Software /
code /
prosody-modules
Annotate
mod_register_web/mod_register_web.lua @ 1204:fc42f8484451
mod_s2s_keysize_policy: Add note about required LuaSec patch
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 29 Sep 2013 19:11:29 +0200 |
parent | 791:b9d149936764 |
child | 1223:6617f5f79d68 |
rev | line source |
---|---|
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 local captcha_options = module:get_option("captcha_options", {}); |
746
03595194075a
mod_register_web: nodeprep username before creating user (thanks IRON)
Matthew Wild <mwild1@gmail.com>
parents:
653
diff
changeset
|
2 local nodeprep = require "util.encodings".stringprep.nodeprep; |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 function generate_captcha(display_options) |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 return (([[ |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 <script type="text/javascript" |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 src="http://www.google.com/recaptcha/api/challenge?k=$$recaptcha_public_key$$"> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 </script> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 <noscript> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 <iframe src="http://www.google.com/recaptcha/api/noscript?k=$$recaptcha_public_key$$$$recaptcha_display_error$$" |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 height="300" width="500" frameborder="0"></iframe><br> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 <textarea name="recaptcha_challenge_field" rows="3" cols="40"> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 </textarea> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 <input type="hidden" name="recaptcha_response_field" |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 value="manual_challenge"> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 </noscript> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 ]]):gsub("$$([^$]+)$%$", setmetatable({ |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 recaptcha_display_error = display_options and display_options.recaptcha_error |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 and ("&error="..display_options.recaptcha_error) or ""; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 }, { |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 __index = function (t, k) |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 if captcha_options[k] then return captcha_options[k]; end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 module:log("error", "Missing parameter from captcha_options: %s", k); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 end }) |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 )); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 function generate_page(event, display_options) |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 local request = event.request; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 return [[<!DOCTYPE html> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 <html><body> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 <h1>XMPP Account Registration</h1> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 <form action="]]..request.path..[[" method="POST">]] |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 ..("<p>%s</p>\n"):format((display_options or {}).register_error or "").. |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 [[ <table> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 <tr> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
37 <td>Username:</td> |
791
b9d149936764
mod_register_web: Show actual hostname in registration form
Kim Alvefur <zash@zash.se>
parents:
746
diff
changeset
|
38 <td><input type="text" name="username">@]]..module.host..[[</td> |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
39 </tr> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
40 <tr> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
41 <td>Password:</td> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 <td><input type="password" name="password"></td> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 </tr> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 <tr> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 <td colspan='2'>]]..generate_captcha(display_options)..[[</td> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 </tr> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 </table> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
48 <input type="submit" value="Register!"> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 </form> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
50 </body></html>]]; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
51 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
53 function register_user(form) |
746
03595194075a
mod_register_web: nodeprep username before creating user (thanks IRON)
Matthew Wild <mwild1@gmail.com>
parents:
653
diff
changeset
|
54 local prepped_username = nodeprep(form.username); |
03595194075a
mod_register_web: nodeprep username before creating user (thanks IRON)
Matthew Wild <mwild1@gmail.com>
parents:
653
diff
changeset
|
55 if usermanager.user_exists(prepped_username, module.host) then |
03595194075a
mod_register_web: nodeprep username before creating user (thanks IRON)
Matthew Wild <mwild1@gmail.com>
parents:
653
diff
changeset
|
56 return nil, "user-exists"; |
03595194075a
mod_register_web: nodeprep username before creating user (thanks IRON)
Matthew Wild <mwild1@gmail.com>
parents:
653
diff
changeset
|
57 end |
03595194075a
mod_register_web: nodeprep username before creating user (thanks IRON)
Matthew Wild <mwild1@gmail.com>
parents:
653
diff
changeset
|
58 return usermanager.create_user(prepped_username, form.password, module.host); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
59 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
60 |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
61 function generate_success(event, form) |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
62 return [[<!DOCTYPE html> |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
63 <html><body><p>Registration succeeded! Your account is <pre>]] |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
64 ..form.username.."@"..module.host.. |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
65 [[</pre> - happy chatting!</p></body></html>]]; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
66 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
67 |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
68 function generate_register_response(event, form, ok, err) |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
69 local message; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
70 if ok then |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
71 return generate_success(event, form); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
72 else |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
73 return generate_page(event, { register_error = err }); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
74 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
75 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
76 |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
77 function handle_form(event) |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
78 local request, response = event.request, event.response; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
79 local form = http.formdecode(request.body); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
80 http.request("http://www.google.com/recaptcha/api/verify", { |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
81 body = http.formencode { |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
82 privatekey = captcha_options.recaptcha_private_key; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
83 remoteip = request.conn:ip(); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
84 challenge = form.recaptcha_challenge_field; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
85 response = form.recaptcha_response_field; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
86 }; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
87 }, function (verify_result, code) |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
88 local verify_ok, verify_err = verify_result:match("^([^\n]+)\n([^\n]+)"); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
89 if verify_ok == "true" then |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
90 local register_ok, register_err = register_user(form); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
91 response:send(generate_register_response(event, form, register_ok, register_err)); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
92 else |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
93 response:send(generate_page(event, { register_error = verify_err })); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
94 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
95 end); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
96 return true; -- Leave connection open until we respond above |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
97 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
98 |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
99 module:provides("http", { |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
100 route = { |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
101 GET = generate_page; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
102 POST = handle_form; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
103 }; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
104 }); |