2021-12-20 10:27:29 +00:00
|
|
|
local _M = {}
|
|
|
|
|
|
2022-04-01 14:14:55 +00:00
|
|
|
local ngx_base64 = require("ngx.base64")
|
|
|
|
|
local utils = require("utils")
|
|
|
|
|
|
2021-12-20 10:27:29 +00:00
|
|
|
function _M.authorization_header()
|
2022-01-19 14:35:18 +00:00
|
|
|
-- read api password from env variable
|
2022-04-01 14:14:55 +00:00
|
|
|
local apipassword = utils.getenv("SIA_API_PASSWORD")
|
2022-01-19 14:35:18 +00:00
|
|
|
-- if api password is not available as env variable, read it from disk
|
2022-04-01 14:14:55 +00:00
|
|
|
if not apipassword then
|
2022-01-19 14:35:18 +00:00
|
|
|
-- open apipassword file for reading (b flag is required for some reason)
|
|
|
|
|
-- (file /etc/.sia/apipassword has to be mounted from the host system)
|
|
|
|
|
local apipassword_file = io.open("/data/sia/apipassword", "rb")
|
2022-04-01 14:14:55 +00:00
|
|
|
-- make sure to throw a meaningful error if apipassword file does not exist
|
|
|
|
|
if not apipassword_file then
|
|
|
|
|
error("Error reading /data/sia/apipassword file")
|
|
|
|
|
end
|
2022-01-19 14:35:18 +00:00
|
|
|
-- read apipassword file contents and trim newline (important)
|
|
|
|
|
apipassword = apipassword_file:read("*all"):gsub("%s+", "")
|
|
|
|
|
-- make sure to close file after reading the password
|
|
|
|
|
apipassword_file.close()
|
|
|
|
|
end
|
2021-12-20 10:27:29 +00:00
|
|
|
-- encode the user:password authorization string
|
|
|
|
|
-- (in our case user is empty so it is just :password)
|
2022-04-01 14:14:55 +00:00
|
|
|
local content = ngx_base64.encode_base64url(":" .. apipassword)
|
2021-12-20 10:27:29 +00:00
|
|
|
-- set authorization header with proper base64 encoded string
|
|
|
|
|
return "Basic " .. content
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
return _M
|
