Skip to content

Instantly share code, notes, and snippets.

@dergraf
Last active August 28, 2018 07:46
Show Gist options
  • Save dergraf/e1149165832804c84ff875218f28852f to your computer and use it in GitHub Desktop.
Save dergraf/e1149165832804c84ff875218f28852f to your computer and use it in GitHub Desktop.
require "auth/auth_commons"
-- In order to use this Lua plugin your webhook must return a JSON Object containing
-- the following properties:
--
-- - passhash: STRING (bcrypt)
-- - publish_acl: [ACL] (Array of ACL JSON Objects)
-- - subscribe_acl: [ACL] (Array of ACL JSON Objects)
--
-- The JSON array passed as publish/subscribe ACL contains the ACL objects topic
-- for this particular user. MQTT wildcards as well as the variable
-- substitution for %m (mountpoint), %c (client_id), %u (username) are allowed
-- inside a pattern.
--
-- IF YOU USE THE KEY/VALUE SCHEMA PROVIDED ABOVE NOTHING HAS TO BE CHANGED
-- IN THE FOLLOWING SCRIPT.
URL = "http://localhost:8080/vernemq_auth"
function auth_on_register(reg)
if reg.username ~= nil and reg.password ~= nil then
key = json.encode({reg.mountpoint, reg.client_id, reg.username})
ret = http.post(pool, URL, key, {x_post_header = "X-POST-HEADER"})
if ret.status and ret.ref then
body = http.body(ret.ref)
json = json.decode(body)
if json.passhash == bcrypt.hashpw(reg.password, json.passhash) then
cache_insert(
reg.mountpoint,
reg.client_id,
reg.username,
json.publish_acl,
json.subscribe_acl
)
return true
end
end
end
return false
end
pool = "auth_http"
config = {
pool_id = pool
}
http.ensure_pool(config)
hooks = {
auth_on_register = auth_on_register,
auth_on_publish = auth_on_publish,
auth_on_subscribe = auth_on_subscribe,
on_unsubscribe = on_unsubscribe,
on_client_gone = on_client_gone,
on_client_offline = on_client_offline
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment