Software / code / prosody
Annotate
plugins/mod_auth_internal_plain.lua @ 4989:573123ff2ab0
mod_admin_telnet: Always handle commands terminated by line feeds - ensures consistency even when packets are joined or split on the network
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Mon, 23 Jul 2012 14:03:00 +0100 |
| parent | 4762:943f9f860ab4 |
| child | 5115:3939960b3c07 |
| rev | line source |
|---|---|
| 3162 | 1 -- Prosody IM |
| 2 -- Copyright (C) 2008-2010 Matthew Wild | |
| 3 -- Copyright (C) 2008-2010 Waqas Hussain | |
| 4 -- | |
| 5 -- This project is MIT/X11 licensed. Please see the | |
| 6 -- COPYING file in the source package for more information. | |
| 7 -- | |
| 8 | |
| 9 local datamanager = require "util.datamanager"; | |
| 3163 | 10 local usermanager = require "core.usermanager"; |
|
3186
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
11 local new_sasl = require "util.sasl".new; |
|
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
12 local nodeprep = require "util.encodings".stringprep.nodeprep; |
| 3162 | 13 |
|
4762
943f9f860ab4
mod_auth_internal_plain: Remove unused imports
Matthew Wild <mwild1@gmail.com>
parents:
4603
diff
changeset
|
14 local log = module._log; |
| 3162 | 15 |
| 16 function new_default_provider(host) | |
|
3336
3a8ce659edfc
mod_auth_internal, usermanager: Rename to mod_auth_internal_plain, and update usermanager to still use it as the default
Matthew Wild <mwild1@gmail.com>
parents:
3335
diff
changeset
|
17 local provider = { name = "internal_plain" }; |
|
4603
6900c9484834
mod_auth_internal_{plain,hashed}: Clarify log messages on initialization
Matthew Wild <mwild1@gmail.com>
parents:
4160
diff
changeset
|
18 log("debug", "initializing internal_plain authentication provider for host '%s'", host); |
| 3163 | 19 |
| 3162 | 20 function provider.test_password(username, password) |
| 3163 | 21 log("debug", "test password '%s' for user %s at host %s", password, username, module.host); |
| 3162 | 22 local credentials = datamanager.load(username, host, "accounts") or {}; |
| 23 | |
| 24 if password == credentials.password then | |
| 25 return true; | |
| 26 else | |
| 27 return nil, "Auth failed. Invalid username or password."; | |
| 28 end | |
| 29 end | |
| 30 | |
| 31 function provider.get_password(username) | |
| 3163 | 32 log("debug", "get_password for username '%s' at host '%s'", username, module.host); |
| 3162 | 33 return (datamanager.load(username, host, "accounts") or {}).password; |
| 34 end | |
| 35 | |
| 36 function provider.set_password(username, password) | |
| 37 local account = datamanager.load(username, host, "accounts"); | |
| 38 if account then | |
| 39 account.password = password; | |
| 40 return datamanager.store(username, host, "accounts", account); | |
| 41 end | |
| 42 return nil, "Account not available."; | |
| 43 end | |
| 44 | |
| 45 function provider.user_exists(username) | |
| 46 local account = datamanager.load(username, host, "accounts"); | |
| 47 if not account then | |
| 3163 | 48 log("debug", "account not found for username '%s' at host '%s'", username, module.host); |
| 3162 | 49 return nil, "Auth failed. Invalid username"; |
| 50 end | |
| 51 return true; | |
| 52 end | |
| 53 | |
| 54 function provider.create_user(username, password) | |
| 55 return datamanager.store(username, host, "accounts", {password = password}); | |
| 56 end | |
|
3994
42899d5efe3b
mod_auth_internal_*: Support for delete_user method
Matthew Wild <mwild1@gmail.com>
parents:
3981
diff
changeset
|
57 |
|
42899d5efe3b
mod_auth_internal_*: Support for delete_user method
Matthew Wild <mwild1@gmail.com>
parents:
3981
diff
changeset
|
58 function provider.delete_user(username) |
|
42899d5efe3b
mod_auth_internal_*: Support for delete_user method
Matthew Wild <mwild1@gmail.com>
parents:
3981
diff
changeset
|
59 return datamanager.store(username, host, "accounts", nil); |
|
42899d5efe3b
mod_auth_internal_*: Support for delete_user method
Matthew Wild <mwild1@gmail.com>
parents:
3981
diff
changeset
|
60 end |
| 3162 | 61 |
|
3186
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
62 function provider.get_sasl_handler() |
|
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
63 local getpass_authentication_profile = { |
|
3981
2b0b8fe68df2
util.sasl.*, mod_auth_*, mod_saslauth: Pass SASL handler as first parameter to SASL profile callbacks.
Waqas Hussain <waqas20@gmail.com>
parents:
3465
diff
changeset
|
64 plain = function(sasl, username, realm) |
|
3186
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
65 local prepped_username = nodeprep(username); |
|
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
66 if not prepped_username then |
|
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
67 log("debug", "NODEprep failed on username: %s", username); |
|
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
68 return "", nil; |
|
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
69 end |
|
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
70 local password = usermanager.get_password(prepped_username, realm); |
|
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
71 if not password then |
|
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
72 return "", nil; |
|
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
73 end |
|
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
74 return password, true; |
|
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
75 end |
|
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
76 }; |
|
4160
f08f649b898b
mod_auth_*: Get rid of undocumented and broken 'sasl_realm' config option.
Waqas Hussain <waqas20@gmail.com>
parents:
3994
diff
changeset
|
77 return new_sasl(module.host, getpass_authentication_profile); |
| 3162 | 78 end |
|
3287
e425e27c12be
mod_auth_internal, mod_auth_internal_hashed: Remove is_admin method from providers
Matthew Wild <mwild1@gmail.com>
parents:
3272
diff
changeset
|
79 |
| 3162 | 80 return provider; |
| 81 end | |
| 82 | |
| 83 module:add_item("auth-provider", new_default_provider(module.host)); | |
| 84 |
