[Solved] Cookie authentication to directory
I have a requirement to assign a cookie for authentication AuthCookie(). I would like to protect a normal static page directory with this method. I was thinking about modifying mod_auth to support a new "cookie" method or I could create a new plugin.
the cookie method would create a cookie that has the form cookie_name=hex(hash[0:31])DATA
where hash is md5/sha256(secret+DATA)
if valid store DATA in an environ variable
How do you store a variable into the environment?
(auth/cookie).require = ( "/directory" =>
...."method" => "cookie",
...."realm" => "download archiv",
...."require" => "valid-user" # valid cookie
...."secret" => "secret"
...."name" => "cookie_name"
This is the last thing I need to get working before I can switch from apache to lighttpd.
RE: Cookie authentication to directory - Added by stbuehler about 8 years ago
I recommend using mod_magnet for this (lighty.request contains the request headers)
RE: [Solved] Cookie authentication to directory - Added by gstrauss 7 months ago
You can use mod_magnet and some custom lua code.
You can use mod_fastcgi with a custom FastCGI authorizer.
You could write an mod_authn_cookie module which plugs into mod_auth Docs_ModAuth.