prosody-modules
edde5905744a
mod_password_policy/mod_password_policy.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

Annotate

mod_password_policy/mod_password_policy.lua @ 4293:edde5905744a

mod_s2s_keepalive: Don't send whitespace keepalives before s2sin stream is open Could possibly result in whitespace before the XML and stream header, which isn't allowed by the parser. Don't think s2sout is affected, as the stream is opened early and doesn't have to wait for the other end. Thanks Ge0rG
author Kim Alvefur <zash@zash.se>
date Thu, 10 Dec 2020 11:57:03 +0100
parent 3351:662f2722f745
child 4828:56eba4bca28f
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
841
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
1 -- Password policy enforcement for Prosody
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
2 --
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
3 -- Copyright (C) 2012 Waqas Hussain
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
4 --
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
5 --
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
6 -- Configuration:
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
7 -- password_policy = {
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
8 -- length = 8;
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
9 -- }
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
10
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
11
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
12 local options = module:get_option("password_policy");
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
13
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
14 options = options or {};
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
15 options.length = options.length or 8;
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
16
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
17 local st = require "util.stanza";
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
18
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
19 function check_password(password)
3350
cb26d04b391c mod_password_policy: Return error as second result explaining failure reason
Matthew Wild <mwild1@gmail.com>
parents: 845
diff changeset
20 if #password < options.length then
cb26d04b391c mod_password_policy: Return error as second result explaining failure reason
Matthew Wild <mwild1@gmail.com>
parents: 845
diff changeset
21 return nil, ("Password is too short (minimum %d characters)"):format(options.length);
cb26d04b391c mod_password_policy: Return error as second result explaining failure reason
Matthew Wild <mwild1@gmail.com>
parents: 845
diff changeset
22 end
cb26d04b391c mod_password_policy: Return error as second result explaining failure reason
Matthew Wild <mwild1@gmail.com>
parents: 845
diff changeset
23 return true;
841
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
24 end
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
25
3351
662f2722f745 mod_password_policy: Export function to get policy in use by the module
Matthew Wild <mwild1@gmail.com>
parents: 3350
diff changeset
26 function get_policy()
662f2722f745 mod_password_policy: Export function to get policy in use by the module
Matthew Wild <mwild1@gmail.com>
parents: 3350
diff changeset
27 return options;
662f2722f745 mod_password_policy: Export function to get policy in use by the module
Matthew Wild <mwild1@gmail.com>
parents: 3350
diff changeset
28 end
662f2722f745 mod_password_policy: Export function to get policy in use by the module
Matthew Wild <mwild1@gmail.com>
parents: 3350
diff changeset
29
841
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
30 function handler(event)
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
31 local origin, stanza = event.origin, event.stanza;
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
32
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
33 if stanza.attr.type == "set" then
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
34 local query = stanza.tags[1];
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
35
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
36 local passwords = {};
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
37
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
38 local dataform = query:get_child("x", "jabber:x:data");
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
39 if dataform then
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
40 for _,tag in ipairs(dataform.tags) do
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
41 if tag.attr.var == "password" then
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
42 table.insert(passwords, tag:get_child_text("value"));
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
43 end
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
44 end
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
45 end
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
46
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
47 table.insert(passwords, query:get_child_text("password"));
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
48
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
49 for _,password in ipairs(passwords) do
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
50 if password and not check_password(password) then
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
51 origin.send(st.error_reply(stanza, "cancel", "not-acceptable", "Please use a longer password."));
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
52 return true;
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
53 end
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
54 end
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
55 end
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
56 end
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
57
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
58 module:hook("iq/self/jabber:iq:register:query", handler, 10);
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
59 module:hook("iq/host/jabber:iq:register:query", handler, 10);
0649883de4d3 mod_password_policy: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
60 module:hook("stanza/iq/jabber:iq:register:query", handler, 10);