add headers lua runtime support

com/Auth/DeleteUnit.lua

@@ -6,6 +6,9 @@ local log = require("internal.log")
 local session = require("internal.session")
 local crypt = require("internal.crypt.bcrypt")
 
+local params = session.request.params.get()
+local token = session.request.headers.get("x-session-token")
+
 local function close_db()
   if db then
     db:close()
@@ -22,20 +25,14 @@ local function error_response(message, code, data)
   close_db()
 end
 
-if not session.request.params then
+if not params then
   return error_response("no params provided")
 end
 
-if not session.request.params.token then
+if not (token and token == require("_config").token()) then
   return error_response("access denied")
 end
 
-if session.request.params.token ~= require("_config").token() then
-  return error_response("access denied")
-end
-
-local params = session.request.params
-
 if not (params.username and params.email and params.password) then
   return error_response("no username/email/password provided")
 end

com/Auth/GetAccess.lua

@@ -6,6 +6,9 @@ local log = require("internal.log")
 local session = require("internal.session")
 local crypt = require("internal.crypt.bcrypt")
 
+local params = session.request.params.get()
+local token = session.request.headers.get("x-session-token")
+
 local function close_db()
   if db then
     db:close()
@@ -22,16 +25,11 @@ local function error_response(message, code, data)
   close_db()
 end
 
-local params = session.request.params
 if not params then
   return error_response("No params provided")
 end
 
-if not session.request.params.token then
-  return error_response("access denied")
-end
-
-if session.request.params.token ~= require("_config").token() then
+if not (token and token == require("_config").token()) then
   return error_response("access denied")
 end
 

com/Auth/PutNewUnit.lua

@@ -6,6 +6,9 @@ local log = require("internal.log")
 local session = require("internal.session")
 local crypt = require("internal.crypt.bcrypt")
 
+local params = session.request.params.get()
+local token = session.request.headers.get("x-session-token")
+
 local function close_db()
   if db then
     db:close()
@@ -22,19 +25,14 @@ local function error_response(message, code, data)
   close_db()
 end
 
-if not session.request.params then
+if not params then
   return error_response("no params provided")
 end
 
-if not session.request.params.token then
+if not (token and token == require("_config").token()) then
   return error_response("access denied")
 end
 
-if session.request.params.token ~= require("_config").token() then
-  return error_response("access denied")
-end
-
-local params = session.request.params
 if not (params.username and params.email and params.password) then
   return error_response("no username/email/password provided")
 end

com/List.lua

@@ -2,7 +2,9 @@
 
 local session = require("internal.session")
 
-if session.request.params.about then
+local params = session.request.params.get()
+
+if params.about then
   session.response.result = {
     description = "Returns a list of available methods",
     params = {
@@ -48,7 +50,7 @@ local function scanDirectory(basePath, targetPath)
 end
 
 local basePath = "com"
-local layer = session.request and session.request.params.layer and session.request.params.layer:gsub(">", "/") or nil
+local layer = params.layer and params.layer:gsub(">", "/") or nil
 
 session.response.result = {
   answer = layer and scanDirectory(basePath, layer) or scanDirectory(basePath, "")