Software /
code /
prosody
Annotate
util/session.lua @ 13074:794a5ad5495e
mod_tokenauth: Fix parsing binary part of tokens
Fixes parsing of tokens that happen to have a `;` in their secret part,
otherwise it splits there and the later bit goes into the username and
hitting the "Invalid token in storage" condition.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Wed, 12 Apr 2023 11:43:32 +0200 |
parent | 13007:534c055ec378 |
child | 13165:9c13c11b199d |
rev | line source |
---|---|
12975
d10957394a3c
util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents:
12640
diff
changeset
|
1 local initialize_filters = require "prosody.util.filters".initialize; |
13007
534c055ec378
util.session: Add 'since' property with timestamp of session creation
Matthew Wild <mwild1@gmail.com>
parents:
12975
diff
changeset
|
2 local time = require "util.time"; |
12975
d10957394a3c
util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents:
12640
diff
changeset
|
3 local logger = require "prosody.util.logger"; |
6937 | 4 |
5 local function new_session(typ) | |
6 local session = { | |
7 type = typ .. "_unauthed"; | |
9947
8ebca1240203
util.session: Fix session id not include unauthed forever
Kim Alvefur <zash@zash.se>
parents:
7181
diff
changeset
|
8 base_type = typ; |
13007
534c055ec378
util.session: Add 'since' property with timestamp of session creation
Matthew Wild <mwild1@gmail.com>
parents:
12975
diff
changeset
|
9 since = time.now(); |
6937 | 10 }; |
11 return session; | |
12 end | |
13 | |
6938
9df70e9e006b
util.session: What is the identity of a session?
Kim Alvefur <zash@zash.se>
parents:
6937
diff
changeset
|
14 local function set_id(session) |
9947
8ebca1240203
util.session: Fix session id not include unauthed forever
Kim Alvefur <zash@zash.se>
parents:
7181
diff
changeset
|
15 local id = session.base_type .. tostring(session):match("%x+$"):lower(); |
6938
9df70e9e006b
util.session: What is the identity of a session?
Kim Alvefur <zash@zash.se>
parents:
6937
diff
changeset
|
16 session.id = id; |
9df70e9e006b
util.session: What is the identity of a session?
Kim Alvefur <zash@zash.se>
parents:
6937
diff
changeset
|
17 return session; |
9df70e9e006b
util.session: What is the identity of a session?
Kim Alvefur <zash@zash.se>
parents:
6937
diff
changeset
|
18 end |
9df70e9e006b
util.session: What is the identity of a session?
Kim Alvefur <zash@zash.se>
parents:
6937
diff
changeset
|
19 |
6939
a9ae0c6ac4f4
util.session: What does the session say?
Kim Alvefur <zash@zash.se>
parents:
6938
diff
changeset
|
20 local function set_logger(session) |
7181
8af558965da3
util.session: Fix luacheck warnings
Kim Alvefur <zash@zash.se>
parents:
6941
diff
changeset
|
21 local log = logger.init(session.id); |
6939
a9ae0c6ac4f4
util.session: What does the session say?
Kim Alvefur <zash@zash.se>
parents:
6938
diff
changeset
|
22 session.log = log; |
a9ae0c6ac4f4
util.session: What does the session say?
Kim Alvefur <zash@zash.se>
parents:
6938
diff
changeset
|
23 return session; |
a9ae0c6ac4f4
util.session: What does the session say?
Kim Alvefur <zash@zash.se>
parents:
6938
diff
changeset
|
24 end |
a9ae0c6ac4f4
util.session: What does the session say?
Kim Alvefur <zash@zash.se>
parents:
6938
diff
changeset
|
25 |
6940
2be5e19485aa
util.session: How does a session relate do a connection?
Kim Alvefur <zash@zash.se>
parents:
6939
diff
changeset
|
26 local function set_conn(session, conn) |
2be5e19485aa
util.session: How does a session relate do a connection?
Kim Alvefur <zash@zash.se>
parents:
6939
diff
changeset
|
27 session.conn = conn; |
2be5e19485aa
util.session: How does a session relate do a connection?
Kim Alvefur <zash@zash.se>
parents:
6939
diff
changeset
|
28 session.ip = conn:ip(); |
2be5e19485aa
util.session: How does a session relate do a connection?
Kim Alvefur <zash@zash.se>
parents:
6939
diff
changeset
|
29 return session; |
2be5e19485aa
util.session: How does a session relate do a connection?
Kim Alvefur <zash@zash.se>
parents:
6939
diff
changeset
|
30 end |
2be5e19485aa
util.session: How does a session relate do a connection?
Kim Alvefur <zash@zash.se>
parents:
6939
diff
changeset
|
31 |
6941
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
32 local function set_send(session) |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
33 local conn = session.conn; |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
34 if not conn then |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
35 function session.send(data) |
10110
3fa3872588a8
util.session: Remove tostring call from logging
Kim Alvefur <zash@zash.se>
parents:
9947
diff
changeset
|
36 session.log("debug", "Discarding data sent to unconnected session: %s", data); |
6941
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
37 return false; |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
38 end |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
39 return session; |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
40 end |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
41 local filter = initialize_filters(session); |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
42 local w = conn.write; |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
43 session.send = function (t) |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
44 if t.name then |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
45 t = filter("stanzas/out", t); |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
46 end |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
47 if t then |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
48 t = filter("bytes/out", tostring(t)); |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
49 if t then |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
50 local ret, err = w(conn, t); |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
51 if not ret then |
10110
3fa3872588a8
util.session: Remove tostring call from logging
Kim Alvefur <zash@zash.se>
parents:
9947
diff
changeset
|
52 session.log("debug", "Error writing to connection: %s", err); |
6941
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
53 return false, err; |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
54 end |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
55 end |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
56 end |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
57 return true; |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
58 end |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
59 return session; |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
60 end |
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
61 |
12640
999b1c59af6f
util.session: Add role management methods
Matthew Wild <mwild1@gmail.com>
parents:
10110
diff
changeset
|
62 local function set_role(session, role) |
999b1c59af6f
util.session: Add role management methods
Matthew Wild <mwild1@gmail.com>
parents:
10110
diff
changeset
|
63 session.role = role; |
999b1c59af6f
util.session: Add role management methods
Matthew Wild <mwild1@gmail.com>
parents:
10110
diff
changeset
|
64 end |
999b1c59af6f
util.session: Add role management methods
Matthew Wild <mwild1@gmail.com>
parents:
10110
diff
changeset
|
65 |
6937 | 66 return { |
67 new = new_session; | |
12640
999b1c59af6f
util.session: Add role management methods
Matthew Wild <mwild1@gmail.com>
parents:
10110
diff
changeset
|
68 |
6938
9df70e9e006b
util.session: What is the identity of a session?
Kim Alvefur <zash@zash.se>
parents:
6937
diff
changeset
|
69 set_id = set_id; |
6939
a9ae0c6ac4f4
util.session: What does the session say?
Kim Alvefur <zash@zash.se>
parents:
6938
diff
changeset
|
70 set_logger = set_logger; |
6940
2be5e19485aa
util.session: How does a session relate do a connection?
Kim Alvefur <zash@zash.se>
parents:
6939
diff
changeset
|
71 set_conn = set_conn; |
6941
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
72 set_send = set_send; |
12640
999b1c59af6f
util.session: Add role management methods
Matthew Wild <mwild1@gmail.com>
parents:
10110
diff
changeset
|
73 set_role = set_role; |
6937 | 74 } |