Software / code / prosody-modules
Annotate
mod_jid_prep/mod_jid_prep.lua @ 6193:e977174082ee
mod_invites_register_api: Use set_password() for password resets
Previously the code relied on the (weird) behaviour of create_user(), which
would update the password for a user account if it already existed. This has
several issues, and we plan to deprecate this behaviour of create_user().
The larger issue is that this route does not trigger the user-password-changed
event, which can be a security problem. For example, it did not disconnect
existing user sessions (this occurs in mod_c2s in response to the event).
Switching to set_password() is the right thing to do
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Thu, 06 Feb 2025 10:24:30 +0000 |
| parent | 1404:99cb06b31ae8 |
| rev | line source |
|---|---|
|
1003
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 -- Run JIDs through stringprep processing on behalf of clients |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 -- http://xmpp.org/extensions/inbox/jidprep.html |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 local jid_prep = require "util.jid".prep; |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 local st = require "util.stanza"; |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 |
|
1404
99cb06b31ae8
mod_jid_prep: Update to version 0.1; advertise feature and change :tmp to :0 in namespace
Kim Alvefur <zash@zash.se>
parents:
1003
diff
changeset
|
7 local xmlns_prep = "urn:xmpp:jidprep:0"; |
|
99cb06b31ae8
mod_jid_prep: Update to version 0.1; advertise feature and change :tmp to :0 in namespace
Kim Alvefur <zash@zash.se>
parents:
1003
diff
changeset
|
8 |
|
99cb06b31ae8
mod_jid_prep: Update to version 0.1; advertise feature and change :tmp to :0 in namespace
Kim Alvefur <zash@zash.se>
parents:
1003
diff
changeset
|
9 module:add_feature(xmlns_prep); |
|
1003
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 function prep_jid(event) |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 local stanza = event.stanza; |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 local jid = jid_prep(stanza:get_child_text("jid", xmlns_prep)); |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 if not jid then |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 return event.origin.send(st.error_reply(stanza, "modify", "jid-malformed")); |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 end |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 return event.origin.send(st.reply(stanza):tag("jid", { xmlns = xmlns_prep }):text(jid)); |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 end |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 module:hook("iq/host/"..xmlns_prep..":jid", prep_jid); |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 module:depends("http"); |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 module:provides("http", { |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 route = { |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 ["GET /*"] = function (event, jid) |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 return jid_prep(jid) or 400; |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 end; |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 } |
|
767999c39f0a
mod_jid_prep: Implement the JID prep protocol in the XEP submitted 5 minutes ago...
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 }); |
