prosody-modules
9d88c3d9eea5
mod_firewall/marks.lib.lua
Software / code / prosody-modules
File
mod_firewall/marks.lib.lua @ 6281:9d88c3d9eea5
mod_http_oauth2: Enforce the registered grant types
Thus a client can limit itself to certain grant types.
Not sure if this prevents any attacks, but what was the point of
including this in the registration if it was not going to be enforced?
This became easier to do with client_id being available earlier.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 02 Jun 2025 20:55:20 +0200 |
| parent | 5542:048284447643 |
line wrap: on
line source
local mark_storage = module:open_store("firewall_marks"); local mark_map_storage = module:open_store("firewall_marks", "map"); local user_sessions = prosody.hosts[module.host].sessions; module:hook("firewall/marked/user", function (event) local user = user_sessions[event.username]; local marks = user and user.firewall_marks; if user and not marks then -- Load marks from storage to cache on the user object marks = mark_storage:get(event.username) or {}; user.firewall_marks = marks; --luacheck: ignore 122 end if marks then marks[event.mark] = event.timestamp; end local ok, err = mark_map_storage:set(event.username, event.mark, event.timestamp); if not ok then module:log("error", "Failed to mark user %q with %q: %s", event.username, event.mark, err); end return true; end, -1); module:hook("firewall/unmarked/user", function (event) local user = user_sessions[event.username]; local marks = user and user.firewall_marks; if marks then marks[event.mark] = nil; end local ok, err = mark_map_storage:set(event.username, event.mark, nil); if not ok then module:log("error", "Failed to unmark user %q with %q: %s", event.username, event.mark, err); end return true; end, -1);
