Comparison

mod_register_json/mod_register_json.lua @ 430:f0fafd19fd72

mod_register_json: changed pestered code to something less pestered. (added nodeprep)
author Marco Cirillo <maranda@lightwitch.org>
date Thu, 15 Sep 2011 21:23:49 +0000
parent 429:ea6641deec12
child 529:84e992f70ba3
comparison
equal deleted inserted replaced
429:ea6641deec12 430:f0fafd19fd72
9 local usermanager = require "core.usermanager"; 9 local usermanager = require "core.usermanager";
10 local b64_decode = require "util.encodings".base64.decode; 10 local b64_decode = require "util.encodings".base64.decode;
11 local json_decode = require "util.json".decode; 11 local json_decode = require "util.json".decode;
12 local httpserver = require "net.httpserver"; 12 local httpserver = require "net.httpserver";
13 local os_time = os.time; 13 local os_time = os.time;
14 local nodeprep = require "util.encodings".stringprep.nodeprep;
14 15
15 module.host = "*" -- HTTP/BOSH Servlets need to be global. 16 module.host = "*" -- HTTP/BOSH Servlets need to be global.
16 17
17 -- Pick up configuration. 18 -- Pick up configuration.
18 19
91 ip.time = os_time(); 92 ip.time = os_time();
92 end 93 end
93 end 94 end
94 95
95 -- We first check if the supplied username for registration is already there. 96 -- We first check if the supplied username for registration is already there.
96 if not usermanager.user_exists(req_body["username"], req_body["host"]) then 97 -- And nodeprep the username
97 -- Sanity checks for the username. 98 local username = nodeprep(req_body["username"]);
98 if req_body["username"]:find(" ") or req_body["username"]:find("@") or req_body["username"]:find("<") or 99 if not usermanager.user_exists(username, req_body["host"]) then
99 req_body["username"]:find(">") or req_body["username"]:find("\"") or req_body["username"]:find("\'") or 100 if not username then
100 req_body["username"]:find("/") then 101 module:log("debug", "%s supplied an username containing invalid characters: %s", user, username);
101 module:log("debug", "%s supplied an username containing invalid characters: %s", user, req_body["username"]);
102 return http_response(406, "Supplied username contains invalid characters, see RFC 6122."); 102 return http_response(406, "Supplied username contains invalid characters, see RFC 6122.");
103 else 103 else
104 usermanager.create_user(req_body["username"], req_body["password"], req_body["host"]); 104 usermanager.create_user(username, req_body["password"], req_body["host"]);
105 module:log("debug", "%s registration data submission for %s is successful", user, req_body["username"]); 105 module:log("debug", "%s registration data submission for %s is successful", user, username);
106 return http_response(200, "Done."); 106 return http_response(200, "Done.");
107 end 107 end
108 else 108 else
109 module:log("debug", "%s registration data submission for %s failed (user already exists)", user, req_body["username"]); 109 module:log("debug", "%s registration data submission for %s failed (user already exists)", user, username);
110 return http_response(409, "User already exists."); 110 return http_response(409, "User already exists.");
111 end 111 end
112 end 112 end
113 end 113 end
114 end 114 end