Software /
code /
prosody-modules
Comparison
mod_adhoc_account_management/mod_adhoc_account_management.lua @ 1090:1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 28 Jun 2013 03:22:48 +0200 |
child | 3416:c6dd65354db0 |
comparison
equal
deleted
inserted
replaced
1089:4057f176be7b | 1090:1aa48916eb8b |
---|---|
1 local dataforms_new = require "util.dataforms".new; | |
2 local usermanager_set_password = require "core.usermanager".set_password; | |
3 local usermanager_test_password = require "core.usermanager".test_password; | |
4 local jid_split = require"util.jid".split; | |
5 local close_others = module:get_option_boolean("close_sessions_on_password_change", true) | |
6 local require_confirm = module:get_option_boolean("require_confirm_password", true) | |
7 local require_current = module:get_option_boolean("require_current_password", true) | |
8 | |
9 local change_password_layout = { | |
10 title = "Changing Your Password"; | |
11 instructions = "Fill out this form to change a your password."; | |
12 | |
13 { | |
14 -- This is meta | |
15 name = "FORM_TYPE", | |
16 type = "hidden", | |
17 -- Reuses form type from XEP 77 | |
18 value = "jabber:iq:register:changepassword", | |
19 }; | |
20 { | |
21 name = "password", | |
22 type = "text-private", | |
23 required = true, | |
24 label = "New Password", | |
25 }; | |
26 }; | |
27 if require_confirm then | |
28 table.insert(change_password_layout, { | |
29 name = "password-confirm", | |
30 type = "text-private", | |
31 required = true, | |
32 label = "Confirm new password", | |
33 }); | |
34 end | |
35 if require_current then | |
36 table.insert(change_password_layout, 2, { | |
37 name = "password-current", | |
38 type = "text-private", | |
39 required = true, | |
40 label = "Current password", | |
41 }); | |
42 end | |
43 change_password_layout = dataforms_new(change_password_layout); | |
44 | |
45 function change_password_command_handler(self, data, state) | |
46 if not state then -- New session, send the form | |
47 return { status = "executing", actions = { "complete" }, form = change_password_layout }, true; | |
48 else | |
49 if data.action == "cancel" then | |
50 return { status = "canceled" }; | |
51 end | |
52 | |
53 -- Who are we talking to? | |
54 local username, hostname = jid_split(data.from); | |
55 if not username or hostname ~= module.host then | |
56 return { status = "error", error = { type = "cancel", | |
57 condition = "forbidden", message = "Invalid user or hostname." } }; | |
58 end | |
59 | |
60 -- Extract data from the form | |
61 local fields = change_password_layout:data(data.form); | |
62 | |
63 -- Validate | |
64 if require_current then | |
65 if not fields["password-current"] or #fields["password-current"] == 0 then | |
66 return { status = "error", error = { type = "modify", | |
67 condition = "bad-request", message = "Please enter your current password" } }; | |
68 elseif not usermanager_test_password(username, hostname, fields["password-current"]) then | |
69 return { status = "error", error = { type = "modify", | |
70 condition = "bad-request", message = "Your current password was incorrect" } }; | |
71 end | |
72 end | |
73 | |
74 if require_confirm and fields["password-confirm"] ~= fields["password"] then | |
75 return { status = "error", error = { type = "modify", | |
76 condition = "bad-request", message = "New password didn't match the confirmation" } }; | |
77 end | |
78 | |
79 if not fields.password or #fields.password == 0 then | |
80 return { status = "error", error = { type = "modify", | |
81 condition = "bad-request", message = "Please enter a new password" } }; | |
82 end | |
83 | |
84 -- All is good, so change password. | |
85 module:log("debug", "About to usermanager.set_password(%q, password, %q)", username, hostname); | |
86 local ok, err = usermanager_set_password(username, fields.password, hostname); | |
87 if ok then | |
88 if close_others then | |
89 for _, sess in pairs(hosts[hostname].sessions[username].sessions) do | |
90 if sess.full_jid ~= data.from then | |
91 sess:close{ condition = "reset", text = "Password changed" } | |
92 end | |
93 end | |
94 end | |
95 return { status = "completed", info = "Password successfully changed" }; | |
96 else | |
97 module:log("warn", "%s@%s could not change password: %s", username, hostname, tostring(err)); | |
98 return { status = "error", error = { type = "cancel", | |
99 condition = "internal-server-error", message = "Could not save new password: "..tostring(err) } }; | |
100 end | |
101 end | |
102 end | |
103 | |
104 -- Feature requests? What could fit under account management? | |
105 | |
106 | |
107 local adhoc_new = module:require "adhoc".new; | |
108 local adhoc_passwd = adhoc_new("Change Password", "passwd", change_password_command_handler, "user"); | |
109 module:add_item ("adhoc", adhoc_passwd); |