Comparison

mod_auth_sql/mod_auth_sql.lua @ 461:bbea8081c865

Revert various changes accidentally included in previous commit
author Kim Alvefur <zash@zash.se>
date Sat, 29 Oct 2011 13:34:15 +0200
parent 455:52f2188ec47d
child 500:bd08727378be
comparison
equal deleted inserted replaced
460:9bb9343f3c7a 461:bbea8081c865
5 5
6 local log = require "util.logger".init("auth_sql"); 6 local log = require "util.logger".init("auth_sql");
7 local new_sasl = require "util.sasl".new; 7 local new_sasl = require "util.sasl".new;
8 local nodeprep = require "util.encodings".stringprep.nodeprep; 8 local nodeprep = require "util.encodings".stringprep.nodeprep;
9 local DBI = require "DBI" 9 local DBI = require "DBI"
10 local crypt = require "crypt";
11 10
12 local connection; 11 local connection;
13 local params = module:get_option("sql"); 12 local params = module:get_option("sql");
14 local host = module.host;
15 local realm = module:get_option_string("realm", host);
16 local mitm_mode = module:get_option_boolean("mitm_mode");
17 13
18 local resolve_relative_path = require "core.configmanager".resolve_relative_path; 14 local resolve_relative_path = require "core.configmanager".resolve_relative_path;
19 local datamanager = require "util.datamanager";
20 15
21 local function test_connection() 16 local function test_connection()
22 if not connection then return nil; end 17 if not connection then return nil; end
23 if connection:ping() then 18 if connection:ping() then
24 return true; 19 return true;
75 70
76 return stmt; 71 return stmt;
77 end 72 end
78 73
79 local function get_password(username) 74 local function get_password(username)
80 local stmt, err = getsql("SELECT `password` FROM `users` WHERE `email`=?", username .. "@" .. realm); 75 local stmt, err = getsql("SELECT `password` FROM `authreg` WHERE `username`=? AND `realm`=?", username, module.host);
81 if stmt then 76 if stmt then
82 for row in stmt:rows(true) do 77 for row in stmt:rows(true) do
83 return row.password; 78 return row.password;
84 end 79 end
85 end 80 end
86 end 81 end
87 82
83
88 provider = { name = "sql" }; 84 provider = { name = "sql" };
89 85
90 function provider.test_password(username, password) 86 function provider.test_password(username, password)
91 local local_data = datamanager.load(username, realm, "accounts") or {}; 87 return password and get_password(username) == password;
92 if data.password == password then return true end
93 local dirty;
94 local hash = data.crypted_password;
95 if not hash then
96 hash = get_password(username);
97 if hash then
98 data.crypted_password = hash;
99 dirty = true;
100 else
101 return false
102 end
103 end
104 local ok = password and crypt(password, hash) == password;
105 if ok and mitm_mode then
106 local_data.password = password;
107 dirty = true
108 end
109 if dirty then
110 datamanager.store(username, realm, "accounts", local_data);
111 end
112 return ok
113 end 88 end
114 function provider.get_password(username) 89 function provider.get_password(username)
115 return nil, "Getting password is not supported."; 90 return get_password(username);
116 end 91 end
117 function provider.set_password(username, password) 92 function provider.set_password(username, password)
118 return nil, "Setting password is not supported."; 93 return nil, "Setting password is not supported.";
119 end 94 end
120 function provider.user_exists(username) 95 function provider.user_exists(username)
121 return datamanager.load(username, realm, "accounts") or get_password(username) and true; 96 return get_password(username) and true;
122 end 97 end
123 function provider.create_user(username, password) 98 function provider.create_user(username, password)
124 return nil, "Account creation/modification not supported."; 99 return nil, "Account creation/modification not supported.";
125 end 100 end
126 function provider.get_sasl_handler() 101 function provider.get_sasl_handler()
127 local profile = { 102 local profile = {
128 plain_test = function(sasl, username, password, realm) 103 plain = function(sasl, username, realm)
129 local prepped_username = nodeprep(username); 104 local prepped_username = nodeprep(username);
130 if not prepped_username then 105 if not prepped_username then
131 module:log("debug", "NODEprep failed on username: %s", username); 106 module:log("debug", "NODEprep failed on username: %s", username);
132 return nil; 107 return "", nil;
133 end 108 end
134 return provider.test_password(prepped_username, password); 109 local password = get_password(prepped_username);
110 if not password then return "", nil; end
111 return password, true;
135 end 112 end
136 }; 113 };
137 return new_sasl(host, profile); 114 return new_sasl(module.host, profile);
138 end 115 end
139 116
140 module:add_item("auth-provider", provider); 117 module:add_item("auth-provider", provider);