x.auth - Authentication Hooks
tThe table passed in each authentication hook, a table is passed to the function:
| Key | Type | Description |
|---|---|---|
t.server |
string | Name of the service. ftp, tcp, web, ppp, passthru |
t.channel |
integer/nil | The channel number (if appropriate) |
t.username |
string | Username string |
t.hash |
string | SHA-1 hash of password (or nil for PPP) |
t.interface |
string | ppp0s, et0, lo0 |
t.modem |
boolean/nil | true or nil |
t.pppuser |
string | nil or true |
t.peer |
string | nil or IP address |
x.auth.ftp = function(t)
x.auth.tcp = function(t)
x.auth.passthru = function(t)
x.auth.web = function(t)
Called every time an authentication is performed for the particular service. Called before any reference to RADIUS, the function is passed a Lua table.
The return values signal to the ip.buffer what to do with this authentication request:
| Return Type | Value | Description |
|---|---|---|
nil |
continue as before (use RADIUS or Local as programmed) | |
| integer | -1 |
Timeout simulated. Fall back to local |
| integer | 0 |
Reject request |
| integer | 1-4 |
Accept for channel 1 to 4 |
| string | 'R' |
Fallback to RADIUS |
| string | 'B' |
Fallback to Both – RADIUS & Local |
| string | 'T' |
Fallback to RADIUS and Local on Timeout |
| string | 'L' |
Fallback to Local |
x.auth.ppp = function(table)
Called when a PPP user is authenticated.
The table structure is #Authentication table t.
| Return Type | Value | Description |
|---|---|---|
nil |
continue as before (Lua function has no view on this user) | |
| boolean | false |
deny user |
| string | Secret Store keyname to use as the PPP password for the given username. | |
nil, string |
absolute password to compare for the given username |