simple-sso/src/ssso_sessions.lua

local crypto = require("ssso_crypto")
local login  = require("ssso_login")
local nginx  = require("ssso_nginx")

local function get_session()
  local profile, jws, tslimit
  local user, password = nginx.get_basic_auth()

  if user and password then
    profile = login.check_credentials_and_get_profile(user, password)
    if profile then
      jws, tslimit = crypto.get_jws_and_tslimit(profile)
    end
  end

  if not profile then
    local cookie = nginx.get_jws_cookie()
    if not cookie or cookie == "" then
      return nil, 401
    end
    profile, jws, tslimit = crypto.get_profile_and_new_jws(cookie)
  end

  if profile then
    nginx.set_jws_cookie(jws, tslimit)
    return profile, 200
  else
    return nil, 403
  end
end


return {
  get_session = get_session,
}
minimum: login, portal, redirects; todo: refactor, quality, security review 2021-08-09 17:43:42 +02:00			`local crypto = require("ssso_crypto")`
HTTP basic auth 2021-09-02 22:58:01 +02:00			`local login = require("ssso_login")`
minimum: login, portal, redirects; todo: refactor, quality, security review 2021-08-09 17:43:42 +02:00			`local nginx = require("ssso_nginx")`

			`local function get_session()`
refactor: use OOP where appropriate 2021-10-02 23:45:31 +02:00			`local profile, jws, tslimit`
HTTP basic auth 2021-09-02 22:58:01 +02:00			`local user, password = nginx.get_basic_auth()`
minimum: login, portal, redirects; todo: refactor, quality, security review 2021-08-09 17:43:42 +02:00
HTTP basic auth 2021-09-02 22:58:01 +02:00			`if user and password then`
refactor: use OOP where appropriate 2021-10-02 23:45:31 +02:00			`profile = login.check_credentials_and_get_profile(user, password)`
			`if profile then`
			`jws, tslimit = crypto.get_jws_and_tslimit(profile)`
HTTP basic auth 2021-09-02 22:58:01 +02:00			`end`
minimum: login, portal, redirects; todo: refactor, quality, security review 2021-08-09 17:43:42 +02:00			`end`

refactor: use OOP where appropriate 2021-10-02 23:45:31 +02:00			`if not profile then`
HTTP basic auth 2021-09-02 22:58:01 +02:00			`local cookie = nginx.get_jws_cookie()`
			`if not cookie or cookie == "" then`
			`return nil, 401`
			`end`
refactor: use OOP where appropriate 2021-10-02 23:45:31 +02:00			`profile, jws, tslimit = crypto.get_profile_and_new_jws(cookie)`
HTTP basic auth 2021-09-02 22:58:01 +02:00			`end`
minimum: login, portal, redirects; todo: refactor, quality, security review 2021-08-09 17:43:42 +02:00
refactor: use OOP where appropriate 2021-10-02 23:45:31 +02:00			`if profile then`
minimum: login, portal, redirects; todo: refactor, quality, security review 2021-08-09 17:43:42 +02:00			`nginx.set_jws_cookie(jws, tslimit)`
refactor: use OOP where appropriate 2021-10-02 23:45:31 +02:00			`return profile, 200`
minimum: login, portal, redirects; todo: refactor, quality, security review 2021-08-09 17:43:42 +02:00			`else`
			`return nil, 403`
			`end`
			`end`


			`return {`
			`get_session = get_session,`
			`}`