--- a/mod_http_admin_api/mod_http_admin_api.lua Tue Mar 28 12:43:05 2023 +0100
+++ b/mod_http_admin_api/mod_http_admin_api.lua Tue Mar 28 20:45:11 2023 +0200
@@ -48,6 +48,9 @@
event.response.headers.authorization = www_authenticate_header;
return false, 401;
end
+ -- FIXME this should probably live in mod_tokenauth or similar
+ session.type = "c2s";
+ session.full_jid = jid.join(session.username, session.host, session.resource);
event.session = session;
if not module:may(":access-admin-api", event) then
return false, 403;