[99s-extend] cowboy client cert auth, basic auth
Daniel Goertzen
daniel.goertzen at gmail.com
Thu Jun 5 23:01:12 CEST 2014
But then I would have to check the client cert for each and every request.
I should have to check the cert only once at connect time and then be able
to pass the result of that check in the request to each handler.
Anyway I've gone ahead and implemented what I need in a generic manner and
it seems to work well. I think it would be a useful addition to Cowboy.
If you agree I could write some more documentation for it.
https://github.com/goertzenator/cowboy/tree/onconnect
I added a "onconnect" hook and "connection metadata" to cowboy_req. The
connection metadata works like existing metadata, but is preserved from
request to request on the same connection. The onconnect hook provides
initial values for the connection metadata.
Dan.
On Thu, Jun 5, 2014 at 3:04 AM, Loïc Hoguin <essen at ninenines.eu> wrote:
> On 06/05/2014 01:44 AM, Daniel Goertzen wrote:
>
>>
>>
>>
>> On Wed, Jun 4, 2014 at 4:48 PM, Loïc Hoguin <essen at ninenines.eu
>> <mailto:essen at ninenines.eu>> wrote:
>>
>> On 06/04/2014 10:08 PM, Daniel Goertzen wrote:
>>
>> I am having very good luck with Cowboy so far, but I have some
>> questions:
>>
>> 1. There doesn't appear to be any way to do client certificate
>> authorization in Cowboy, although I see there is an example for
>> doing
>> exactly that with Ranch. I think I could modify Cowboy to do
>> what I
>> want, but I thought I would ask if there were other options
>> before doing
>> that.
>>
>>
>> Same as Ranch really, you just gotta take the socket and then call
>> the ssl functions.
>>
>>
>> Yes, but in cowboy there's no API to get at the socket.
>>
>
> There is the undocumented function cowboy_req:get/1 which is meant for
> that kind of "special" use.
>
>
> --
> Loïc Hoguin
> http://ninenines.eu
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ninenines.eu/archives/extend/attachments/20140605/3ba15fb3/attachment.html>
More information about the Extend
mailing list