prosody
0d245034600a
plugins/mod_register_ibr.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Annotate

plugins/mod_register_ibr.lua @ 12332:0d245034600a

prosody.cfg.lua.dist: Remove require_encryption options Reasons: - These now default to enabled when not specified since 38b5b05407be - Practically all servers require encryption these days for c2s/s2s. - Disabling encryption can be considered a special case that doesn't need to be in the default config file.
author Matthew Wild <mwild1@gmail.com>
date Mon, 14 Feb 2022 15:58:08 +0000
parent 12330:38b5b05407be
child 12977:74b9e05af71e
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1523
841d61be198f Remove version number from copyright headers
Matthew Wild <mwild1@gmail.com>
parents: 1189
diff changeset
1 -- Prosody IM
2923
b7049746bd29 Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents: 2448
diff changeset
2 -- Copyright (C) 2008-2010 Matthew Wild
b7049746bd29 Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents: 2448
diff changeset
3 -- Copyright (C) 2008-2010 Waqas Hussain
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5763
diff changeset
4 --
758
b1885732e979 GPL->MIT!
Matthew Wild <mwild1@gmail.com>
parents: 691
diff changeset
5 -- This project is MIT/X11 licensed. Please see the
b1885732e979 GPL->MIT!
Matthew Wild <mwild1@gmail.com>
parents: 691
diff changeset
6 -- COPYING file in the source package for more information.
519
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
7 --
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
8
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
9
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
10 local st = require "util.stanza";
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
11 local dataform_new = require "util.dataforms".new;
10939
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
12 local usermanager_user_exists = require "core.usermanager".user_exists;
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
13 local usermanager_create_user = require "core.usermanager".create_user;
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
14 local usermanager_set_password = require "core.usermanager".create_user;
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
15 local usermanager_delete_user = require "core.usermanager".delete_user;
927
cc180d25dbeb Fixed: mod_register: Node prepping was not being applied to usernames (part of issue #57)
Waqas Hussain <waqas20@gmail.com>
parents: 926
diff changeset
16 local nodeprep = require "util.encodings".stringprep.nodeprep;
10939
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
17 local util_error = require "util.error";
3995
e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents: 3540
diff changeset
18
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
19 local additional_fields = module:get_option("additional_registration_fields", {});
8484
f591855f060d mod_register: Split into mod_register_ibr and mod_user_account_management (#723)
Kim Alvefur <zash@zash.se>
parents: 8464
diff changeset
20 local require_encryption = module:get_option_boolean("c2s_require_encryption",
12330
38b5b05407be various: Require encryption by default for real
Kim Alvefur <zash@zash.se>
parents: 10946
diff changeset
21 module:get_option_boolean("require_encryption", true));
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
22
9608
3e44b8dc2cc0 mod_register: Move dependency on mod_register_limits into mod_register_ibr
Kim Alvefur <zash@zash.se>
parents: 9453
diff changeset
23 pcall(function ()
3e44b8dc2cc0 mod_register: Move dependency on mod_register_limits into mod_register_ibr
Kim Alvefur <zash@zash.se>
parents: 9453
diff changeset
24 module:depends("register_limits");
3e44b8dc2cc0 mod_register: Move dependency on mod_register_limits into mod_register_ibr
Kim Alvefur <zash@zash.se>
parents: 9453
diff changeset
25 end);
3e44b8dc2cc0 mod_register: Move dependency on mod_register_limits into mod_register_ibr
Kim Alvefur <zash@zash.se>
parents: 9453
diff changeset
26
5500
eeea0eb2602a mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()
Kim Alvefur <zash@zash.se>
parents: 5371
diff changeset
27 local account_details = module:open_store("account_details");
eeea0eb2602a mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()
Kim Alvefur <zash@zash.se>
parents: 5371
diff changeset
28
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
29 local field_map = {
10281
f90abf142d53 mod_register_ibr: Add FORM_TYPE as required by XEP-0077.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 9608
diff changeset
30 FORM_TYPE = { name = "FORM_TYPE", type = "hidden", value = "jabber:iq:register" };
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
31 username = { name = "username", type = "text-single", label = "Username", required = true };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
32 password = { name = "password", type = "text-private", label = "Password", required = true };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
33 nick = { name = "nick", type = "text-single", label = "Nickname" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
34 name = { name = "name", type = "text-single", label = "Full Name" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
35 first = { name = "first", type = "text-single", label = "Given Name" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
36 last = { name = "last", type = "text-single", label = "Family Name" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
37 email = { name = "email", type = "text-single", label = "Email" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
38 address = { name = "address", type = "text-single", label = "Street" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
39 city = { name = "city", type = "text-single", label = "City" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
40 state = { name = "state", type = "text-single", label = "State" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
41 zip = { name = "zip", type = "text-single", label = "Postal code" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
42 phone = { name = "phone", type = "text-single", label = "Telephone number" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
43 url = { name = "url", type = "text-single", label = "Webpage" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
44 date = { name = "date", type = "text-single", label = "Birth date" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
45 };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
46
7812
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
47 local title = module:get_option_string("registration_title",
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
48 "Creating a new account");
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
49 local instructions = module:get_option_string("registration_instructions",
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
50 "Choose a username and password for use with this service.");
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
51
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
52 local registration_form = dataform_new{
7812
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
53 title = title;
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
54 instructions = instructions;
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
55
10281
f90abf142d53 mod_register_ibr: Add FORM_TYPE as required by XEP-0077.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 9608
diff changeset
56 field_map.FORM_TYPE;
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
57 field_map.username;
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
58 field_map.password;
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
59 };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
60
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
61 local registration_query = st.stanza("query", {xmlns = "jabber:iq:register"})
7812
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
62 :tag("instructions"):text(instructions):up()
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
63 :tag("username"):up()
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
64 :tag("password"):up();
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
65
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
66 for _, field in ipairs(additional_fields) do
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
67 if type(field) == "table" then
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
68 registration_form[#registration_form + 1] = field;
7816
2624f4ee34a2 mod_register: Fix syntax errors
Kim Alvefur <zash@zash.se>
parents: 7815
diff changeset
69 elseif field_map[field] or field_map[field:sub(1, -2)] then
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
70 if field:match("%+$") then
7814
2120d71b0d56 mod_register: Strip '+' char from field names without using length
Kim Alvefur <zash@zash.se>
parents: 7812
diff changeset
71 field = field:sub(1, -2);
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
72 field_map[field].required = true;
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
73 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
74
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
75 registration_form[#registration_form + 1] = field_map[field];
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
76 registration_query:tag(field):up();
7815
f8d25a2e80ea mod_register: Verify that fields are known to prevent traceback
Kim Alvefur <zash@zash.se>
parents: 7814
diff changeset
77 else
f8d25a2e80ea mod_register: Verify that fields are known to prevent traceback
Kim Alvefur <zash@zash.se>
parents: 7814
diff changeset
78 module:log("error", "Unknown field %q", field);
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
79 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
80 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
81 registration_query:add_child(registration_form:form());
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
82
4268
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
83 local register_stream_feature = st.stanza("register", {xmlns="http://jabber.org/features/iq-register"}):up();
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
84 module:hook("stream-features", function(event)
5707
36a289e9244c mod_register: Fix indentation
Kim Alvefur <zash@zash.se>
parents: 5637
diff changeset
85 local session, features = event.origin, event.features;
4268
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
86
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
87 -- Advertise registration to unauthorized clients only.
8484
f591855f060d mod_register: Split into mod_register_ibr and mod_user_account_management (#723)
Kim Alvefur <zash@zash.se>
parents: 8464
diff changeset
88 if session.type ~= "c2s_unauthed" or (require_encryption and not session.secure) then
4268
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
89 return
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
90 end
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
91
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
92 features:add_child(register_stream_feature);
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
93 end);
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
94
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
95 local function parse_response(query)
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
96 local form = query:get_child("x", "jabber:x:data");
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
97 if form then
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
98 return registration_form:data(form);
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
99 else
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
100 local data = {};
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
101 local errors = {};
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
102 for _, field in ipairs(registration_form) do
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
103 local name, required = field.name, field.required;
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
104 if field_map[name] then
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
105 data[name] = query:get_child_text(name);
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
106 if (not data[name] or #data[name] == 0) and required then
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
107 errors[name] = "Required value missing";
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
108 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
109 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
110 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
111 if next(errors) then
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
112 return data, errors;
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
113 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
114 return data;
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
115 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
116 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
117
8194
ba9cd8447578 mod_register: Add comments saying which section handles password change, account deletion and which is in-band registration
Kim Alvefur <zash@zash.se>
parents: 8192
diff changeset
118 -- In-band registration
3529
3f9cc12308aa mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 3394
diff changeset
119 module:hook("stanza/iq/jabber:iq:register:query", function(event)
3f9cc12308aa mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 3394
diff changeset
120 local session, stanza = event.origin, event.stanza;
7017
ff734a602886 mod_register: Use session log instance to ease indentification
Kim Alvefur <zash@zash.se>
parents: 5776
diff changeset
121 local log = session.log or module._log;
3529
3f9cc12308aa mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 3394
diff changeset
122
8484
f591855f060d mod_register: Split into mod_register_ibr and mod_user_account_management (#723)
Kim Alvefur <zash@zash.se>
parents: 8464
diff changeset
123 if session.type ~= "c2s_unauthed" then
7709
0af1783d1592 mod_register: Additional logging for various registration failure cases
Kim Alvefur <zash@zash.se>
parents: 7570
diff changeset
124 log("debug", "Attempted registration when disabled or already authenticated");
665
09e0e9c722a3 Add allow_registration option to disable account registration
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
125 session.send(st.error_reply(stanza, "cancel", "service-unavailable"));
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
126 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
127 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
128
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
129 if require_encryption and not session.secure then
7916
72b6d5ab4137 mod_register: Require encryption before registration if c2s_require_encryption is set (fixes #595)
Kim Alvefur <zash@zash.se>
parents: 5637
diff changeset
130 session.send(st.error_reply(stanza, "modify", "policy-violation", "Encryption is required"));
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
131 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
132 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
133
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
134 local query = stanza.tags[1];
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
135 if stanza.attr.type == "get" then
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
136 local reply = st.reply(stanza);
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
137 reply:add_child(registration_query);
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
138 session.send(reply);
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
139 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
140 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
141
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
142 -- stanza.attr.type == "set"
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
143 if query.tags[1] and query.tags[1].name == "remove" then
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
144 session.send(st.error_reply(stanza, "auth", "registration-required"));
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
145 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
146 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
147
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
148 local data, errors = parse_response(query);
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
149 if errors then
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
150 log("debug", "Error parsing registration form:");
8737
6d71845bf56f mod_register_ibr: Return a textual error to the user for problems with parsing form data
Kim Alvefur <zash@zash.se>
parents: 8736
diff changeset
151 local textual_errors = {};
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
152 for field, err in pairs(errors) do
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
153 log("debug", "Field %q: %s", field, err);
8737
6d71845bf56f mod_register_ibr: Return a textual error to the user for problems with parsing form data
Kim Alvefur <zash@zash.se>
parents: 8736
diff changeset
154 table.insert(textual_errors, ("%s: %s"):format(field:gsub("^%a", string.upper), err));
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
155 end
8737
6d71845bf56f mod_register_ibr: Return a textual error to the user for problems with parsing form data
Kim Alvefur <zash@zash.se>
parents: 8736
diff changeset
156 session.send(st.error_reply(stanza, "modify", "not-acceptable", table.concat(textual_errors, "\n")));
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
157 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
158 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
159
10368
76eb79d372de mod_register_ibr: Enforce strict JID validation
Kim Alvefur <zash@zash.se>
parents: 10363
diff changeset
160 local username, password = nodeprep(data.username, true), data.password;
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
161 data.username, data.password = nil, nil;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
162 local host = module.host;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
163 if not username or username == "" then
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
164 log("debug", "The requested username is invalid.");
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
165 session.send(st.error_reply(stanza, "modify", "not-acceptable", "The requested username is invalid."));
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
166 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
167 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
168
9453
b6cdadb1175d mod_register_ibr: Include password in user-registering event, to allow e.g. password policy enforcement
Matthew Wild <mwild1@gmail.com>
parents: 8737
diff changeset
169 local user = { username = username, password = password, host = host, additional = data, ip = session.ip, session = session, allowed = true }
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
170 module:fire_event("user-registering", user);
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
171 if not user.allowed then
10363
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
172 local error_type, error_condition, reason;
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
173 local err = user.error;
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
174 if err then
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
175 error_type, error_condition, reason = err.type, err.condition, err.text;
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
176 else
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
177 -- COMPAT pre-util.error
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
178 error_type, error_condition, reason = user.error_type, user.error_condition, user.reason;
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
179 end
10767
a0166932479f mod_register_ibr: Fix reporting of registration rejection reason
Kim Alvefur <zash@zash.se>
parents: 10368
diff changeset
180 log("debug", "Registration disallowed by module: %s", reason or "no reason given");
10363
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
181 session.send(st.error_reply(stanza, error_type or "modify", error_condition or "not-acceptable", reason));
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
182 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
183 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
184
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
185 if usermanager_user_exists(username, host) then
10939
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
186 if user.allow_reset == username then
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
187 local ok, err = util_error.coerce(usermanager_set_password(username, password, host));
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
188 if ok then
10946
84441c19750e mod_register_ibr: Add event for successful password reset
Matthew Wild <mwild1@gmail.com>
parents: 10939
diff changeset
189 module:fire_event("user-password-reset", user);
10939
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
190 session.send(st.reply(stanza)); -- reset ok!
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
191 else
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
192 session.log("error", "Unable to reset password for %s@%s: %s", username, host, err);
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
193 session.send(st.error_reply(stanza, err.type, err.condition, err.text));
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
194 end
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
195 return true;
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
196 else
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
197 log("debug", "Attempt to register with existing username");
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
198 session.send(st.error_reply(stanza, "cancel", "conflict", "The requested username already exists."));
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
199 return true;
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
200 end
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
201 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
202
10290
b2ce3300f26a mod_register_ibr: Distinguish between failure to create account or save extra data
Kim Alvefur <zash@zash.se>
parents: 10287
diff changeset
203 local created, err = usermanager_create_user(username, password, host);
b2ce3300f26a mod_register_ibr: Distinguish between failure to create account or save extra data
Kim Alvefur <zash@zash.se>
parents: 10287
diff changeset
204 if created then
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
205 data.registered = os.time();
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
206 if not account_details:set(username, data) then
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
207 log("debug", "Could not store extra details");
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
208 usermanager_delete_user(username, host);
10290
b2ce3300f26a mod_register_ibr: Distinguish between failure to create account or save extra data
Kim Alvefur <zash@zash.se>
parents: 10287
diff changeset
209 session.send(st.error_reply(stanza, "wait", "internal-server-error", "Failed to write data to disk."));
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
210 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
211 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
212 session.send(st.reply(stanza)); -- user created!
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
213 log("info", "User account created: %s@%s", username, host);
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
214 module:fire_event("user-registered", {
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
215 username = username, host = host, source = "mod_register",
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
216 session = session });
3529
3f9cc12308aa mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 3394
diff changeset
217 else
10290
b2ce3300f26a mod_register_ibr: Distinguish between failure to create account or save extra data
Kim Alvefur <zash@zash.se>
parents: 10287
diff changeset
218 log("debug", "Could not create user", err);
b2ce3300f26a mod_register_ibr: Distinguish between failure to create account or save extra data
Kim Alvefur <zash@zash.se>
parents: 10287
diff changeset
219 session.send(st.error_reply(stanza, "cancel", "feature-not-implemented", err));
3529
3f9cc12308aa mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 3394
diff changeset
220 end
3f9cc12308aa mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 3394
diff changeset
221 return true;
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
222 end);