Software /
code /
prosody
Annotate
plugins/mod_auth_internal_plain.lua @ 3342:20e99763a08a
util.caps: Entity capabilities hash generation (moved from mod_pep)
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Fri, 09 Jul 2010 13:18:42 +0100 |
parent | 3336:3a8ce659edfc |
child | 3425:26751c628207 |
rev | line source |
---|---|
3162 | 1 -- Prosody IM |
2 -- Copyright (C) 2008-2010 Matthew Wild | |
3 -- Copyright (C) 2008-2010 Waqas Hussain | |
4 -- Copyright (C) 2010 Jeff Mitchell | |
5 -- | |
6 -- This project is MIT/X11 licensed. Please see the | |
7 -- COPYING file in the source package for more information. | |
8 -- | |
9 | |
10 local datamanager = require "util.datamanager"; | |
3336
3a8ce659edfc
mod_auth_internal, usermanager: Rename to mod_auth_internal_plain, and update usermanager to still use it as the default
Matthew Wild <mwild1@gmail.com>
parents:
3335
diff
changeset
|
11 local log = require "util.logger".init("auth_internal_plain"); |
3162 | 12 local type = type; |
13 local error = error; | |
14 local ipairs = ipairs; | |
15 local hashes = require "util.hashes"; | |
16 local jid_bare = require "util.jid".bare; | |
17 local config = require "core.configmanager"; | |
3163 | 18 local usermanager = require "core.usermanager"; |
3186
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
19 local new_sasl = require "util.sasl".new; |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
20 local nodeprep = require "util.encodings".stringprep.nodeprep; |
3162 | 21 local hosts = hosts; |
22 | |
23 local prosody = _G.prosody; | |
24 | |
3163 | 25 local is_cyrus = usermanager.is_cyrus; |
26 | |
3162 | 27 function new_default_provider(host) |
3336
3a8ce659edfc
mod_auth_internal, usermanager: Rename to mod_auth_internal_plain, and update usermanager to still use it as the default
Matthew Wild <mwild1@gmail.com>
parents:
3335
diff
changeset
|
28 local provider = { name = "internal_plain" }; |
3163 | 29 log("debug", "initializing default authentication provider for host '%s'", host); |
30 | |
3162 | 31 function provider.test_password(username, password) |
3163 | 32 log("debug", "test password '%s' for user %s at host %s", password, username, module.host); |
3162 | 33 if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end |
34 local credentials = datamanager.load(username, host, "accounts") or {}; | |
35 | |
36 if password == credentials.password then | |
37 return true; | |
38 else | |
39 return nil, "Auth failed. Invalid username or password."; | |
40 end | |
41 end | |
42 | |
43 function provider.get_password(username) | |
3163 | 44 log("debug", "get_password for username '%s' at host '%s'", username, module.host); |
3162 | 45 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end |
46 return (datamanager.load(username, host, "accounts") or {}).password; | |
47 end | |
48 | |
49 function provider.set_password(username, password) | |
50 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end | |
51 local account = datamanager.load(username, host, "accounts"); | |
52 if account then | |
53 account.password = password; | |
54 return datamanager.store(username, host, "accounts", account); | |
55 end | |
56 return nil, "Account not available."; | |
57 end | |
58 | |
59 function provider.user_exists(username) | |
60 if is_cyrus(host) then return true; end | |
61 local account = datamanager.load(username, host, "accounts"); | |
62 if not account then | |
3163 | 63 log("debug", "account not found for username '%s' at host '%s'", username, module.host); |
3162 | 64 return nil, "Auth failed. Invalid username"; |
65 end | |
66 return true; | |
67 end | |
68 | |
69 function provider.create_user(username, password) | |
70 if is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end | |
71 return datamanager.store(username, host, "accounts", {password = password}); | |
72 end | |
73 | |
3186
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
74 function provider.get_sasl_handler() |
3187
a475fbce1990
mod_auth_internal, mod_auth_internal_hashed: Fixed a global access.
Waqas Hussain <waqas20@gmail.com>
parents:
3186
diff
changeset
|
75 local realm = module:get_option("sasl_realm") or module.host; |
3186
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
76 local getpass_authentication_profile = { |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
77 plain = function(username, realm) |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
78 local prepped_username = nodeprep(username); |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
79 if not prepped_username then |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
80 log("debug", "NODEprep failed on username: %s", username); |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
81 return "", nil; |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
82 end |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
83 local password = usermanager.get_password(prepped_username, realm); |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
84 if not password then |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
85 return "", nil; |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
86 end |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
87 return password, true; |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
88 end |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
89 }; |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
90 return new_sasl(realm, getpass_authentication_profile); |
3162 | 91 end |
3287
e425e27c12be
mod_auth_internal, mod_auth_internal_hashed: Remove is_admin method from providers
Matthew Wild <mwild1@gmail.com>
parents:
3272
diff
changeset
|
92 |
3162 | 93 return provider; |
94 end | |
95 | |
96 module:add_item("auth-provider", new_default_provider(module.host)); | |
97 |