prosody-modules
527c747711f3
mod_easy_invite/README.markdown

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_easy_invite/README.markdown @ 5705:527c747711f3

mod_http_oauth2: Limit revocation to clients own tokens in strict mode RFC 7009 section 2.1 states: > The authorization server first validates the client credentials (in > case of a confidential client) and then verifies whether the token was > issued to the client making the revocation request. If this > validation fails, the request is refused and the client is informed of > the error by the authorization server as described below. The first part was already covered (in strict mode). This adds the later part using the hash of client_id recorded in 0860497152af It still seems weird to me that revoking a leaked token should not be allowed whoever might have discovered it, as that seems the responsible thing to do.
author Kim Alvefur <zash@zash.se>
date Sun, 29 Oct 2023 11:30:49 +0100
parent 4150:d3d2e9e7e8b7
line wrap: on
line source

---
labels:
- 'Stage-Deprecated'
summary: 'Invite management module for Prosody (deprecated)'
rockspec:
  dependencies:
  - mod_invites
---

::: {.alert .alert-warning}
**NOTE:** This module has been deprecated. Its functionality has been
moved to other modules, see the mod_invites documentation for details.
:::


This module allows admins and users to create invitations suitable for sharing
to potential new users/contacts.

User invitations can be created through the "New Invite" ad-hoc command. An overview
of the semantics and protocol can be found at [modernxmpp.org/client/invites](https://docs.modernxmpp.org/client/invites/).

This module depends on mod_invites to actually create and store the invitation tokens.

# Configuration

To allow users to join your server through invitations, you must
enable mod_register_ibr and set allow_registration = true, and then
also set `registration_invite_only = true` to restrict registration.

| Name                     | Description                                                                       | Default |
|--------------------------|-----------------------------------------------------------------------------------|---------|
| registration_invite_only | Whether registration attempts without an invite token should be blocked           | true    |
| allow_user_invites       | Whether existing users should be allowed to invite new users to register accounts | true    |

## Example: Invite-only registration
``` {.lua}
-- To allow invitation through a token, mod_register
allow_registration = true
registration_invite_only = true
```

## Example: Open registration

This setup allows completely open registration, even without
an invite token.

``` {.lua}
allow_registration = true
registration_invite_only = false
```

## Invite creation permissions

To allow existing users of your server to send invitation links that
allow new people to join your server, you can set `allow_user_invites = true`.

If you do not wish users to invite other users to create accounts on your
server, set `allow_user_invites = false`. They will still be able to send
contact invites, but new contacts will be required to register an account
on a different server.

# Usage

Users can use the "New Invite" ad-hoc command through their client.

Admins can create registration links using prosodyctl, e.g.

```
prosodyctl mod_easy_invite example.com generate
```

# Compatibility

0.11 and later.