@ -244,6 +244,11 @@ static int html_url_arg_lua_filter(lua_State *lua_state)
 	return hook_lua_filter(lua_state, html_url_arg);
 }
 
+static int html_include_lua_filter(lua_State *lua_state)
+{
+	return hook_lua_filter(lua_state, (void (*)(const char *))html_include);
+}
+
 static void cleanup_lua_filter(struct cgit_filter *base)
 {
 	struct lua_filter *filter = (struct lua_filter *)base;
@@ -279,6 +284,8 @@ static int init_lua_filter(struct lua_filter *filter)
 	lua_setglobal(filter->lua_state, "html_url_path");
 	lua_pushcfunction(filter->lua_state, html_url_arg_lua_filter);
 	lua_setglobal(filter->lua_state, "html_url_arg");
+	lua_pushcfunction(filter->lua_state, html_include_lua_filter);
+	lua_setglobal(filter->lua_state, "html_include");
 
 	if (luaL_dofile(filter->lua_state, filter->script_file)) {
 		error_lua_filter(filter);
@@ -409,6 +416,10 @@ struct cgit_filter *cgit_new_filter(const char *cmd, filter_type filtertype)
 		colon = NULL;
 
 	switch (filtertype) {
+		case AUTH:
+			argument_count = 11;
+			break;
+
 		case EMAIL:
 			argument_count = 2;
 			break;