prosody-modules
611380cfad75
mod_auth_token/mod_sasl_token.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_auth_token/mod_sasl_token.lua @ 6299:611380cfad75

mod_csi_grace_period: Readme Fix Tab at beginning of line diff --git a/mod_csi_grace_period/README.md b/mod_csi_grace_period/README.md --- a/mod_csi_grace_period/README.md +++ b/mod_csi_grace_period/README.md @@ -16,9 +16,9 @@ pocket is not the best use of radio time Works with [mod_csi_simple][doc:modules:mod_csi_simple] which is included with Prosody. - ------- ------- - trunk* Works - 13 Works - 0.12 Works + ------- ------- + trunk* Works + 13 Works + 0.12 Works - *as of 2025-06-13 + *as of 2025-06-13
author Menel <menel@snikket.de>
date Fri, 13 Jun 2025 10:08:21 +0200
parent 2956:d0ca211e1b0e
line wrap: on
line source

-- Copyright (C) 2018 Minddistrict
--
-- This file is MIT/X11 licensed.
--

local s_match = string.match;
local registerMechanism = require "util.sasl".registerMechanism;
local saslprep = require "util.encodings".stringprep.saslprep;
local nodeprep = require "util.encodings".stringprep.nodeprep;
local log = require "util.logger".init("sasl");
local _ENV = nil;


local function token_auth(self, message)
	if not message then
		return "failure", "malformed-request";
	end

	local authorization, authentication, password = s_match(message, "^([^%z]*)%z([^%z]+)%z([^%z]+)");

	if not authorization then
		return "failure", "malformed-request";
	end

	-- SASLprep password and authentication
	authentication = saslprep(authentication);
	password = saslprep(password);

	if (not password) or (password == "") or (not authentication) or (authentication == "") then
		log("debug", "Username or password violates SASLprep.");
		return "failure", "malformed-request", "Invalid username or password.";
	end

	local _nodeprep = self.profile.nodeprep;
	if _nodeprep ~= false then
		authentication = (_nodeprep or nodeprep)(authentication);
		if not authentication or authentication == "" then
			return "failure", "malformed-request", "Invalid username or password."
		end
	end

	local correct, state = false, false;
    correct, state = self.profile.token(self, authentication, password, self.realm);

	self.username = authentication
	if state == false then
		return "failure", "account-disabled";
	elseif state == nil or not correct then
		return "failure", "not-authorized", "Unable to authorize you with the authentication credentials you've sent.";
	end
	return "success";
end

registerMechanism("X-TOKEN", {"token"}, token_auth);