Diff

mod_auth_sql/mod_auth_sql.lua @ 461:bbea8081c865

Revert various changes accidentally included in previous commit
author Kim Alvefur <zash@zash.se>
date Sat, 29 Oct 2011 13:34:15 +0200
parent 455:52f2188ec47d
child 500:bd08727378be
line wrap: on
line diff
--- a/mod_auth_sql/mod_auth_sql.lua	Mon Oct 24 00:20:51 2011 +0000
+++ b/mod_auth_sql/mod_auth_sql.lua	Sat Oct 29 13:34:15 2011 +0200
@@ -7,16 +7,11 @@
 local new_sasl = require "util.sasl".new;
 local nodeprep = require "util.encodings".stringprep.nodeprep;
 local DBI = require "DBI"
-local crypt = require "crypt";
 
 local connection;
 local params = module:get_option("sql");
-local host = module.host;
-local realm = module:get_option_string("realm", host);
-local mitm_mode = module:get_option_boolean("mitm_mode");
 
 local resolve_relative_path = require "core.configmanager".resolve_relative_path;
-local datamanager = require "util.datamanager";
 
 local function test_connection()
 	if not connection then return nil; end
@@ -77,7 +72,7 @@
 end
 
 local function get_password(username)
-	local stmt, err = getsql("SELECT `password` FROM `users` WHERE `email`=?", username .. "@" .. realm);
+	local stmt, err = getsql("SELECT `password` FROM `authreg` WHERE `username`=? AND `realm`=?", username, module.host);
 	if stmt then
 		for row in stmt:rows(true) do
 			return row.password;
@@ -85,56 +80,38 @@
 	end
 end
 
+
 provider = { name = "sql" };
 
 function provider.test_password(username, password)
-	local local_data = datamanager.load(username, realm, "accounts") or {};
-	if data.password == password then return true end
-	local dirty;
-	local hash = data.crypted_password;
-	if not hash then
-		hash = get_password(username);
-		if hash then
-			data.crypted_password = hash;
-			dirty = true;
-		else
-			return false
-		end
-	end
-	local ok = password and crypt(password, hash) == password;
-	if ok and mitm_mode then
-		local_data.password = password;
-		dirty = true
-	end
-	if dirty then
-		datamanager.store(username, realm, "accounts", local_data);
-	end
-	return ok
+	return password and get_password(username) == password;
 end
 function provider.get_password(username)
-	return nil, "Getting password is not supported.";
+	return get_password(username);
 end
 function provider.set_password(username, password)
 	return nil, "Setting password is not supported.";
 end
 function provider.user_exists(username)
-	return datamanager.load(username, realm, "accounts") or get_password(username) and true;
+	return get_password(username) and true;
 end
 function provider.create_user(username, password)
 	return nil, "Account creation/modification not supported.";
 end
 function provider.get_sasl_handler()
 	local profile = {
-		plain_test = function(sasl, username, password, realm)
+		plain = function(sasl, username, realm)
 			local prepped_username = nodeprep(username);
 			if not prepped_username then
 				module:log("debug", "NODEprep failed on username: %s", username);
-				return nil;
+				return "", nil;
 			end
-			return provider.test_password(prepped_username, password);
+			local password = get_password(prepped_username);
+			if not password then return "", nil; end
+			return password, true;
 		end
 	};
-	return new_sasl(host, profile);
+	return new_sasl(module.host, profile);
 end
 
 module:add_item("auth-provider", provider);