diff options
author | Jason A. Donenfeld | 2014-01-17 15:34:44 +0100 |
---|---|---|
committer | Jason A. Donenfeld | 2014-01-17 15:34:44 +0100 |
commit | 9dde6d38e9fc273fc62386eeda0da2e89a2cebfc (patch) | |
tree | 232438307d7b5aac900f2388f4136039840c27d2 | |
parent | a2b6b3717567a5b57a19d19ed89af324296f39a9 (diff) | |
download | cgit-9dde6d38e9fc273fc62386eeda0da2e89a2cebfc.tar.gz |
auth: document tweakables in lua script
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
-rw-r--r-- | filters/simple-authentication.lua | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/filters/simple-authentication.lua b/filters/simple-authentication.lua index 9291302..230d3a3 100644 --- a/filters/simple-authentication.lua +++ b/filters/simple-authentication.lua @@ -12,17 +12,27 @@ -- -- +-- A list of password protected repositories along with the users who can access them. local protected_repos = { glouglou = { laurent = true, jason = true }, qt = { jason = true, bob = true } } +-- Please note that, in production, you'll want to replace this simple lookup +-- table with either a table of salted and hashed passwords (using something +-- smart like scrypt), or replace this table lookup with an external support, +-- such as consulting your system's pam / shadow system, or an external +-- database, or an external validating web service. For testing, or for +-- extremely low-security usage, you may be able, however, to get away with +-- compromising on hardcoding the passwords in cleartext, as we have done here. local users = { jason = "secretpassword", laurent = "s3cr3t", bob = "ilikelua" } +-- All cookies will be authenticated based on this secret. Make it something +-- totally random and impossible to guess. It should be large. local secret = "BE SURE TO CUSTOMIZE THIS STRING TO SOMETHING BIG AND RANDOM" |