HTTP authorization support

lpereira / lwan

Experimental, scalable, high performance HTTP server

https://lwan.ws

GNU General Public License v2.0

5.92k stars 549 forks source link

HTTP authorization support #22

Closed lpereira closed 10 years ago

lpereira commented 10 years ago

Mechanism is working for Basic auth; need a way to store username/passwords

lpereira commented 10 years ago

There's a proof of concept code for the configuration syntax in the authorization-from-file branch. The code there is sub-optimal, as it opens a file, scans it until it finds a username/password match, then close it -- for every request.

lpereira commented 10 years ago

Implemented on HEAD. File can be specified in lwan.conf and its contents are cached for a minute. Still need to store the password in memory using a safer approach (likely hashing); left a FIXME for that.