prosody-modules
295c30e44ba8
mod_auth_http_async/mod_auth_http_async.lua
Software / code / prosody-modules
Comparison
mod_auth_http_async/mod_auth_http_async.lua @ 1421:295c30e44ba8
mod_auth_http_async: Async HTTP auth module
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 29 May 2014 17:46:42 +0200 |
| child | 1749:39a0a35f02bc |
comparison
equal
deleted
inserted
replaced
| 1420:808950ab007b | 1421:295c30e44ba8 |
|---|---|
| 1 -- Prosody IM | |
| 2 -- Copyright (C) 2008-2013 Matthew Wild | |
| 3 -- Copyright (C) 2008-2013 Waqas Hussain | |
| 4 -- Copyright (C) 2014 Kim Alvefur | |
| 5 -- | |
| 6 -- This project is MIT/X11 licensed. Please see the | |
| 7 -- COPYING file in the source package for more information. | |
| 8 -- | |
| 9 | |
| 10 local usermanager = require "core.usermanager"; | |
| 11 local new_sasl = require "util.sasl".new; | |
| 12 local base64 = require "util.encodings".base64.encode; | |
| 13 local waiter =require "util.async".waiter; | |
| 14 local http = require "net.http"; | |
| 15 | |
| 16 local log = module._log; | |
| 17 local host = module.host; | |
| 18 | |
| 19 local api_base = module:get_option_string("http_auth_url", ""):gsub("$host", host); | |
| 20 if api_base == "" then error("http_auth_url required") end | |
| 21 | |
| 22 local provider = {}; | |
| 23 | |
| 24 function provider.test_password(username, password) | |
| 25 log("debug", "test password for user %s at host %s", username, host); | |
| 26 | |
| 27 local wait, done = waiter(); | |
| 28 | |
| 29 local code = -1; | |
| 30 http.request(api_base:gsub("$user", username), { | |
| 31 headers = { | |
| 32 Authorization = "Basic "..base64(username..":"..password); | |
| 33 }; | |
| 34 }, | |
| 35 function(body, _code) | |
| 36 code = _code; | |
| 37 done(); | |
| 38 end); | |
| 39 | |
| 40 wait(); | |
| 41 | |
| 42 if code >= 200 and code <= 299 then | |
| 43 return true; | |
| 44 else | |
| 45 module:log("debug", "HTTP auth provider returned status code %d", code); | |
| 46 return nil, "Auth failed. Invalid username or password."; | |
| 47 end | |
| 48 end | |
| 49 | |
| 50 function provider.set_password(username, password) | |
| 51 return nil, "Changing passwords not supported"; | |
| 52 end | |
| 53 | |
| 54 function provider.user_exists(username) | |
| 55 return true; | |
| 56 end | |
| 57 | |
| 58 function provider.create_user(username, password) | |
| 59 return nil, "User creation not supported"; | |
| 60 end | |
| 61 | |
| 62 function provider.delete_user(username) | |
| 63 return nil , "User deletion not supported"; | |
| 64 end | |
| 65 | |
| 66 function provider.get_sasl_handler() | |
| 67 return new_sasl(host, { | |
| 68 plain_test = function(sasl, username, password, realm) | |
| 69 return usermanager.test_password(username, realm, password), true; | |
| 70 end | |
| 71 }); | |
| 72 end | |
| 73 | |
| 74 module:provides("auth", provider); | |
| 75 |
