Software /
code /
prosody-modules
Annotate
mod_register_json/register_json/mod_register_json.lua @ 1296:b1a92a87309c
mod_vjud: Move instructions into a config option
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 02 Feb 2014 18:12:42 +0100 |
parent | 995:716a2b9cc18d |
child | 1343:7dbde05b48a9 |
rev | line source |
---|---|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
1 -- Expose a simple token based servlet to handle user registrations from web pages |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
2 -- through Base64 encoded JSON. |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
3 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
4 -- Copyright (C) 2010 - 2013, Marco Cirillo (LW.Org) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
5 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
6 local datamanager = datamanager |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
7 local b64_decode = require "util.encodings".base64.decode |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
8 local b64_encode = require "util.encodings".base64.encode |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
9 local http_event = require "net.http.server".fire_event |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
10 local jid_prep = require "util.jid".prep |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
11 local jid_split = require "util.jid".split |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
12 local json_decode = require "util.json".decode |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
13 local nodeprep = require "util.encodings".stringprep.nodeprep |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
14 local open, os_time, setmt, type = io.open, os.time, setmetatable, type |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
15 local sha1 = require "util.hashes".sha1 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
16 local urldecode = http.urldecode |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
17 local usermanager = usermanager |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
18 local uuid_gen = require "util.uuid".generate |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
19 local timer = require "util.timer" |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
20 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
21 module:depends("http") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
22 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
23 -- Pick up configuration and setup stores/variables. |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
24 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
25 local auth_token = module:get_option_string("reg_servlet_auth_token") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
26 local secure = module:get_option_boolean("reg_servlet_secure", true) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
27 local base_path = module:get_option_string("reg_servlet_base", "/register_account/") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
28 local throttle_time = module:get_option_number("reg_servlet_ttime", nil) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
29 local whitelist = module:get_option_set("reg_servlet_wl", {}) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
30 local blacklist = module:get_option_set("reg_servlet_bl", {}) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
31 local fm_patterns = module:get_option("reg_servlet_filtered_mails", {}) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
32 if type(fm_patterns) ~= "table" then fm_patterns = {} end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
33 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
34 local files_base = module.path:gsub("/[^/]+$","") .. "/template/" |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
35 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
36 local recent_ips = {} |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
37 local pending = {} |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
38 local pending_node = {} |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
39 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
40 -- Setup hashes data structure |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
41 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
42 hashes = { _index = {} } |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
43 local hashes_mt = {} ; hashes_mt.__index = hashes_mt |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
44 function hashes_mt:add(node, mail) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
45 local _hash = b64_encode(sha1(mail)) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
46 if not self:exists(_hash) then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
47 self[_hash] = node ; self._index[node] = _hash ; self:save() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
48 return true |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
49 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
50 return false |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
51 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
52 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
53 function hashes_mt:exists(hash) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
54 if hashes[hash] then return true else return false end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
55 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
56 function hashes_mt:remove(node) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
57 local _hash = self._index[node] |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
58 if _hash then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
59 self[_hash] = nil ; self._index[node] = nil ; self:save() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
60 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
61 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
62 function hashes_mt:save() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
63 if not datamanager.store("register_json", module.host, "hashes", hashes) then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
64 module:log("error", "Failed to save the mail addresses' hashes store.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
65 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
66 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
67 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
68 local function check_mail(address) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
69 for _, pattern in ipairs(fm_patterns) do |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
70 if address:match(pattern) then return false end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
71 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
72 return true |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
73 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
74 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
75 -- Begin |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
76 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
77 local function handle(code, message) return http_event("http-error", { code = code, message = message }) end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
78 local function http_response(event, code, message, headers) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
79 local response = event.response |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
80 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
81 if headers then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
82 for header, data in pairs(headers) do response.headers[header] = data end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
83 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
84 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
85 response.status_code = code |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
86 response:send(handle(code, message)) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
87 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
88 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
89 local function handle_req(event) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
90 local request = event.request |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
91 if secure and not request.secure then return nil end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
92 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
93 if request.method ~= "POST" then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
94 return http_response(event, 405, "Bad method.", {["Allow"] = "POST"}) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
95 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
96 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
97 local req_body |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
98 -- We check that what we have is valid JSON wise else we throw an error... |
991
929dcf3c4bcb
mod_register_json: small code cleanup & optimization.
Marco Cirillo <maranda@lightwitch.org>
parents:
989
diff
changeset
|
99 if not pcall(function() req_body = json_decode(b64_decode(request.body)) end) then |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
100 module:log("debug", "Data submitted for user registration by %s failed to Decode.", user) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
101 return http_response(event, 400, "Decoding failed.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
102 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
103 -- Decode JSON data and check that all bits are there else throw an error |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
104 if req_body["username"] == nil or req_body["password"] == nil or req_body["ip"] == nil or req_body["mail"] == nil or |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
105 req_body["auth_token"] == nil then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
106 module:log("debug", "%s supplied an insufficent number of elements or wrong elements for the JSON registration", user) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
107 return http_response(event, 400, "Invalid syntax.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
108 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
109 -- Set up variables |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
110 local username, password, ip, mail, token = req_body.username, req_body.password, req_body.ip, req_body.mail, req_body.auth_token |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
111 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
112 -- Check if user is an admin of said host |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
113 if token ~= auth_token then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
114 module:log("warn", "%s tried to retrieve a registration token for %s@%s", request.ip, username, module.host) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
115 return http_response(event, 401, "Auth token is invalid! The attempt has been logged.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
116 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
117 -- Blacklist can be checked here. |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
118 if blacklist:contains(ip) then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
119 module:log("warn", "Attempt of reg. submission to the JSON servlet from blacklisted address: %s", ip) |
992
794817421fc6
mod_register_json: added missing parameter to some http_response calls.
Marco Cirillo <maranda@lightwitch.org>
parents:
991
diff
changeset
|
120 return http_response(event, 403, "The specified address is blacklisted, sorry.") |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
121 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
122 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
123 if not check_mail(mail) then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
124 module:log("warn", "%s attempted to use a mail address (%s) matching one of the forbidden patterns.", ip, mail) |
992
794817421fc6
mod_register_json: added missing parameter to some http_response calls.
Marco Cirillo <maranda@lightwitch.org>
parents:
991
diff
changeset
|
125 return http_response(event, 403, "Requesting to register using this E-Mail address is forbidden, sorry.") |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
126 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
127 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
128 -- We first check if the supplied username for registration is already there. |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
129 -- And nodeprep the username |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
130 username = nodeprep(username) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
131 if not username then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
132 module:log("debug", "An username containing invalid characters was supplied: %s", req_body["username"]) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
133 return http_response(event, 406, "Supplied username contains invalid characters, see RFC 6122.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
134 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
135 if pending_node[username] then |
995
716a2b9cc18d
mod_register_json: fix logging message for already pending registrations' bounces.
Marco Cirillo <maranda@lightwitch.org>
parents:
992
diff
changeset
|
136 module:log("warn", "%s attempted to submit a registration request but another request for that user (%s) is pending", ip, username) |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
137 return http_response(event, 401, "Another user registration by that username is pending.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
138 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
139 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
140 if not usermanager.user_exists(username, module.host) then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
141 -- if username fails to register successive requests shouldn't be throttled until one is successful. |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
142 if throttle_time and not whitelist:contains(ip) then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
143 if not recent_ips[ip] then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
144 recent_ips[ip] = os_time() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
145 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
146 if os_time() - recent_ips[ip] < throttle_time then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
147 recent_ips[ip] = os_time() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
148 module:log("warn", "JSON Registration request from %s has been throttled.", req_body["ip"]) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
149 return http_response(event, 503, "Request throttled, wait a bit and try again.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
150 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
151 recent_ips[ip] = os_time() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
152 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
153 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
154 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
155 local uuid = uuid_gen() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
156 if not hashes:add(username, mail) then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
157 module:log("warn", "%s (%s) attempted to register to the server with an E-Mail address we already possess the hash of.", username, ip) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
158 return http_response(event, 409, "The E-Mail Address provided matches the hash associated to an existing account.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
159 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
160 pending[uuid] = { node = username, password = password, ip = ip } |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
161 pending_node[username] = uuid |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
162 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
163 timer.add_task(300, function() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
164 if pending[uuid] then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
165 pending[uuid] = nil |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
166 pending_node[username] = nil |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
167 hashes:remove(username) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
168 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
169 end) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
170 module:log("info", "%s (%s) submitted a registration request and is awaiting final verification", username, uuid) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
171 return uuid |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
172 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
173 module:log("debug", "%s registration data submission failed (user already exists)", username) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
174 return http_response(event, 409, "User already exists.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
175 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
176 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
177 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
178 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
179 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
180 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
181 local function open_file(file) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
182 local f, err = open(file, "rb"); |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
183 if not f then return nil end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
184 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
185 local data = f:read("*a") ; f:close() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
186 return data |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
187 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
188 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
189 local function r_template(event, type) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
190 local data = open_file(files_base..type.."_t.html") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
191 if data then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
192 data = data:gsub("%%REG%-URL", base_path.."verify/") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
193 return data |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
194 else return http_response(event, 500, "Failed to obtain template.") end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
195 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
196 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
197 local function handle_verify(event, path) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
198 local request = event.request |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
199 local body = request.body |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
200 if secure and not request.secure then return nil end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
201 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
202 local valid_files = { |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
203 ["css/style.css"] = files_base.."css/style.css", |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
204 ["images/tile.png"] = files_base.."images/tile.png", |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
205 ["images/header.png"] = files_base.."images/header.png" |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
206 } |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
207 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
208 if request.method == "GET" then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
209 if path == "" then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
210 return r_template(event, "form") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
211 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
212 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
213 if valid_files[path] then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
214 local data = open_file(valid_files[path]) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
215 if data then return data |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
216 else return http_response(event, 404, "Not found.") end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
217 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
218 elseif request.method == "POST" then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
219 if path == "" then |
991
929dcf3c4bcb
mod_register_json: small code cleanup & optimization.
Marco Cirillo <maranda@lightwitch.org>
parents:
989
diff
changeset
|
220 if not body then return http_response(event, 400, "Bad Request.") end |
929dcf3c4bcb
mod_register_json: small code cleanup & optimization.
Marco Cirillo <maranda@lightwitch.org>
parents:
989
diff
changeset
|
221 local uuid = urldecode(body):match("^uuid=(.*)$") |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
222 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
223 if not pending[uuid] then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
224 return r_template(event, "fail") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
225 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
226 local username, password, ip = |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
227 pending[uuid].node, pending[uuid].password, pending[uuid].ip |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
228 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
229 local ok, error = usermanager.create_user(username, password, module.host) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
230 if ok then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
231 module:fire_event( |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
232 "user-registered", |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
233 { username = username, host = module.host, source = "mod_register_json", session = { ip = ip } } |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
234 ) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
235 module:log("info", "Account %s@%s is successfully verified and activated", username, module.host) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
236 -- we shall not clean the user from the pending lists as long as registration doesn't succeed. |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
237 pending[uuid] = nil ; pending_node[username] = nil |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
238 return r_template(event, "success") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
239 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
240 module:log("error", "User creation failed: "..error) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
241 return http_response(event, 500, "Encountered server error while creating the user: "..error) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
242 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
243 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
244 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
245 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
246 return http_response(event, 405, "Invalid method.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
247 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
248 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
249 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
250 local function handle_user_deletion(event) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
251 local user, hostname = event.username, event.host |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
252 if hostname == module.host then hashes:remove(user) end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
253 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
254 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
255 -- Set it up! |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
256 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
257 hashes = datamanager.load("register_json", module.host, "hashes") or hashes ; setmt(hashes, hashes_mt) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
258 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
259 module:provides("http", { |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
260 default_path = base_path, |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
261 route = { |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
262 ["GET /"] = handle_req, |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
263 ["POST /"] = handle_req, |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
264 ["GET /verify/*"] = handle_verify, |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
265 ["POST /verify/*"] = handle_verify |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
266 } |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
267 }) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
268 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
269 module:hook_global("user-deleted", handle_user_deletion, 10); |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
270 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
271 -- Reloadability |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
272 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
273 module.save = function() return { hashes = hashes } end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
274 module.restore = function(data) hashes = data.hashes or { _index = {} } ; setmt(hashes, hashes_mt) end |