# HG changeset patch # User Matthew Wild # Date 1687465896 -3600 # Node ID b284dc4816cdaa486385f062b77d5b5e6a16cd5e # Parent 68a0c983bf49502856a14a564a20fffebf6ee6b2 web: Add a few new helper functions diff -r 68a0c983bf49 -r b284dc4816cd src/web/web.lua --- a/src/web/web.lua Thu Jun 22 21:30:40 2023 +0100 +++ b/src/web/web.lua Thu Jun 22 21:31:36 2023 +0100 @@ -55,6 +55,11 @@ return post_body; end +local function parse_query(request) + local q = request.url.query; + return q and http_util.formdecode(q) or nil; +end + -- Cookies local function add_header(headers, header, value) @@ -73,6 +78,21 @@ end end +local response_mt = {}; + +local function redirect(to, code) + return setmetatable({ + status_code = code or 303; + headers = { + Location = to; + } + }, response_mt); +end + +local function is_response(obj) + return getmetatable(obj) == response_mt; +end + local function set_cookie(headers, cookie, opts) if opts then local params = {""}; @@ -97,12 +117,30 @@ prefix_header(headers, "set_cookie", cookie); end +local function set_auth_cookie(username, response, secret) + local expires = config.cookie_ttl or 604800; + local cookie = usercookie.generate(username, os.time()+expires, secret); + cookie = "__Host-auth=".. cookie .. "; Path="..config.base_path + .."; Max-Age="..tostring(expires).."; Secure; HttpOnly"; + return set_cookie(response.headers, cookie); +end + +local function verify_auth_cookie(request, secret) + unpack_cookies(request); + request.cookies.auth = usercookie.verify(request.cookies["__Host-auth"], secret); +end + return { unpack_cookies = unpack_cookies; validate_csrf = validate_csrf; parse_body_and_csrf = parse_body_and_csrf; parse_body = parse_body; + parse_query = parse_query; add_header = add_header; prefix_header = prefix_header; + redirect = redirect; set_cookie = set_cookie; + set_auth_cookie = set_auth_cookie; + verify_auth_cookie = verify_auth_cookie; + is_response = is_response; };