Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
105 lines (95 sloc) 2.93 KB
local function sanitizer(str)
local utf8 = require 'lua-utf8'
str = utf8.gsub(str, "[<>\"'\n]+", "")
str = utf8.gsub(str, '&#(%d+);', function(n) return utf8.char(n) end)
str = utf8.gsub(str, '&#x(%d+);', function(n) return utf8.char(tonumber(n,16)) end)
str = utf8.gsub(str, "&+", "&amp;")
return str
end
local function redis_init()
local redis = require "resty.redis"
local redisObject, err = redis:new()
if redisObject == nil then
ngx.say("connection err", err)
return
end
local ok, err = redisObject:connect("127.0.0.1", 6379)
if not ok then
ngx.say("connection err", err)
return
end
return redisObject
end
local charset = {} do -- [0-9a-zA-Z]
for c = 48, 57 do table.insert(charset, string.char(c)) end
for c = 65, 90 do table.insert(charset, string.char(c)) end
for c = 97, 122 do table.insert(charset, string.char(c)) end
end
local function randomString(length)
local seed = 0
local seed_str = io.open('/dev/urandom', 'rb'):read(8)
for i = 1, 8 do
seed = seed + string.byte(seed_str, i)
end
math.randomseed(seed)
local out = ""
for i = 1, length do
out = out .. charset[math.random(1, #charset)]
end
return out
end
local function cookie_init()
local ck = require "resty.cookie"
local cookie, err = ck:new()
if err then
ngx.err("error")
end
return cookie
end
if ngx.req.get_method() == "GET" then
cookie = cookie_init()
redisObject = redis_init()
local sessid, err = cookie:get("sess")
if not sessid or redisObject:sismember("sess", sessid) ~= 1 then
sessid = randomString(32)
redisObject:sadd("sess", sessid)
local ok, err = cookie:set({
key = "sess", value = sessid, path = "/",
httponly = true,
max_age = 315360, samesite = "Strict"
})
end
ngx.say([[
<!DOCTYPE html>
<head><meta charset="UTF-8"><title>LuaChat</title></head>
<body>
<p>名前を入力してね!</p>
<form method="post" action="">
<input type="text" name="name">
<input type="hidden" name="sess" value="]] .. sessid .. [[">
<input type="submit">
</form>
]])
local names = redisObject:sinter("names")
for i = 1, #names do
ngx.say("<p>" .. names[i] .. "</p>")
end
ngx.say([[
</body>
</html>
]])
elseif ngx.req.get_method() == "POST" then
ngx.req.read_body()
local args, err = ngx.req.get_post_args()
local name = sanitizer(args["name"])
local sessid = args["sess"]
if name and sessid then
cookie = cookie_init()
local sessid_cookie, err = cookie:get("sess")
redisObject = redis_init()
if sessid_cookie == sessid and redisObject:sismember("sess", sessid) == 1 then
redisObject:sadd("names", name)
end
end
return ngx.redirect("/")
end