Software /
code /
prosody-modules
Annotate
mod_password_policy/mod_password_policy.lua @ 1268:854a3933cfcd
mod_muc_log_http: URL-encode room names. This allows special characters in room names to work. Ideally this escaping shouldn’t be done in the user visible content, but the module’s template system doesn’t currently allow that.
author | Waqas Hussain <waqas20@gmail.com> |
---|---|
date | Sat, 04 Jan 2014 16:50:57 -0500 |
parent | 845:1c14edca74a4 |
child | 3350:cb26d04b391c |
rev | line source |
---|---|
841
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
1 -- Password policy enforcement for Prosody |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
2 -- |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
3 -- Copyright (C) 2012 Waqas Hussain |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
4 -- |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
5 -- |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
6 -- Configuration: |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
7 -- password_policy = { |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
8 -- length = 8; |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
9 -- } |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
10 |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
11 |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
12 local options = module:get_option("password_policy"); |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
13 |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
14 options = options or {}; |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
15 options.length = options.length or 8; |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
16 |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
17 local st = require "util.stanza"; |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
18 |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
19 function check_password(password) |
845
1c14edca74a4
mod_password_policy: Fix inverted length check.
Waqas Hussain <waqas20@gmail.com>
parents:
841
diff
changeset
|
20 return #password >= options.length; |
841
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
21 end |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
22 |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
23 function handler(event) |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
24 local origin, stanza = event.origin, event.stanza; |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
25 |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
26 if stanza.attr.type == "set" then |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
27 local query = stanza.tags[1]; |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
28 |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
29 local passwords = {}; |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
30 |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
31 local dataform = query:get_child("x", "jabber:x:data"); |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
32 if dataform then |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
33 for _,tag in ipairs(dataform.tags) do |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
34 if tag.attr.var == "password" then |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
35 table.insert(passwords, tag:get_child_text("value")); |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
36 end |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
37 end |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
38 end |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
39 |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
40 table.insert(passwords, query:get_child_text("password")); |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
41 |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
42 for _,password in ipairs(passwords) do |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
43 if password and not check_password(password) then |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
44 origin.send(st.error_reply(stanza, "cancel", "not-acceptable", "Please use a longer password.")); |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
45 return true; |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
46 end |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
47 end |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
48 end |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
49 end |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
50 |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
51 module:hook("iq/self/jabber:iq:register:query", handler, 10); |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
52 module:hook("iq/host/jabber:iq:register:query", handler, 10); |
0649883de4d3
mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
53 module:hook("stanza/iq/jabber:iq:register:query", handler, 10); |