Annotate prosody-modules: mod_email_pass/mod_email

author	Luis G.F <luisgf@gmail.com>
date	Mon, 10 Mar 2014 08:22:58 +0000
child	1343:7dbde05b48a9

rev	line source
1342 0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	1 local dm_load = require "util.datamanager".load;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	2 local st = require "util.stanza";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	3 local nodeprep = require "util.encodings".stringprep.nodeprep;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	4 local usermanager = require "core.usermanager";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	5 local http = require "net.http";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	6 local vcard = module:require "vcard";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	7 local datetime = require "util.datetime";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	8 local timer = require "util.timer";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	9 local jidutil = require "util.jid";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	10
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	11 -- SMTP related params. Readed from config
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	12 local os_time = os.time;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	13 local smtp = require "socket.smtp";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	14 local smtp_server = module:get_option_string("smtp_server", "localhost");
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	15 local smtp_port = module:get_option_string("smtp_port", "25");
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	16 local smtp_ssl = module:get_option_boolean("smtp_ssl", false);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	17 local smtp_user = module:get_option_string("smtp_username");
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	18 local smtp_pass = module:get_option_string("smtp_password");
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	19 local smtp_address = module:get_option("smtp_from") or ((smtp_user or "no-responder").."@"..(smtp_server or module.host));
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	20 local mail_subject = module:get_option_string("msg_subject")
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	21 local mail_body = module:get_option_string("msg_body");
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	22 local url_path = module:get_option_string("url_path", "/resetpass");
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	23
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	24
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	25 -- This table has the tokens submited by the server
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	26 tokens_mails = {};
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	27 tokens_expiration = {};
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	28
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	29 -- URL
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	30 local https_host = module:get_option_string("https_host");
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	31 local http_host = module:get_option_string("http_host");
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	32 local https_port = module:get_option("https_ports", { 443 });
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	33 local http_port = module:get_option("http_ports", { 80 });
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	34
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	35 local timer_repeat = 120; -- repeat after 120 secs
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	36
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	37 function enablessl()
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	38 local sock = socket.tcp()
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	39 return setmetatable({
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	40 connect = function(_, host, port)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	41 local r, e = sock:connect(host, port)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	42 if not r then return r, e end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	43 sock = ssl.wrap(sock, {mode='client', protocol='tlsv1'})
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	44 return sock:dohandshake()
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	45 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	46 }, {
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	47 __index = function(t,n)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	48 return function(_, ...)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	49 return sock[n](sock, ...)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	50 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	51 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	52 })
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	53 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	54
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	55 function template(data)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	56 -- Like util.template, but deals with plain text
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	57 return { apply = function(values) return (data:gsub("{([^}]+)}", values)); end }
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	58 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	59
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	60 local function get_template(name, extension)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	61 local fh = assert(module:load_resource("templates/"..name..extension));
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	62 local data = assert(fh:read("*a"));
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	63 fh:close();
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	64 return template(data);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	65 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	66
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	67 local function render(template, data)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	68 return tostring(template.apply(data));
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	69 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	70
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	71 function send_email(address, smtp_address, message_text, subject)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	72 local rcpt = "<"..address..">";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	73
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	74 local mesgt = {
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	75 headers = {
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	76 to = address;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	77 subject = subject or ("Jabber password reset "..jid_bare(from_address));
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	78 };
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	79 body = message_text;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	80 };
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	81 local ok, err = nil;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	82
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	83 if not smtp_ssl then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	84 ok, err = smtp.send{ from = smtp_address, rcpt = rcpt, source = smtp.message(mesgt),
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	85 server = smtp_server, user = smtp_user, password = smtp_pass, port = 25 };
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	86 else
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	87 ok, err = smtp.send{ from = smtp_address, rcpt = rcpt, source = smtp.message(mesgt),
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	88 server = smtp_server, user = smtp_user, password = smtp_pass, port = smtp_port, create = enablessl };
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	89 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	90
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	91 if not ok then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	92 module:log("error", "Failed to deliver to %s: %s", tostring(address), tostring(err));
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	93 return;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	94 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	95 return true;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	96 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	97
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	98 local vCard_mt = {
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	99 __index = function(t, k)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	100 if type(k) ~= "string" then return nil end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	101 for i=1,#t do
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	102 local t_i = rawget(t, i);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	103 if t_i and t_i.name == k then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	104 rawset(t, k, t_i);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	105 return t_i;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	106 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	107 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	108 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	109 };
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	110
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	111 local function get_user_vcard(user, host)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	112 local vCard = dm_load(user, host or base_host, "vcard");
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	113 if vCard then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	114 vCard = st.deserialize(vCard);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	115 vCard = vcard.from_xep54(vCard);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	116 return setmetatable(vCard, vCard_mt);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	117 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	118 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	119
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	120 local changepass_tpl = get_template("changepass",".html");
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	121 local sendmail_success_tpl = get_template("sendmailok",".html");
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	122 local reset_success_tpl = get_template("resetok",".html");
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	123 local token_tpl = get_template("token",".html");
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	124
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	125 function generate_page(event, display_options)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	126 local request = event.request;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	127
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	128 return render(changepass_tpl, {
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	129 path = request.path; hostname = module.host;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	130 notice = display_options and display_options.register_error or "";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	131 })
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	132 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	133
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	134 function generate_token_page(event, display_options)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	135 local request = event.request;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	136
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	137 return render(token_tpl, {
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	138 path = request.path; hostname = module.host;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	139 token = request.url.query;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	140 notice = display_options and display_options.register_error or "";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	141 })
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	142 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	143
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	144 function generateToken(address)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	145 math.randomseed(os.time())
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	146 length = 16
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	147 if length < 1 then return nil end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	148 local array = {}
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	149 for i = 1, length, 2 do
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	150 array[i] = string.char(math.random(48,57))
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	151 array[i+1] = string.char(math.random(97,122))
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	152 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	153 local token = table.concat(array);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	154 if not tokens_mails[token] then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	155
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	156 tokens_mails[token] = address;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	157 tokens_expiration[token] = os.time();
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	158 return token
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	159 else
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	160 module:log("error", "Reset password token collision: '%s'", token);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	161 return generateToken(address)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	162 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	163 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	164
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	165 function isExpired(token)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	166 if not tokens_expiration[token] then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	167 return nil;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	168 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	169 if os.difftime(os.time(), tokens_expiration[token]) < 86400 then -- 86400 secs == 24h
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	170 -- token is valid yet
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	171 return nil;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	172 else
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	173 -- token invalid, we can create a fresh one.
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	174 return true;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	175 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	176 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	177
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	178 -- Expire tokens
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	179 expireTokens = function()
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	180 for token,value in pairs(tokens_mails) do
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	181 if isExpired(token) then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	182 module:log("info","Expiring password reset request from user '%s', not used.", tokens_mails[token]);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	183 tokens_mails[token] = nil;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	184 tokens_expiration[token] = nil;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	185 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	186 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	187 return timer_repeat;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	188 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	189
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	190 -- Check if a user has a active token not used yet.
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	191 function hasTokenActive(address)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	192 for token,value in pairs(tokens_mails) do
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	193 if address == value and not isExpired(token) then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	194 return token;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	195 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	196 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	197 return nil;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	198 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	199
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	200 function generateUrl(token)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	201 local url;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	202
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	203 if https_host then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	204 url = "https://" .. https_host;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	205 else
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	206 url = "http://" .. http_host;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	207 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	208
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	209 if https_port then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	210 url = url .. ":" .. https_port[1];
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	211 else
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	212 url = url .. ":" .. http_port[1];
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	213 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	214
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	215 url = url .. url_path .. "token.html?" .. token;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	216
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	217 return url;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	218 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	219
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	220 function sendMessage(jid, subject, message)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	221 local msg = st.message({ from = module.host; to = jid; }):
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	222 tag("subject"):text(subject):up():
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	223 tag("body"):text(message);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	224 module:send(msg);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	225 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	226
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	227 function send_token_mail(form, origin)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	228 local user, host, resource = jidutil.split(form.username);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	229 local prepped_username = nodeprep(user);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	230 local prepped_mail = form.email;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	231 local jid = prepped_username .. "@" .. host;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	232
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	233 if not prepped_username then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	234 return nil, "El usuario contiene caracteres incorrectos";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	235 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	236 if #prepped_username == 0 then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	237 return nil, "El campo usuario está vacio";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	238 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	239 if not usermanager.user_exists(prepped_username, module.host) then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	240 return nil, "El usuario NO existe";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	241 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	242
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	243 if #prepped_mail == 0 then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	244 return nil, "El campo email está vacio";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	245 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	246
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	247 local vcarduser = get_user_vcard(prepped_username, module.host);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	248
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	249 if not vcarduser then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	250 return nil, "User has not vCard";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	251 else
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	252 if not vcarduser.EMAIL then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	253 return nil, "Esa cuente no tiene ningún email configurado en su vCard";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	254 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	255
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	256 email = string.lower(vcarduser.EMAIL[1]);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	257
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	258 if email ~= string.lower(prepped_mail) then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	259 return nil, "Dirección eMail incorrecta";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	260 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	261
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	262 -- Check if has already a valid token, not used yet.
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	263 if hasTokenActive(jid) then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	264 local valid_until = tokens_expiration[hasTokenActive(jid)] + 86400;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	265 return nil, "Ya tienes una petición de restablecimiento de clave válida hasta: " .. datetime.date(valid_until) .. " " .. datetime.time(valid_until);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	266 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	267
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	268 local url_token = generateToken(jid);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	269 local url = generateUrl(url_token);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	270 local email_body = render(get_template("sendtoken",".mail"), {jid = jid, url = url} );
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	271
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	272 module:log("info", "Sending password reset mail to user %s", jid);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	273 send_email(email, smtp_address, email_body, mail_subject);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	274 return "ok";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	275 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	276
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	277 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	278
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	279 function reset_password_with_token(form, origin)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	280 local token = form.token;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	281 local password = form.newpassword;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	282
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	283 if not token then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	284 return nil, "El Token es inválido";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	285 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	286 if not tokens_mails[token] then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	287 return nil, "El Token no existe o ya fué usado";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	288 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	289 if not password then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	290 return nil, "La campo clave no puede estar vacio";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	291 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	292 if #password < 5 then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	293 return nil, "La clave debe tener una longitud de al menos 5 caracteres";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	294 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	295 local jid = tokens_mails[token];
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	296 local user, host, resource = jidutil.split(jid);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	297
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	298 usermanager.set_password(user, password, host);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	299 module:log("info", "Password changed with token for user %s", jid);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	300 tokens_mails[token] = nil;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	301 tokens_expiration[token] = nil;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	302 sendMessage(jid, mail_subject, mail_body);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	303 return "ok";
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	304 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	305
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	306 function generate_success(event, form)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	307 return render(sendmail_success_tpl, { jid = nodeprep(form.username).."@"..module.host });
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	308 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	309
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	310 function generate_register_response(event, form, ok, err)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	311 local message;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	312 if ok then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	313 return generate_success(event, form);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	314 else
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	315 return generate_page(event, { register_error = err });
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	316 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	317 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	318
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	319 function handle_form_token(event)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	320 local request, response = event.request, event.response;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	321 local form = http.formdecode(request.body);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	322
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	323 local token_ok, token_err = send_token_mail(form, request);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	324 response:send(generate_register_response(event, form, token_ok, token_err));
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	325
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	326 return true; -- Leave connection open until we respond above
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	327 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	328
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	329 function generate_reset_success(event, form)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	330 return render(reset_success_tpl, { });
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	331 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	332
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	333 function generate_reset_response(event, form, ok, err)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	334 local message;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	335 if ok then
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	336 return generate_reset_success(event, form);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	337 else
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	338 return generate_token_page(event, { register_error = err });
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	339 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	340 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	341
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	342 function handle_form_reset(event)
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	343 local request, response = event.request, event.response;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	344 local form = http.formdecode(request.body);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	345
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	346 local reset_ok, reset_err = reset_password_with_token(form, request);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	347 response:send(generate_reset_response(event, form, reset_ok, reset_err));
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	348
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	349 return true; -- Leave connection open until we respond above
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	350
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	351 end
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	352
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	353 timer.add_task(timer_repeat, expireTokens);
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	354
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	355 module:provides("http", {
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	356 default_path = url_path;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	357 route = {
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	358 ["GET /style.css"] = render(get_template("style",".css"), {});
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	359 ["GET /token.html"] = generate_token_page;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	360 ["GET /"] = generate_page;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	361 ["POST /token.html"] = handle_form_reset;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	362 ["POST /"] = handle_form_token;
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	363 };
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	364 });
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	365
0ae065453dc9 Initial commit Luis G.F <luisgf@gmail.com> parents: diff changeset	366

1342

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

1 local dm_load = require "util.datamanager".load;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

2 local st = require "util.stanza";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

3 local nodeprep = require "util.encodings".stringprep.nodeprep;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

4 local usermanager = require "core.usermanager";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

5 local http = require "net.http";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

6 local vcard = module:require "vcard";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

7 local datetime = require "util.datetime";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

8 local timer = require "util.timer";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

9 local jidutil = require "util.jid";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

10

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

11 -- SMTP related params. Readed from config

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

12 local os_time = os.time;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

13 local smtp = require "socket.smtp";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

14 local smtp_server = module:get_option_string("smtp_server", "localhost");

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

15 local smtp_port = module:get_option_string("smtp_port", "25");

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

16 local smtp_ssl = module:get_option_boolean("smtp_ssl", false);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

17 local smtp_user = module:get_option_string("smtp_username");

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

18 local smtp_pass = module:get_option_string("smtp_password");

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

19 local smtp_address = module:get_option("smtp_from") or ((smtp_user or "no-responder").."@"..(smtp_server or module.host));

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

20 local mail_subject = module:get_option_string("msg_subject")

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

21 local mail_body = module:get_option_string("msg_body");

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

22 local url_path = module:get_option_string("url_path", "/resetpass");

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

23

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

24

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

25 -- This table has the tokens submited by the server

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

26 tokens_mails = {};

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

27 tokens_expiration = {};

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

28

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

29 -- URL

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

30 local https_host = module:get_option_string("https_host");

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

31 local http_host = module:get_option_string("http_host");

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

32 local https_port = module:get_option("https_ports", { 443 });

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

33 local http_port = module:get_option("http_ports", { 80 });

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

34

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

35 local timer_repeat = 120; -- repeat after 120 secs

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

36

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

37 function enablessl()

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

38 local sock = socket.tcp()

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

39 return setmetatable({

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

40 connect = function(_, host, port)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

41 local r, e = sock:connect(host, port)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

42 if not r then return r, e end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

43 sock = ssl.wrap(sock, {mode='client', protocol='tlsv1'})

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

44 return sock:dohandshake()

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

45 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

46 }, {

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

47 __index = function(t,n)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

48 return function(_, ...)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

49 return sock[n](sock, ...)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

50 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

51 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

52 })

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

53 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

54

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

55 function template(data)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

56 -- Like util.template, but deals with plain text

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

57 return { apply = function(values) return (data:gsub("{([^}]+)}", values)); end }

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

58 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

59

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

60 local function get_template(name, extension)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

61 local fh = assert(module:load_resource("templates/"..name..extension));

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

62 local data = assert(fh:read("*a"));

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

63 fh:close();

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

64 return template(data);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

65 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

66

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

67 local function render(template, data)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

68 return tostring(template.apply(data));

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

69 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

70

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

71 function send_email(address, smtp_address, message_text, subject)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

72 local rcpt = "<"..address..">";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

73

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

74 local mesgt = {

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

75 headers = {

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

76 to = address;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

77 subject = subject or ("Jabber password reset "..jid_bare(from_address));

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

78 };

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

79 body = message_text;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

80 };

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

81 local ok, err = nil;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

82

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

83 if not smtp_ssl then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

84 ok, err = smtp.send{ from = smtp_address, rcpt = rcpt, source = smtp.message(mesgt),

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

85 server = smtp_server, user = smtp_user, password = smtp_pass, port = 25 };

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

86 else

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

87 ok, err = smtp.send{ from = smtp_address, rcpt = rcpt, source = smtp.message(mesgt),

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

88 server = smtp_server, user = smtp_user, password = smtp_pass, port = smtp_port, create = enablessl };

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

89 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

90

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

91 if not ok then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

92 module:log("error", "Failed to deliver to %s: %s", tostring(address), tostring(err));

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

93 return;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

94 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

95 return true;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

96 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

97

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

98 local vCard_mt = {

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

99 __index = function(t, k)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

100 if type(k) ~= "string" then return nil end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

101 for i=1,#t do

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

102 local t_i = rawget(t, i);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

103 if t_i and t_i.name == k then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

104 rawset(t, k, t_i);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

105 return t_i;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

106 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

107 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

108 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

109 };

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

110

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

111 local function get_user_vcard(user, host)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

112 local vCard = dm_load(user, host or base_host, "vcard");

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

113 if vCard then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

114 vCard = st.deserialize(vCard);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

115 vCard = vcard.from_xep54(vCard);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

116 return setmetatable(vCard, vCard_mt);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

117 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

118 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

119

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

120 local changepass_tpl = get_template("changepass",".html");

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

121 local sendmail_success_tpl = get_template("sendmailok",".html");

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

122 local reset_success_tpl = get_template("resetok",".html");

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

123 local token_tpl = get_template("token",".html");

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

124

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

125 function generate_page(event, display_options)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

126 local request = event.request;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

127

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

128 return render(changepass_tpl, {

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

129 path = request.path; hostname = module.host;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

130 notice = display_options and display_options.register_error or "";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

131 })

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

132 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

133

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

134 function generate_token_page(event, display_options)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

135 local request = event.request;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

136

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

137 return render(token_tpl, {

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

138 path = request.path; hostname = module.host;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

139 token = request.url.query;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

140 notice = display_options and display_options.register_error or "";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

141 })

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

142 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

143

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

144 function generateToken(address)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

145 math.randomseed(os.time())

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

146 length = 16

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

147 if length < 1 then return nil end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

148 local array = {}

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

149 for i = 1, length, 2 do

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

150 array[i] = string.char(math.random(48,57))

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

151 array[i+1] = string.char(math.random(97,122))

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

152 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

153 local token = table.concat(array);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

154 if not tokens_mails[token] then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

155

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

156 tokens_mails[token] = address;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

157 tokens_expiration[token] = os.time();

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

158 return token

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

159 else

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

160 module:log("error", "Reset password token collision: '%s'", token);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

161 return generateToken(address)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

162 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

163 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

164

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

165 function isExpired(token)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

166 if not tokens_expiration[token] then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

167 return nil;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

168 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

169 if os.difftime(os.time(), tokens_expiration[token]) < 86400 then -- 86400 secs == 24h

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

170 -- token is valid yet

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

171 return nil;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

172 else

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

173 -- token invalid, we can create a fresh one.

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

174 return true;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

175 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

176 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

177

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

178 -- Expire tokens

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

179 expireTokens = function()

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

180 for token,value in pairs(tokens_mails) do

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

181 if isExpired(token) then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

182 module:log("info","Expiring password reset request from user '%s', not used.", tokens_mails[token]);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

183 tokens_mails[token] = nil;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

184 tokens_expiration[token] = nil;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

185 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

186 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

187 return timer_repeat;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

188 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

189

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

190 -- Check if a user has a active token not used yet.

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

191 function hasTokenActive(address)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

192 for token,value in pairs(tokens_mails) do

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

193 if address == value and not isExpired(token) then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

194 return token;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

195 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

196 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

197 return nil;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

198 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

199

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

200 function generateUrl(token)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

201 local url;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

202

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

203 if https_host then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

204 url = "https://" .. https_host;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

205 else

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

206 url = "http://" .. http_host;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

207 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

208

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

209 if https_port then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

210 url = url .. ":" .. https_port[1];

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

211 else

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

212 url = url .. ":" .. http_port[1];

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

213 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

214

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

215 url = url .. url_path .. "token.html?" .. token;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

216

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

217 return url;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

218 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

219

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

220 function sendMessage(jid, subject, message)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

221 local msg = st.message({ from = module.host; to = jid; }):

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

222 tag("subject"):text(subject):up():

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

223 tag("body"):text(message);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

224 module:send(msg);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

225 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

226

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

227 function send_token_mail(form, origin)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

228 local user, host, resource = jidutil.split(form.username);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

229 local prepped_username = nodeprep(user);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

230 local prepped_mail = form.email;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

231 local jid = prepped_username .. "@" .. host;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

232

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

233 if not prepped_username then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

234 return nil, "El usuario contiene caracteres incorrectos";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

235 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

236 if #prepped_username == 0 then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

237 return nil, "El campo usuario está vacio";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

238 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

239 if not usermanager.user_exists(prepped_username, module.host) then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

240 return nil, "El usuario NO existe";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

241 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

242

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

243 if #prepped_mail == 0 then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

244 return nil, "El campo email está vacio";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

245 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

246

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

247 local vcarduser = get_user_vcard(prepped_username, module.host);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

248

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

249 if not vcarduser then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

250 return nil, "User has not vCard";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

251 else

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

252 if not vcarduser.EMAIL then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

253 return nil, "Esa cuente no tiene ningún email configurado en su vCard";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

254 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

255

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

256 email = string.lower(vcarduser.EMAIL[1]);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

257

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

258 if email ~= string.lower(prepped_mail) then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

259 return nil, "Dirección eMail incorrecta";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

260 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

261

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

262 -- Check if has already a valid token, not used yet.

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

263 if hasTokenActive(jid) then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

264 local valid_until = tokens_expiration[hasTokenActive(jid)] + 86400;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

265 return nil, "Ya tienes una petición de restablecimiento de clave válida hasta: " .. datetime.date(valid_until) .. " " .. datetime.time(valid_until);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

266 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

267

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

268 local url_token = generateToken(jid);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

269 local url = generateUrl(url_token);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

270 local email_body = render(get_template("sendtoken",".mail"), {jid = jid, url = url} );

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

271

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

272 module:log("info", "Sending password reset mail to user %s", jid);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

273 send_email(email, smtp_address, email_body, mail_subject);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

274 return "ok";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

275 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

276

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

277 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

278

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

279 function reset_password_with_token(form, origin)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

280 local token = form.token;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

281 local password = form.newpassword;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

282

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

283 if not token then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

284 return nil, "El Token es inválido";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

285 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

286 if not tokens_mails[token] then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

287 return nil, "El Token no existe o ya fué usado";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

288 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

289 if not password then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

290 return nil, "La campo clave no puede estar vacio";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

291 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

292 if #password < 5 then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

293 return nil, "La clave debe tener una longitud de al menos 5 caracteres";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

294 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

295 local jid = tokens_mails[token];

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

296 local user, host, resource = jidutil.split(jid);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

297

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

298 usermanager.set_password(user, password, host);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

299 module:log("info", "Password changed with token for user %s", jid);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

300 tokens_mails[token] = nil;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

301 tokens_expiration[token] = nil;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

302 sendMessage(jid, mail_subject, mail_body);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

303 return "ok";

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

304 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

305

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

306 function generate_success(event, form)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

307 return render(sendmail_success_tpl, { jid = nodeprep(form.username).."@"..module.host });

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

308 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

309

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

310 function generate_register_response(event, form, ok, err)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

311 local message;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

312 if ok then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

313 return generate_success(event, form);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

314 else

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

315 return generate_page(event, { register_error = err });

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

316 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

317 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

318

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

319 function handle_form_token(event)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

320 local request, response = event.request, event.response;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

321 local form = http.formdecode(request.body);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

322

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

323 local token_ok, token_err = send_token_mail(form, request);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

324 response:send(generate_register_response(event, form, token_ok, token_err));

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

325

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

326 return true; -- Leave connection open until we respond above

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

327 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

328

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

329 function generate_reset_success(event, form)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

330 return render(reset_success_tpl, { });

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

331 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

332

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

333 function generate_reset_response(event, form, ok, err)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

334 local message;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

335 if ok then

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

336 return generate_reset_success(event, form);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

337 else

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

338 return generate_token_page(event, { register_error = err });

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

339 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

340 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

341

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

342 function handle_form_reset(event)

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

343 local request, response = event.request, event.response;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

344 local form = http.formdecode(request.body);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

345

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

346 local reset_ok, reset_err = reset_password_with_token(form, request);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

347 response:send(generate_reset_response(event, form, reset_ok, reset_err));

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

348

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

349 return true; -- Leave connection open until we respond above

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

350

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

351 end

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

352

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

353 timer.add_task(timer_repeat, expireTokens);

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

354

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

355 module:provides("http", {

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

356 default_path = url_path;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

357 route = {

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

358 ["GET /style.css"] = render(get_template("style",".css"), {});

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

359 ["GET /token.html"] = generate_token_page;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

360 ["GET /"] = generate_page;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

361 ["POST /token.html"] = handle_form_reset;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

362 ["POST /"] = handle_form_token;

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

363 };

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

364 });

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

365

0ae065453dc9 Initial commit

Luis G.F <luisgf@gmail.com>

parents:

diff changeset

366

prosody-modules

0ae065453dc9

mod_email_pass/mod_email_pass.lua

Annotate

mod_email_pass/mod_email_pass.lua @ 1342:0ae065453dc9

prosody-modules

0ae065453dc9

mod_email_pass/mod_email_pass.lua

Software / code / prosody-modules

Annotate

mod_email_pass/mod_email_pass.lua @ 1342:0ae065453dc9

Software `/` code `/` prosody-modules