The legacy RPC module authentication fixup was improperly ported into the
Lua dispatcher stub module, rendering legacy RPC authentication broken.
Additionally, the split of the former `sysauth` cookie into `sysauth_http`
and `sysauth_https` ones was also imposed upon the RPC module, without
leaving the option to use just `sysauth` in place, so allow this cookie
name again for the legacy RPC logins.
Fixes: #6333
Fixes: e1932592c3 ("luci-base: use different cookie names for HTTP and HTTPS")
Fixes: ded8ccf93e ("luci-base-ucode: add initial ucode based LuCI runtime")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
login = true,
methods = { "cookie:sysauth_https", "cookie:sysauth_http" }
}
- elseif subname == "rpc" and entry.module == "luci.controller.rpc" then
+ elseif path == "rpc" and modname == "luci.controller.rpc" then
entry.auth = {
login = false,
- methods = { "query:auth", "cookie:sysauth_https", "cookie:sysauth_http" }
+ methods = { "query:auth", "cookie:sysauth_https", "cookie:sysauth_http", "cookie:sysauth" }
}
- elseif entry.module == "luci.controller.admin.uci" then
+ elseif modname == "luci.controller.admin.uci" then
entry.auth = {
login = false,
methods = { "param:sid" }
projects / project / luci.git / commitdiff