Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ApacheHandlerSimple with documentation and helpers. #1

Open
wants to merge 3 commits into
base: master
from

Conversation

@studersi
Copy link

studersi commented Jan 10, 2020

It can be tricky to get started with the implementation of the Lua handler.

This pull request proposes a simple Apache httpd Lua handler that can be used out-of the box. Configuration is done directly in httpd.conf or apache2.con.
This pull request also adds a library for reading local files and documentation for the handler.

return result
else
r:err(string.format("[%s] Request handling not successful (denying access): error => %s", DEBUG_TAG, result))
return 400 -- Bad Request (something must be wrong with the request)

This comment has been minimized.

Copy link
@frwiqueueit

frwiqueueit Jan 10, 2020

Collaborator

In our sample code we return apache2.DECLINED in case of errors, so that request process handling can continue.
The argument goes "It's better to disable the queue if there is an error than disabling the entire site."

This comment has been minimized.

Copy link
@studersi

studersi Jan 10, 2020

Author

My thought was that if you find a way to trigger an error, then you can easily bypass the queue. So the application would be safe by default and only if you prove you have been through the queue are you allowed to access the application.

But I definitely see the appeal of making sure the application stays available. I have added a commit which adds a configuration item that allows the user to easily change the behaviour via the Apache configuration.

The default behaviour is to decline as before but by setting the env variable QUEUEIT_ERROR_CODE, an HTTP code can be used instead.

This comment has been minimized.

Copy link
@frwiqueueit

frwiqueueit Jan 15, 2020

Collaborator

Why I recommend the decline option is not because of a user sending a request that makes the code break, but that the provided config file is invalid.
If this is the case, then 400 BadRequest response is not optimal. But again it depends on your setup what is most important: "queue-it" or "site" should always work.

This comment has been minimized.

Copy link
@studersi

studersi Jan 15, 2020

Author

Yes, it really depends where the priorities lie. I think the changes I added take that into effect nicely. By default, apache2.DECLINED is returned. Then, the behaviour can be changed by setting an error code using the QUEUEIT_ERROR_CODE environment variable in httpd.conf.

@frwiqueueit

This comment has been minimized.

Copy link
Collaborator

frwiqueueit commented Jan 10, 2020

Thank you Simon for your effort. I'm sure this will be valuable for other users of this SDK.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.