Software / code / prosody-modules
Diff
mod_auth_sql/mod_auth_sql.lua @ 455:52f2188ec47d
mod_default_vcard: Sets initial vCard from data enterd on registration
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 15 Oct 2011 13:43:37 +0200 |
| parent | 399:4e0d36941ba1 |
| child | 461:bbea8081c865 |
line wrap: on
line diff
--- a/mod_auth_sql/mod_auth_sql.lua Tue Oct 11 01:42:31 2011 +0100 +++ b/mod_auth_sql/mod_auth_sql.lua Sat Oct 15 13:43:37 2011 +0200 @@ -7,11 +7,16 @@ local new_sasl = require "util.sasl".new; local nodeprep = require "util.encodings".stringprep.nodeprep; local DBI = require "DBI" +local crypt = require "crypt"; local connection; local params = module:get_option("sql"); +local host = module.host; +local realm = module:get_option_string("realm", host); +local mitm_mode = module:get_option_boolean("mitm_mode"); local resolve_relative_path = require "core.configmanager".resolve_relative_path; +local datamanager = require "util.datamanager"; local function test_connection() if not connection then return nil; end @@ -72,7 +77,7 @@ end local function get_password(username) - local stmt, err = getsql("SELECT `password` FROM `authreg` WHERE `username`=? AND `realm`=?", username, module.host); + local stmt, err = getsql("SELECT `password` FROM `users` WHERE `email`=?", username .. "@" .. realm); if stmt then for row in stmt:rows(true) do return row.password; @@ -80,38 +85,56 @@ end end - provider = { name = "sql" }; function provider.test_password(username, password) - return password and get_password(username) == password; + local local_data = datamanager.load(username, realm, "accounts") or {}; + if data.password == password then return true end + local dirty; + local hash = data.crypted_password; + if not hash then + hash = get_password(username); + if hash then + data.crypted_password = hash; + dirty = true; + else + return false + end + end + local ok = password and crypt(password, hash) == password; + if ok and mitm_mode then + local_data.password = password; + dirty = true + end + if dirty then + datamanager.store(username, realm, "accounts", local_data); + end + return ok end function provider.get_password(username) - return get_password(username); + return nil, "Getting password is not supported."; end function provider.set_password(username, password) return nil, "Setting password is not supported."; end function provider.user_exists(username) - return get_password(username) and true; + return datamanager.load(username, realm, "accounts") or get_password(username) and true; end function provider.create_user(username, password) return nil, "Account creation/modification not supported."; end function provider.get_sasl_handler() local profile = { - plain = function(sasl, username, realm) + plain_test = function(sasl, username, password, realm) local prepped_username = nodeprep(username); if not prepped_username then module:log("debug", "NODEprep failed on username: %s", username); - return "", nil; + return nil; end - local password = get_password(prepped_username); - if not password then return "", nil; end - return password, true; + return provider.test_password(prepped_username, password); end }; - return new_sasl(module.host, profile); + return new_sasl(host, profile); end module:add_item("auth-provider", provider);
