Software /
code /
prosody-modules
File
mod_auth_http_async/mod_auth_http_async.lua @ 2520:c6fd8975704b
mod_firewall: Initial support for lists, in-memory and HTTP
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Sun, 19 Feb 2017 21:10:26 +0000 |
parent | 2442:b2a198665946 |
child | 2629:a11568bfaf4c |
line wrap: on
line source
-- Prosody IM -- Copyright (C) 2008-2013 Matthew Wild -- Copyright (C) 2008-2013 Waqas Hussain -- Copyright (C) 2014 Kim Alvefur -- -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. -- local new_sasl = require "util.sasl".new; local base64 = require "util.encodings".base64.encode; local have_async, async = pcall(require, "util.async"); local http = require "net.http"; local log = module._log; local host = module.host; local api_base = module:get_option_string("http_auth_url", ""):gsub("$host", host); if api_base == "" then error("http_auth_url required") end local function async_http_request(url, ex) local wait, done = async.waiter(); local content, code, request, response; local function cb(content_, code_, request_, response_) content, code, request, response = content_, code_, request_, response_; done(); end http.request(url, ex, cb); wait(); return content, code, request, response; end local provider = {}; function provider.test_password(username, password) local url = api_base:gsub("$user", username); log("debug", "Testing password for user %s at host %s with URL %s", username, host, url); local ex = { headers = { Authorization = "Basic "..base64(username..":"..password); }; } if (have_async) then local _, code = async_http_request(url, ex); if code >= 200 and code <= 299 then module:log("debug", "HTTP auth provider confirmed valid password"); return true; else module:log("debug", "HTTP auth provider returned status code %d", code); end else local ok, err = http.request(url, ex, function(body, code) if code >= 200 and code <= 299 then module:log("debug", "HTTP auth provider confirmed valid password"); else module:log("debug", "HTTP auth provider returned status code %d", code); end end); if ok then return true; end end return nil, "Auth failed. Invalid username or password."; end function provider.set_password(username, password) return nil, "Changing passwords not supported"; end function provider.user_exists(username) return true; end function provider.create_user(username, password) return nil, "User creation not supported"; end function provider.delete_user(username) return nil , "User deletion not supported"; end function provider.get_sasl_handler() return new_sasl(host, { plain_test = function(sasl, username, password, realm) return provider.test_password(username, password), true; end }); end module:provides("auth", provider);