Software /
code /
prosody-modules
Comparison
mod_auth_sql/mod_auth_sql.lua @ 461:bbea8081c865
Revert various changes accidentally included in previous commit
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 29 Oct 2011 13:34:15 +0200 |
parent | 455:52f2188ec47d |
child | 500:bd08727378be |
comparison
equal
deleted
inserted
replaced
460:9bb9343f3c7a | 461:bbea8081c865 |
---|---|
5 | 5 |
6 local log = require "util.logger".init("auth_sql"); | 6 local log = require "util.logger".init("auth_sql"); |
7 local new_sasl = require "util.sasl".new; | 7 local new_sasl = require "util.sasl".new; |
8 local nodeprep = require "util.encodings".stringprep.nodeprep; | 8 local nodeprep = require "util.encodings".stringprep.nodeprep; |
9 local DBI = require "DBI" | 9 local DBI = require "DBI" |
10 local crypt = require "crypt"; | |
11 | 10 |
12 local connection; | 11 local connection; |
13 local params = module:get_option("sql"); | 12 local params = module:get_option("sql"); |
14 local host = module.host; | |
15 local realm = module:get_option_string("realm", host); | |
16 local mitm_mode = module:get_option_boolean("mitm_mode"); | |
17 | 13 |
18 local resolve_relative_path = require "core.configmanager".resolve_relative_path; | 14 local resolve_relative_path = require "core.configmanager".resolve_relative_path; |
19 local datamanager = require "util.datamanager"; | |
20 | 15 |
21 local function test_connection() | 16 local function test_connection() |
22 if not connection then return nil; end | 17 if not connection then return nil; end |
23 if connection:ping() then | 18 if connection:ping() then |
24 return true; | 19 return true; |
75 | 70 |
76 return stmt; | 71 return stmt; |
77 end | 72 end |
78 | 73 |
79 local function get_password(username) | 74 local function get_password(username) |
80 local stmt, err = getsql("SELECT `password` FROM `users` WHERE `email`=?", username .. "@" .. realm); | 75 local stmt, err = getsql("SELECT `password` FROM `authreg` WHERE `username`=? AND `realm`=?", username, module.host); |
81 if stmt then | 76 if stmt then |
82 for row in stmt:rows(true) do | 77 for row in stmt:rows(true) do |
83 return row.password; | 78 return row.password; |
84 end | 79 end |
85 end | 80 end |
86 end | 81 end |
87 | 82 |
83 | |
88 provider = { name = "sql" }; | 84 provider = { name = "sql" }; |
89 | 85 |
90 function provider.test_password(username, password) | 86 function provider.test_password(username, password) |
91 local local_data = datamanager.load(username, realm, "accounts") or {}; | 87 return password and get_password(username) == password; |
92 if data.password == password then return true end | |
93 local dirty; | |
94 local hash = data.crypted_password; | |
95 if not hash then | |
96 hash = get_password(username); | |
97 if hash then | |
98 data.crypted_password = hash; | |
99 dirty = true; | |
100 else | |
101 return false | |
102 end | |
103 end | |
104 local ok = password and crypt(password, hash) == password; | |
105 if ok and mitm_mode then | |
106 local_data.password = password; | |
107 dirty = true | |
108 end | |
109 if dirty then | |
110 datamanager.store(username, realm, "accounts", local_data); | |
111 end | |
112 return ok | |
113 end | 88 end |
114 function provider.get_password(username) | 89 function provider.get_password(username) |
115 return nil, "Getting password is not supported."; | 90 return get_password(username); |
116 end | 91 end |
117 function provider.set_password(username, password) | 92 function provider.set_password(username, password) |
118 return nil, "Setting password is not supported."; | 93 return nil, "Setting password is not supported."; |
119 end | 94 end |
120 function provider.user_exists(username) | 95 function provider.user_exists(username) |
121 return datamanager.load(username, realm, "accounts") or get_password(username) and true; | 96 return get_password(username) and true; |
122 end | 97 end |
123 function provider.create_user(username, password) | 98 function provider.create_user(username, password) |
124 return nil, "Account creation/modification not supported."; | 99 return nil, "Account creation/modification not supported."; |
125 end | 100 end |
126 function provider.get_sasl_handler() | 101 function provider.get_sasl_handler() |
127 local profile = { | 102 local profile = { |
128 plain_test = function(sasl, username, password, realm) | 103 plain = function(sasl, username, realm) |
129 local prepped_username = nodeprep(username); | 104 local prepped_username = nodeprep(username); |
130 if not prepped_username then | 105 if not prepped_username then |
131 module:log("debug", "NODEprep failed on username: %s", username); | 106 module:log("debug", "NODEprep failed on username: %s", username); |
132 return nil; | 107 return "", nil; |
133 end | 108 end |
134 return provider.test_password(prepped_username, password); | 109 local password = get_password(prepped_username); |
110 if not password then return "", nil; end | |
111 return password, true; | |
135 end | 112 end |
136 }; | 113 }; |
137 return new_sasl(host, profile); | 114 return new_sasl(module.host, profile); |
138 end | 115 end |
139 | 116 |
140 module:add_item("auth-provider", provider); | 117 module:add_item("auth-provider", provider); |