Software / code / prosody-modules
Changeset
5287:4834eaf24fc1
mod_sasl2_fast: Add an API that allows modules to check if a client has FAST
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Wed, 29 Mar 2023 16:13:42 +0100 |
| parents | 5286:a91adc164566 |
| children | 5289:308024be6d6f |
| files | mod_sasl2_fast/mod_sasl2_fast.lua |
| diffstat | 1 files changed, 17 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_sasl2_fast/mod_sasl2_fast.lua Wed Mar 29 16:13:00 2023 +0100 +++ b/mod_sasl2_fast/mod_sasl2_fast.lua Wed Mar 29 16:13:42 2023 +0100 @@ -228,3 +228,20 @@ register_ht_mechanism("HT-SHA-256-UNIQ", "ht_sha_256", "tls-unique"); register_ht_mechanism("HT-SHA-256-ENDP", "ht_sha_256", "tls-server-end-point"); register_ht_mechanism("HT-SHA-256-EXPR", "ht_sha_256", "tls-exporter"); + +-- Public API + +--luacheck: ignore 131 +function is_client_fast(username, client_id, last_password_change) + local client_id_hash = hash.sha256(client_id, true); + local curr_time = now(); + local cur = token_store:get(username, client_id_hash.."-cur"); + if cur and cur.expires_at >= curr_time and (not last_password_change or last_password_change < cur.issued_at) then + return true; + end + local new = token_store:get(username, client_id_hash.."-new"); + if new and new.expires_at >= curr_time and (not last_password_change or last_password_change < new.issued_at) then + return true; + end + return false; +end
