prosody
84441c19750e
plugins/mod_auth_internal_plain.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Annotate

plugins/mod_auth_internal_plain.lua @ 10946:84441c19750e

mod_register_ibr: Add event for successful password reset This is in addition to the existing event for password changes. This one includes additional details about the actor, and only triggers when the change is due to the account owner (presumably) resetting. As example use case is to invalidate one-time password reset tokens.
author Matthew Wild <mwild1@gmail.com>
date Mon, 22 Jun 2020 11:35:24 +0100
parent 10914:0d7d71dee0a0
child 11544:c98aebe601f9
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3162
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
1 -- Prosody IM
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
2 -- Copyright (C) 2008-2010 Matthew Wild
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
3 -- Copyright (C) 2008-2010 Waqas Hussain
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
4 --
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
5 -- This project is MIT/X11 licensed. Please see the
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
6 -- COPYING file in the source package for more information.
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
7 --
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
8
3163
a23168cc4af5 Working defaultauth
Jeff Mitchell <jeff@jefferai.org>
parents: 3162
diff changeset
9 local usermanager = require "core.usermanager";
3186
b5f261123013 mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents: 3180
diff changeset
10 local new_sasl = require "util.sasl".new;
10914
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 8057
diff changeset
11 local saslprep = require "util.encodings".stringprep.saslprep;
3162
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
12
4762
943f9f860ab4 mod_auth_internal_plain: Remove unused imports
Matthew Wild <mwild1@gmail.com>
parents: 4603
diff changeset
13 local log = module._log;
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
14 local host = module.host;
3163
a23168cc4af5 Working defaultauth
Jeff Mitchell <jeff@jefferai.org>
parents: 3162
diff changeset
15
5500
eeea0eb2602a mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()
Kim Alvefur <zash@zash.se>
parents: 5302
diff changeset
16 local accounts = module:open_store("accounts");
eeea0eb2602a mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()
Kim Alvefur <zash@zash.se>
parents: 5302
diff changeset
17
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
18 -- define auth provider
5117
2c7e1ce8f482 mod_auth_*: Use module:provides().
Waqas Hussain <waqas20@gmail.com>
parents: 5115
diff changeset
19 local provider = {};
3162
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
20
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
21 function provider.test_password(username, password)
5779
70bb0df1ffe7 mod_auth_internal_plain: Remove redundant hostname from log messages
Kim Alvefur <zash@zash.se>
parents: 5776
diff changeset
22 log("debug", "test password for user '%s'", username);
5500
eeea0eb2602a mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()
Kim Alvefur <zash@zash.se>
parents: 5302
diff changeset
23 local credentials = accounts:get(username) or {};
10914
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 8057
diff changeset
24 password = saslprep(password);
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 8057
diff changeset
25 if not password then
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 8057
diff changeset
26 return nil, "Password fails SASLprep.";
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 8057
diff changeset
27 end
3162
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
28
10914
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 8057
diff changeset
29 if password == saslprep(credentials.password) then
3162
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
30 return true;
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
31 else
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
32 return nil, "Auth failed. Invalid username or password.";
3162
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
33 end
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
34 end
3162
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
35
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
36 function provider.get_password(username)
5779
70bb0df1ffe7 mod_auth_internal_plain: Remove redundant hostname from log messages
Kim Alvefur <zash@zash.se>
parents: 5776
diff changeset
37 log("debug", "get_password for username '%s'", username);
5500
eeea0eb2602a mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()
Kim Alvefur <zash@zash.se>
parents: 5302
diff changeset
38 return (accounts:get(username) or {}).password;
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
39 end
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
40
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
41 function provider.set_password(username, password)
5780
bc3bf4ded7e4 mod_auth_internal_plain: Log a debug message when changing password to be consistent with the other methods
Kim Alvefur <zash@zash.se>
parents: 5779
diff changeset
42 log("debug", "set_password for username '%s'", username);
10914
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 8057
diff changeset
43 password = saslprep(password);
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 8057
diff changeset
44 if not password then
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 8057
diff changeset
45 return nil, "Password fails SASLprep.";
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 8057
diff changeset
46 end
5500
eeea0eb2602a mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()
Kim Alvefur <zash@zash.se>
parents: 5302
diff changeset
47 local account = accounts:get(username);
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
48 if account then
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
49 account.password = password;
5500
eeea0eb2602a mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()
Kim Alvefur <zash@zash.se>
parents: 5302
diff changeset
50 return accounts:set(username, account);
3162
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
51 end
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
52 return nil, "Account not available.";
3162
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
53 end
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
54
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
55 function provider.user_exists(username)
5500
eeea0eb2602a mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()
Kim Alvefur <zash@zash.se>
parents: 5302
diff changeset
56 local account = accounts:get(username);
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
57 if not account then
5779
70bb0df1ffe7 mod_auth_internal_plain: Remove redundant hostname from log messages
Kim Alvefur <zash@zash.se>
parents: 5776
diff changeset
58 log("debug", "account not found for username '%s'", username);
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
59 return nil, "Auth failed. Invalid username";
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
60 end
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
61 return true;
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
62 end
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
63
5156
6b08c922a2e4 mod_auth_internal_{plain,hashed}: Add support for iterating over accounts
Kim Alvefur <zash@zash.se>
parents: 5117
diff changeset
64 function provider.users()
5500
eeea0eb2602a mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()
Kim Alvefur <zash@zash.se>
parents: 5302
diff changeset
65 return accounts:users();
5156
6b08c922a2e4 mod_auth_internal_{plain,hashed}: Add support for iterating over accounts
Kim Alvefur <zash@zash.se>
parents: 5117
diff changeset
66 end
6b08c922a2e4 mod_auth_internal_{plain,hashed}: Add support for iterating over accounts
Kim Alvefur <zash@zash.se>
parents: 5117
diff changeset
67
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
68 function provider.create_user(username, password)
10914
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 8057
diff changeset
69 password = saslprep(password);
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 8057
diff changeset
70 if not password then
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 8057
diff changeset
71 return nil, "Password fails SASLprep.";
0d7d71dee0a0 mod_auth_internal_*: Apply saslprep to passwords
Kim Alvefur <zash@zash.se>
parents: 8057
diff changeset
72 end
5500
eeea0eb2602a mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()
Kim Alvefur <zash@zash.se>
parents: 5302
diff changeset
73 return accounts:set(username, {password = password});
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
74 end
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
75
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
76 function provider.delete_user(username)
5500
eeea0eb2602a mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()
Kim Alvefur <zash@zash.se>
parents: 5302
diff changeset
77 return accounts:set(username, nil);
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
78 end
3162
f246719abcd2 Added mod_auth_default
Jeff Mitchell <jeff@jefferai.org>
parents:
diff changeset
79
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
80 function provider.get_sasl_handler()
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
81 local getpass_authentication_profile = {
8057
4a9275594981 mod_auth_internal_plain: Rename unused self argument [luacheck]
Kim Alvefur <zash@zash.se>
parents: 5781
diff changeset
82 plain = function(_, username, realm)
5302
52fe5df91c65 mod_auth_internal_plain, mod_auth_internal_hashed: No need to nodeprep here.
Waqas Hussain <waqas20@gmail.com>
parents: 5156
diff changeset
83 local password = usermanager.get_password(username, realm);
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
84 if not password then
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
85 return "", nil;
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
86 end
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
87 return password, true;
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
88 end
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
89 };
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
90 return new_sasl(host, getpass_authentication_profile);
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
91 end
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5509
diff changeset
92
5117
2c7e1ce8f482 mod_auth_*: Use module:provides().
Waqas Hussain <waqas20@gmail.com>
parents: 5115
diff changeset
93 module:provides("auth", provider);
5115
3939960b3c07 mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents: 4762
diff changeset
94