Software /
code /
prosody-modules
Diff
mod_register_json/mod_register_json.lua @ 430:f0fafd19fd72
mod_register_json: changed pestered code to something less pestered. (added nodeprep)
author | Marco Cirillo <maranda@lightwitch.org> |
---|---|
date | Thu, 15 Sep 2011 21:23:49 +0000 |
parent | 429:ea6641deec12 |
child | 529:84e992f70ba3 |
line wrap: on
line diff
--- a/mod_register_json/mod_register_json.lua Thu Sep 15 03:32:23 2011 +0000 +++ b/mod_register_json/mod_register_json.lua Thu Sep 15 21:23:49 2011 +0000 @@ -11,6 +11,7 @@ local json_decode = require "util.json".decode; local httpserver = require "net.httpserver"; local os_time = os.time; +local nodeprep = require "util.encodings".stringprep.nodeprep; module.host = "*" -- HTTP/BOSH Servlets need to be global. @@ -93,20 +94,19 @@ end -- We first check if the supplied username for registration is already there. - if not usermanager.user_exists(req_body["username"], req_body["host"]) then - -- Sanity checks for the username. - if req_body["username"]:find(" ") or req_body["username"]:find("@") or req_body["username"]:find("<") or - req_body["username"]:find(">") or req_body["username"]:find("\"") or req_body["username"]:find("\'") or - req_body["username"]:find("/") then - module:log("debug", "%s supplied an username containing invalid characters: %s", user, req_body["username"]); + -- And nodeprep the username + local username = nodeprep(req_body["username"]); + if not usermanager.user_exists(username, req_body["host"]) then + if not username then + module:log("debug", "%s supplied an username containing invalid characters: %s", user, username); return http_response(406, "Supplied username contains invalid characters, see RFC 6122."); else - usermanager.create_user(req_body["username"], req_body["password"], req_body["host"]); - module:log("debug", "%s registration data submission for %s is successful", user, req_body["username"]); + usermanager.create_user(username, req_body["password"], req_body["host"]); + module:log("debug", "%s registration data submission for %s is successful", user, username); return http_response(200, "Done."); end else - module:log("debug", "%s registration data submission for %s failed (user already exists)", user, req_body["username"]); + module:log("debug", "%s registration data submission for %s failed (user already exists)", user, username); return http_response(409, "User already exists."); end end