Software /
code /
prosody-modules
File
mod_auth_http_async/mod_auth_http_async.lua @ 1800:669d1208221a
mod_storage_lmdb: Remove redundant table
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 28 Aug 2015 00:38:19 +0200 |
parent | 1749:39a0a35f02bc |
child | 1927:439711709d29 |
line wrap: on
line source
-- Prosody IM -- Copyright (C) 2008-2013 Matthew Wild -- Copyright (C) 2008-2013 Waqas Hussain -- Copyright (C) 2014 Kim Alvefur -- -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. -- local new_sasl = require "util.sasl".new; local base64 = require "util.encodings".base64.encode; local waiter =require "util.async".waiter; local http = require "net.http"; local log = module._log; local host = module.host; local api_base = module:get_option_string("http_auth_url", ""):gsub("$host", host); if api_base == "" then error("http_auth_url required") end local provider = {}; function provider.test_password(username, password) log("debug", "test password for user %s at host %s", username, host); local wait, done = waiter(); local code = -1; http.request(api_base:gsub("$user", username), { headers = { Authorization = "Basic "..base64(username..":"..password); }; }, function(body, _code) code = _code; done(); end); wait(); if code >= 200 and code <= 299 then return true; else module:log("debug", "HTTP auth provider returned status code %d", code); return nil, "Auth failed. Invalid username or password."; end end function provider.set_password(username, password) return nil, "Changing passwords not supported"; end function provider.user_exists(username) return true; end function provider.create_user(username, password) return nil, "User creation not supported"; end function provider.delete_user(username) return nil , "User deletion not supported"; end function provider.get_sasl_handler() return new_sasl(host, { plain_test = function(sasl, username, password, realm) return provider.test_password(username, realm, password), true; end }); end module:provides("auth", provider);