Software /
code /
prosody-modules
Comparison
mod_auth_token/mod_auth_token.lua @ 2956:d0ca211e1b0e
New HMAC token authentication module for Prosody.
author | JC Brand <jc@opkode.com> |
---|---|
date | Tue, 27 Mar 2018 10:48:04 +0200 |
child | 3693:0fb12a4b6106 |
comparison
equal
deleted
inserted
replaced
2938:f000ba14d531 | 2956:d0ca211e1b0e |
---|---|
1 -- Copyright (C) 2018 Minddistrict | |
2 -- | |
3 -- This file is MIT/X11 licensed. | |
4 -- | |
5 | |
6 local host = module.host; | |
7 local log = module._log; | |
8 local new_sasl = require "util.sasl".new; | |
9 local verify_token = module:require "token_auth_utils".verify_token; | |
10 | |
11 local provider = {}; | |
12 | |
13 | |
14 function provider.test_password(username, password, realm) | |
15 log("debug", "Testing signed OTP for user %s at host %s", username, host); | |
16 return verify_token( | |
17 username, | |
18 password, | |
19 realm, | |
20 module:get_option_string("otp_seed"), | |
21 module:get_option_string("token_secret"), | |
22 log | |
23 ); | |
24 end | |
25 | |
26 function provider.users() | |
27 return function() | |
28 return nil; | |
29 end | |
30 end | |
31 | |
32 function provider.set_password(username, password) | |
33 return nil, "Changing passwords not supported"; | |
34 end | |
35 | |
36 function provider.user_exists(username) | |
37 return true; | |
38 end | |
39 | |
40 function provider.create_user(username, password) | |
41 return nil, "User creation not supported"; | |
42 end | |
43 | |
44 function provider.delete_user(username) | |
45 return nil , "User deletion not supported"; | |
46 end | |
47 | |
48 function provider.get_sasl_handler() | |
49 local supported_mechanisms = {}; | |
50 supported_mechanisms["X-TOKEN"] = true; | |
51 return new_sasl(host, { | |
52 token = function(sasl, username, password, realm) | |
53 return provider.test_password(username, password, realm), true; | |
54 end, | |
55 mechanisms = supported_mechanisms | |
56 }); | |
57 end | |
58 | |
59 module:provides("auth", provider); |