aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/filters/simple-authentication.lua
Commit message (Collapse)AuthorAge
* simple-authentication: styleJason A. Donenfeld2014-01-23
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth: document tweakables in lua scriptJason A. Donenfeld2014-01-17
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth: have cgit calculate login addressJason A. Donenfeld2014-01-16
| | | | | | | This way we're sure to use virtual root, or any other strangeness encountered. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth: lua string comparisons are time invariantJason A. Donenfeld2014-01-16
| | | | | | By default, strings are compared by hash, so we can remove this comment. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* authentication: use hidden form instead of refererJason A. Donenfeld2014-01-16
| | | | | | | This also gives us some CSRF protection. Note that we make use of the hmac to protect the redirect value. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth: add basic authentication filter frameworkJason A. Donenfeld2014-01-16
This leverages the new lua support. See filters/simple-authentication.lua for explaination of how this works. There is also additional documentation in cgitrc.5.txt. Though this is a cookie-based approach, cgit's caching mechanism is preserved for authenticated pages. Very plugable and extendable depending on user needs. The sample script uses an HMAC-SHA1 based cookie to store the currently logged in user, with an expiration date. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-01-08 14:57:42 +0000
.highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */ .highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */ .highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */ .highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */ .highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */ .highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */ .highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */ .highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */ .highlight .vc { color: #336699 } /* Name.Variable.Class */ .highlight .vg { color: #dd7700 } /* Name.Variable.Global */ .highlight .vi { color: #3333bb } /* Name.Variable.Instance */ .highlight .vm { color: #336699 } /* Name.Variable.Magic */ .highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */
#!/bin/sh

. ./setup.sh

prepare_tests "Check content on tree page"

run_test 'generate bar/tree' 'cgit_url "bar/tree" >trash/tmp'
run_test 'find file-1' 'grep -e "file-1" trash/tmp'
run_test 'find file-50' 'grep -e "file-50" trash/tmp'

run_test 'generate bar/tree/file-50' 'cgit_url "bar/tree/file-50" >trash/tmp'

run_test 'find line 1' '
	grep -e "<a class=.no. id=.n1. name=.n1. href=.#n1.>1</a>" trash/tmp
'

run_test 'no line 2' '
	! grep -e "<a class=.no. id=.n2. name=.n2. href=.#n2.>2</a>" trash/tmp
'

run_test 'generate foo+bar/tree' 'cgit_url "foo%2bbar/tree" >trash/tmp'

run_test 'verify a+b link' '
	grep -e "/foo+bar/tree/a+b" trash/tmp
'

run_test 'generate foo+bar/tree?h=1+2' 'cgit_url "foo%2bbar/tree&h=1%2b2" >trash/tmp'

run_test 'verify a+b?h=1+2 link' '
	grep -e "/foo+bar/tree/a+b?h=1%2b2" trash/tmp
'

tests_done
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-01-08 14:57:42 +0000