1.4.1. www_authorize(realm, table)
The function verifies credentials
according to RFC2617. If the
credentials are verified successfully then the function will succeed and mark
the credentials as authorized (marked credentials can be later used by some
other functions). If the function was unable to verify the credentials for some
reason then it will fail and the script should call www_challenge
which will challenge the user again.
Meaning of the parameters is as
follows:
·
realm - Realm is a opaque string that the user agent
should present to the user so he can decide what username and password to use.
Usually this is domain of the host the server is running on.
If an empty string "" is
used then the server will generate it from the request. In case of REGISTER
requests To header field domain will be used (because
this header field represents a user being registered), for all other messages
From header field domain will be used.
The string may contain pseudo
variables.
·
table - Table to be used to lookup usernames and
passwords (usually subscribers table).
This function can be used from
REQUEST_ROUTE.
Example 1-9. www_authorize usage
...
if (www_authorize("siphub.net",
"subscriber")) {
www_challenge("siphub.net",
"1");
};
...
http://www.openser.org/docs/modules/1.2.x/auth_db.html#AEN170