prosody
06453c564141
plugins/mod_auth_insecure.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Annotate

plugins/mod_auth_insecure.lua @ 13014:06453c564141

util.startup: Add prosody.started promise to easily execute code after startup To avoid a race where server-started fires before the promise function body is run (on next tick), I moved server-started to fire on the next tick, which seems sensible anyway. Errors are logged, I'm not sure if we ought to be doing something more here. I'm sure we'll find out.
author Matthew Wild <mwild1@gmail.com>
date Sat, 01 Apr 2023 11:56:38 +0100
parent 12977:74b9e05af71e
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
9275
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 -- Prosody IM
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 -- Copyright (C) 2008-2010 Matthew Wild
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 -- Copyright (C) 2008-2010 Waqas Hussain
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 --
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 -- This project is MIT/X11 licensed. Please see the
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 -- COPYING file in the source package for more information.
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 --
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 -- luacheck: ignore 212
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9
12977
74b9e05af71e plugins: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12671
diff changeset
10 local datamanager = require "prosody.util.datamanager";
74b9e05af71e plugins: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12671
diff changeset
11 local new_sasl = require "prosody.util.sasl".new;
74b9e05af71e plugins: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12671
diff changeset
12 local saslprep = require "prosody.util.encodings".stringprep.saslprep;
9275
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14 local host = module.host;
9292
d5f798efb1ba mod_auth_insecure: Fix module provider name
Matthew Wild <mwild1@gmail.com>
parents: 9275
diff changeset
15 local provider = { name = "insecure" };
9275
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17 assert(module:get_option_string("insecure_open_authentication") == "Yes please, I know what I'm doing!");
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 function provider.test_password(username, password)
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20 return true;
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 end
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 function provider.set_password(username, password)
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 local account = datamanager.load(username, host, "accounts");
10914
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 9292
diff changeset
25 password = saslprep(password);
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 9292
diff changeset
26 if not password then
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 9292
diff changeset
27 return nil, "Password fails SASLprep.";
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 9292
diff changeset
28 end
9275
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29 if account then
12671
32881d0c359f mod_auth_insecure: Store creation and update timestamps on account
Kim Alvefur <zash@zash.se>
parents: 10914
diff changeset
30 account.updated = os.time();
9275
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
31 account.password = password;
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
32 return datamanager.store(username, host, "accounts", account);
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 end
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 return nil, "Account not available.";
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 end
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 function provider.user_exists(username)
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38 return true;
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 end
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41 function provider.create_user(username, password)
12671
32881d0c359f mod_auth_insecure: Store creation and update timestamps on account
Kim Alvefur <zash@zash.se>
parents: 10914
diff changeset
42 local now = os.time();
32881d0c359f mod_auth_insecure: Store creation and update timestamps on account
Kim Alvefur <zash@zash.se>
parents: 10914
diff changeset
43 return datamanager.store(username, host, "accounts", { created = now; updated = now; password = password });
9275
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 end
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
45
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46 function provider.delete_user(username)
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47 return datamanager.store(username, host, "accounts", nil);
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48 end
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
50 function provider.get_sasl_handler()
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
51 local getpass_authentication_profile = {
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52 plain_test = function(sasl, username, password, realm)
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53 return true, true;
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 end
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55 };
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 return new_sasl(module.host, getpass_authentication_profile);
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
57 end
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
58
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
59 module:add_item("auth-provider", provider);
db137a87511b mod_auth_insecure: Accept any username/password (import of mod_auth_any from prosody-modules)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60