Form Authentication with class-lists

mischa

If you want to use aFleX for Authentication and have an external store for users.

class-list passwords string str user1 d154c51df37bd33b29cec5aa51efd29f5a6a6f1e !

when RULE_INIT { set ::AUTHENTICATED "no" set ::FORM_CONTENT "AuthenticationPlease AuthenticateUsername:Password: " } when HTTP_REQUEST { set client_ip [IP::client_addr] set persist_entry [persist lookup uie $client_ip] if { [HTTP::method] eq "POST" and $persist_entry eq "" } { HTTP::collect } elseif { [HTTP::method] ne "POST" and $persist_entry eq "" } { HTTP::respond 200 content $::FORM_CONTENT } } when HTTP_REQUEST_DATA { set client_ip [IP::client_addr] if { [HTTP::method] eq "POST" } { log "PAYLOAD: [HTTP::payload]" set auth_string [HTTP::payload] regexp -nocase {form_username=(.*)&form_password=(.*)} $auth_string matchall auth_user auth_passwd_clear if { [CLASS::match $auth_user equals passwords] } { set stored_passwd [CLASS::match $auth_user equals passwords value] set auth_passwd_sha1 [sha1 $auth_passwd_clear] binary scan $auth_passwd_sha1 H* auth_passwd if { $auth_passwd eq $stored_passwd } { set ::AUTHENTICATED "yes" } else { HTTP::respond 200 content $::FORM_CONTENT } } else { HTTP::respond 200 content $::FORM_CONTENT } } else { HTTP::respond 200 content $::FORM_CONTENT } } when HTTP_RESPONSE { if { $::AUTHENTICATED eq "yes" } { persist add uie { $client_ip } 600 } }

mischa

The FORM_CONTENT is not correctly formatted. The complete version can be found at http://high5.nl/paste/view/41415364

mischa

File attached.