Comparison

mod_register_json/mod_register_json.lua @ 529:84e992f70ba3

mod_register_json: stick to one code "punctuation" style.
author Marco Cirillo <maranda@lightwitch.org>
date Sat, 07 Jan 2012 18:11:03 +0000
parent 430:f0fafd19fd72
child 536:09280dd0b22e
comparison
equal deleted inserted replaced
528:1737c08fde30 529:84e992f70ba3
2 -- via JSON. 2 -- via JSON.
3 -- 3 --
4 -- A Good chunk of the code is from mod_data_access.lua by Kim Alvefur 4 -- A Good chunk of the code is from mod_data_access.lua by Kim Alvefur
5 -- aka Zash. 5 -- aka Zash.
6 6
7 local jid_prep = require "util.jid".prep; 7 local jid_prep = require "util.jid".prep
8 local jid_split = require "util.jid".split; 8 local jid_split = require "util.jid".split
9 local usermanager = require "core.usermanager"; 9 local usermanager = require "core.usermanager"
10 local b64_decode = require "util.encodings".base64.decode; 10 local b64_decode = require "util.encodings".base64.decode
11 local json_decode = require "util.json".decode; 11 local json_decode = require "util.json".decode
12 local httpserver = require "net.httpserver"; 12 local httpserver = require "net.httpserver"
13 local os_time = os.time; 13 local os_time = os.time
14 local nodeprep = require "util.encodings".stringprep.nodeprep; 14 local nodeprep = require "util.encodings".stringprep.nodeprep
15 15
16 module.host = "*" -- HTTP/BOSH Servlets need to be global. 16 module.host = "*" -- HTTP/BOSH Servlets need to be global.
17 17
18 -- Pick up configuration. 18 -- Pick up configuration.
19 19
20 local set_realm_name = module:get_option("reg_servlet_realm") or "Restricted"; 20 local set_realm_name = module:get_option("reg_servlet_realm") or "Restricted"
21 local throttle_time = module:get_option("reg_servlet_ttime") or false; 21 local throttle_time = module:get_option("reg_servlet_ttime") or false
22 local whitelist = module:get_option("reg_servlet_wl") or {}; 22 local whitelist = module:get_option("reg_servlet_wl") or {}
23 local blacklist = module:get_option("reg_servlet_bl") or {}; 23 local blacklist = module:get_option("reg_servlet_bl") or {}
24 local recent_ips = {}; 24 local recent_ips = {}
25 25
26 -- Begin 26 -- Begin
27 27
28 for _, ip in ipairs(whitelist) do whitelisted_ips[ip] = true; end 28 for _, ip in ipairs(whitelist) do whitelisted_ips[ip] = true end
29 for _, ip in ipairs(blacklist) do blacklisted_ips[ip] = true; end 29 for _, ip in ipairs(blacklist) do blacklisted_ips[ip] = true end
30 30
31 local function http_response(code, message, extra_headers) 31 local function http_response(code, message, extra_headers)
32 local response = { 32 local response = {
33 status = code .. " " .. message; 33 status = code .. " " .. message,
34 body = message .. "\n"; } 34 body = message .. "\n" }
35 if extra_headers then response.headers = extra_headers; end 35 if extra_headers then response.headers = extra_headers end
36 return response 36 return response
37 end 37 end
38 38
39 local function handle_req(method, body, request) 39 local function handle_req(method, body, request)
40 if request.method ~= "POST" then 40 if request.method ~= "POST" then
41 return http_response(405, "Bad method...", {["Allow"] = "POST"}); 41 return http_response(405, "Bad method...", {["Allow"] = "POST"})
42 end 42 end
43 if not request.headers["authorization"] then 43 if not request.headers["authorization"] then
44 return http_response(401, "No... No...", 44 return http_response(401, "No... No...", {["WWW-Authenticate"]='Basic realm="'.. set_realm_name ..'"'})
45 {["WWW-Authenticate"]='Basic realm="'.. set_realm_name ..'"'})
46 end 45 end
47 46
48 local user, password = b64_decode(request.headers.authorization 47 local user, password = b64_decode(request.headers.authorization:match("[^ ]*$") or ""):match("([^:]*):(.*)")
49 :match("[^ ]*$") or ""):match("([^:]*):(.*)"); 48 user = jid_prep(user)
50 user = jid_prep(user); 49 if not user or not password then return http_response(400, "What's this..?") end
51 if not user or not password then return http_response(400, "What's this..?"); end
52 local user_node, user_host = jid_split(user) 50 local user_node, user_host = jid_split(user)
53 if not hosts[user_host] then return http_response(401, "Negative."); end 51 if not hosts[user_host] then return http_response(401, "Negative.") end
54 52
55 module:log("warn", "%s is authing to submit a new user registration data", user) 53 module:log("warn", "%s is authing to submit a new user registration data", user)
56 if not usermanager.test_password(user_node, user_host, password) then 54 if not usermanager.test_password(user_node, user_host, password) then
57 module:log("warn", "%s failed authentication", user) 55 module:log("warn", "%s failed authentication", user)
58 return http_response(401, "Who the hell are you?! Guards!"); 56 return http_response(401, "Who the hell are you?! Guards!")
59 end 57 end
60 58
61 local req_body; 59 local req_body
62 -- We check that what we have is valid JSON wise else we throw an error... 60 -- We check that what we have is valid JSON wise else we throw an error...
63 if not pcall(function() req_body = json_decode(body) end) then 61 if not pcall(function() req_body = json_decode(body) end) then
64 module:log("debug", "JSON data submitted for user registration by %s failed to Decode.", user); 62 module:log("debug", "JSON data submitted for user registration by %s failed to Decode.", user)
65 return http_response(400, "JSON Decoding failed."); 63 return http_response(400, "JSON Decoding failed.")
66 else 64 else
67 -- Decode JSON data and check that all bits are there else throw an error 65 -- Decode JSON data and check that all bits are there else throw an error
68 req_body = json_decode(body); 66 req_body = json_decode(body)
69 if req_body["username"] == nil or req_body["password"] == nil or req_body["host"] == nil or req_body["ip"] == nil then 67 if req_body["username"] == nil or req_body["password"] == nil or req_body["host"] == nil or req_body["ip"] == nil then
70 module:log("debug", "%s supplied an insufficent number of elements or wrong elements for the JSON registration", user); 68 module:log("debug", "%s supplied an insufficent number of elements or wrong elements for the JSON registration", user)
71 return http_response(400, "Invalid syntax."); 69 return http_response(400, "Invalid syntax.")
72 end 70 end
73 -- Check if user is an admin of said host 71 -- Check if user is an admin of said host
74 if not usermanager.is_admin(user, req_body["host"]) then 72 if not usermanager.is_admin(user, req_body["host"]) then
75 module:log("warn", "%s tried to submit registration data for %s but he's not an admin", user, req_body["host"]); 73 module:log("warn", "%s tried to submit registration data for %s but he's not an admin", user, req_body["host"])
76 return http_response(401, "I obey only to my masters... Have a nice day."); 74 return http_response(401, "I obey only to my masters... Have a nice day.")
77 else 75 else
78 -- Checks for both Throttling/Whitelist and Blacklist (basically copycatted from prosody's register.lua code) 76 -- Checks for both Throttling/Whitelist and Blacklist (basically copycatted from prosody's register.lua code)
79 if blacklist[req_body["ip"]] then module:log("warn", "Attempt of reg. submission to the JSON servlet from blacklisted address: %s", req_body["ip"]); return http_response(403, "The specified address is blacklisted, sorry sorry."); end 77 if blacklist[req_body["ip"]] then module:log("warn", "Attempt of reg. submission to the JSON servlet from blacklisted address: %s", req_body["ip"]) ; return http_response(403, "The specified address is blacklisted, sorry sorry.") end
80 if throttle_time and not whitelist[req_body["ip"]] then 78 if throttle_time and not whitelist[req_body["ip"]] then
81 if not recent_ips[req_body["ip"]] then 79 if not recent_ips[req_body["ip"]] then
82 recent_ips[req_body["ip"]] = { time = os_time(), count = 1 }; 80 recent_ips[req_body["ip"]] = { time = os_time(), count = 1 }
83 else 81 else
84 local ip = recent_ips[req_body["ip"]]; 82 local ip = recent_ips[req_body["ip"]]
85 ip.count = ip.count + 1; 83 ip.count = ip.count + 1
86 84
87 if os_time() - ip.time < throttle_time then 85 if os_time() - ip.time < throttle_time then
88 ip.time = os_time(); 86 ip.time = os_time()
89 module:log("warn", "JSON Registration request from %s has been throttled.", req_body["ip"]); 87 module:log("warn", "JSON Registration request from %s has been throttled.", req_body["ip"])
90 return http_response(503, "Woah... How many users you want to register..? Request throttled, wait a bit and try again."); 88 return http_response(503, "Woah... How many users you want to register..? Request throttled, wait a bit and try again.")
91 end 89 end
92 ip.time = os_time(); 90 ip.time = os_time()
93 end 91 end
94 end 92 end
95 93
96 -- We first check if the supplied username for registration is already there. 94 -- We first check if the supplied username for registration is already there.
97 -- And nodeprep the username 95 -- And nodeprep the username
98 local username = nodeprep(req_body["username"]); 96 local username = nodeprep(req_body["username"])
99 if not usermanager.user_exists(username, req_body["host"]) then 97 if not usermanager.user_exists(username, req_body["host"]) then
100 if not username then 98 if not username then
101 module:log("debug", "%s supplied an username containing invalid characters: %s", user, username); 99 module:log("debug", "%s supplied an username containing invalid characters: %s", user, username)
102 return http_response(406, "Supplied username contains invalid characters, see RFC 6122."); 100 return http_response(406, "Supplied username contains invalid characters, see RFC 6122.")
103 else 101 else
104 usermanager.create_user(username, req_body["password"], req_body["host"]); 102 usermanager.create_user(username, req_body["password"], req_body["host"])
105 module:log("debug", "%s registration data submission for %s is successful", user, username); 103 module:log("debug", "%s registration data submission for %s is successful", user, username)
106 return http_response(200, "Done."); 104 return http_response(200, "Done.")
107 end 105 end
108 else 106 else
109 module:log("debug", "%s registration data submission for %s failed (user already exists)", user, username); 107 module:log("debug", "%s registration data submission for %s failed (user already exists)", user, username)
110 return http_response(409, "User already exists."); 108 return http_response(409, "User already exists.")
111 end 109 end
112 end 110 end
113 end 111 end
114 end 112 end
115 113
116 -- Set it up! 114 -- Set it up!
117 local function setup() 115 local function setup()
118 local ports = module:get_option("reg_servlet_ports") or { 9280 }; 116 local ports = module:get_option("reg_servlet_ports") or { 9280 }
119 local port_number, base_name, ssl_table; 117 local port_number, base_name, ssl_table
120 for _, opts in ipairs(ports) do 118 for _, opts in ipairs(ports) do
121 if type(opts) == "number" then 119 if type(opts) == "number" then
122 port_number, base_name = opts, "register_account"; 120 port_number, base_name = opts, "register_account"
123 elseif type(opts) == "table" then 121 elseif type(opts) == "table" then
124 port_number, base_name, ssl_table = opts.port or 9280, opts.path or "register_account", opts.ssl or nil; 122 port_number, base_name, ssl_table = opts.port or 9280, opts.path or "register_account", opts.ssl or nil
125 elseif type(opts) == "string" then 123 elseif type(opts) == "string" then
126 base_name, port_number = opts, 9280; 124 base_name, port_number = opts, 9280
127 end 125 end
128 end 126 end
129 127
130 if ssl_table == nil then 128 if ssl_table == nil then
131 ports = { { port = port_number } }; 129 ports = { { port = port_number } }
132 httpserver.new_from_config(ports, handle_req, { base = base_name }); 130 httpserver.new_from_config(ports, handle_req, { base = base_name })
133 else 131 else
134 if port_number == 9280 then port_number = 9443; end 132 if port_number == 9280 then port_number = 9443 end
135 ports = { { port = port_number, ssl = ssl_table } }; 133 ports = { { port = port_number, ssl = ssl_table } }
136 httpserver.new_from_config(ports, handle_req, { base = base_name }); 134 httpserver.new_from_config(ports, handle_req, { base = base_name })
137 end 135 end
138 end 136 end
139 137
140 if prosody.start_time then -- already started 138 if prosody.start_time then -- already started
141 setup(); 139 setup()
142 else 140 else
143 prosody.events.add_handler("server-started", setup); 141 prosody.events.add_handler("server-started", setup)
144 end 142 end