Software /
code /
prosody-modules
Comparison
mod_register_json/mod_register_json.lua @ 430:f0fafd19fd72
mod_register_json: changed pestered code to something less pestered. (added nodeprep)
author | Marco Cirillo <maranda@lightwitch.org> |
---|---|
date | Thu, 15 Sep 2011 21:23:49 +0000 |
parent | 429:ea6641deec12 |
child | 529:84e992f70ba3 |
comparison
equal
deleted
inserted
replaced
429:ea6641deec12 | 430:f0fafd19fd72 |
---|---|
9 local usermanager = require "core.usermanager"; | 9 local usermanager = require "core.usermanager"; |
10 local b64_decode = require "util.encodings".base64.decode; | 10 local b64_decode = require "util.encodings".base64.decode; |
11 local json_decode = require "util.json".decode; | 11 local json_decode = require "util.json".decode; |
12 local httpserver = require "net.httpserver"; | 12 local httpserver = require "net.httpserver"; |
13 local os_time = os.time; | 13 local os_time = os.time; |
14 local nodeprep = require "util.encodings".stringprep.nodeprep; | |
14 | 15 |
15 module.host = "*" -- HTTP/BOSH Servlets need to be global. | 16 module.host = "*" -- HTTP/BOSH Servlets need to be global. |
16 | 17 |
17 -- Pick up configuration. | 18 -- Pick up configuration. |
18 | 19 |
91 ip.time = os_time(); | 92 ip.time = os_time(); |
92 end | 93 end |
93 end | 94 end |
94 | 95 |
95 -- We first check if the supplied username for registration is already there. | 96 -- We first check if the supplied username for registration is already there. |
96 if not usermanager.user_exists(req_body["username"], req_body["host"]) then | 97 -- And nodeprep the username |
97 -- Sanity checks for the username. | 98 local username = nodeprep(req_body["username"]); |
98 if req_body["username"]:find(" ") or req_body["username"]:find("@") or req_body["username"]:find("<") or | 99 if not usermanager.user_exists(username, req_body["host"]) then |
99 req_body["username"]:find(">") or req_body["username"]:find("\"") or req_body["username"]:find("\'") or | 100 if not username then |
100 req_body["username"]:find("/") then | 101 module:log("debug", "%s supplied an username containing invalid characters: %s", user, username); |
101 module:log("debug", "%s supplied an username containing invalid characters: %s", user, req_body["username"]); | |
102 return http_response(406, "Supplied username contains invalid characters, see RFC 6122."); | 102 return http_response(406, "Supplied username contains invalid characters, see RFC 6122."); |
103 else | 103 else |
104 usermanager.create_user(req_body["username"], req_body["password"], req_body["host"]); | 104 usermanager.create_user(username, req_body["password"], req_body["host"]); |
105 module:log("debug", "%s registration data submission for %s is successful", user, req_body["username"]); | 105 module:log("debug", "%s registration data submission for %s is successful", user, username); |
106 return http_response(200, "Done."); | 106 return http_response(200, "Done."); |
107 end | 107 end |
108 else | 108 else |
109 module:log("debug", "%s registration data submission for %s failed (user already exists)", user, req_body["username"]); | 109 module:log("debug", "%s registration data submission for %s failed (user already exists)", user, username); |
110 return http_response(409, "User already exists."); | 110 return http_response(409, "User already exists."); |
111 end | 111 end |
112 end | 112 end |
113 end | 113 end |
114 end | 114 end |