Mercurial Mercurial > prosody > prosody / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_file_share: Strip authorization type prefix a bit earlier
authorKim Alvefur <zash@zash.se>
Wed, 27 Jan 2021 18:26:24 +0100
changeset 11330 1ecda954fe97
parent 11329 76fc73d39092
child 11331 6f2b69469060
mod_http_file_share: Strip authorization type prefix a bit earlier
plugins/mod_http_file_share.lua file | annotate | diff | comparison | revisions 
--- a/plugins/mod_http_file_share.lua	Wed Jan 27 18:13:15 2021 +0100
+++ b/plugins/mod_http_file_share.lua	Wed Jan 27 18:26:24 2021 +0100
@@ -152,11 +152,14 @@
 function handle_upload(event, path) -- PUT /upload/:slot
 	local request = event.request;
 	local authz = request.headers.authorization;
-	if not authz or not authz:find"^Bearer ." then
+	if authz then
+		authz = authz:match("^Bearer (.*)")
+	end
+	if not authz then
 		module:log("debug", "Missing Authorization");
 		return 403;
 	end
-	local authed, upload_info = jwt.verify(secret, authz:match("^Bearer (.*)"));
+	local authed, upload_info = jwt.verify(secret, authz);
 	if not (authed and type(upload_info) == "table" and type(upload_info.exp) == "number") then
 		module:log("debug", "Unauthorized or invalid token: %s, %q", authed, upload_info);
 		return 401;
prosody