Annotate

plugins/mod_register.lua @ 3394:9bf5f2b3314b

mod_register: Drop useless depencency on datamanager.
author Waqas Hussain <waqas20@gmail.com>
date Tue, 20 Jul 2010 17:42:44 +0500
parent 3302:4d21ce9c0eb7
child 3529:3f9cc12308aa
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1523
841d61be198f Remove version number from copyright headers
Matthew Wild <mwild1@gmail.com>
parents: 1189
diff changeset
1 -- Prosody IM
2923
b7049746bd29 Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents: 2448
diff changeset
2 -- Copyright (C) 2008-2010 Matthew Wild
b7049746bd29 Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents: 2448
diff changeset
3 -- Copyright (C) 2008-2010 Waqas Hussain
519
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
4 --
758
b1885732e979 GPL->MIT!
Matthew Wild <mwild1@gmail.com>
parents: 691
diff changeset
5 -- This project is MIT/X11 licensed. Please see the
b1885732e979 GPL->MIT!
Matthew Wild <mwild1@gmail.com>
parents: 691
diff changeset
6 -- COPYING file in the source package for more information.
519
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
7 --
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
8
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
9
1042
a3d77353c18a mod_*: Fix a load of global accesses
Matthew Wild <mwild1@gmail.com>
parents: 927
diff changeset
10 local hosts = _G.hosts;
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
11 local st = require "util.stanza";
1042
a3d77353c18a mod_*: Fix a load of global accesses
Matthew Wild <mwild1@gmail.com>
parents: 927
diff changeset
12 local datamanager = require "util.datamanager";
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
13 local usermanager_user_exists = require "core.usermanager".user_exists;
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
14 local usermanager_create_user = require "core.usermanager".create_user;
2935
4e4d0d899d9d mod_register: Use set_password to set passwords instead of create_user.
Waqas Hussain <waqas20@gmail.com>
parents: 2923
diff changeset
15 local usermanager_set_password = require "core.usermanager".set_password;
690
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
16 local os_time = os.time;
927
cc180d25dbeb Fixed: mod_register: Node prepping was not being applied to usernames (part of issue #57)
Waqas Hussain <waqas20@gmail.com>
parents: 926
diff changeset
17 local nodeprep = require "util.encodings".stringprep.nodeprep;
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
18
541
3521e0851c9e Change modules to use the new add_feature module API method.
Waqas Hussain <waqas20@gmail.com>
parents: 519
diff changeset
19 module:add_feature("jabber:iq:register");
421
63be85693710 Modules now sending disco replies
Waqas Hussain <waqas20@gmail.com>
parents: 386
diff changeset
20
438
193f9dd64f17 Bumper commit for the new modulemanager API \o/ Updates all the modules, though some more changes may be in store.
Matthew Wild <mwild1@gmail.com>
parents: 421
diff changeset
21 module:add_iq_handler("c2s", "jabber:iq:register", function (session, stanza)
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
22 if stanza.tags[1].name == "query" then
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
23 local query = stanza.tags[1];
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
24 if stanza.attr.type == "get" then
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
25 local reply = st.reply(stanza);
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
26 reply:tag("query", {xmlns = "jabber:iq:register"})
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
27 :tag("registered"):up()
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
28 :tag("username"):text(session.username):up()
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
29 :tag("password"):up();
311
513bd52e8e19 Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents: 85
diff changeset
30 session.send(reply);
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
31 elseif stanza.attr.type == "set" then
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
32 if query.tags[1] and query.tags[1].name == "remove" then
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
33 -- TODO delete user auth data, send iq response, kick all user resources with a <not-authorized/>, delete all user data
926
ceaa7d54a3cb Fixed: mod_regster: traceback when removing accounts
Waqas Hussain <waqas20@gmail.com>
parents: 896
diff changeset
34 local username, host = session.username, session.host;
386
a47b6e8e133e Account deletion support
Waqas Hussain <waqas20@gmail.com>
parents: 311
diff changeset
35 --session.send(st.error_reply(stanza, "cancel", "not-allowed"));
a47b6e8e133e Account deletion support
Waqas Hussain <waqas20@gmail.com>
parents: 311
diff changeset
36 --return;
3164
db9def53fe9c Check in mod_hashpassauth -- works!
Jeff Mitchell <jeff@jefferai.org>
parents: 2935
diff changeset
37 usermanager_set_password(username, nil, host); -- Disable account
386
a47b6e8e133e Account deletion support
Waqas Hussain <waqas20@gmail.com>
parents: 311
diff changeset
38 -- FIXME the disabling currently allows a different user to recreate the account
a47b6e8e133e Account deletion support
Waqas Hussain <waqas20@gmail.com>
parents: 311
diff changeset
39 -- we should add an in-memory account block mode when we have threading
a47b6e8e133e Account deletion support
Waqas Hussain <waqas20@gmail.com>
parents: 311
diff changeset
40 session.send(st.reply(stanza));
a47b6e8e133e Account deletion support
Waqas Hussain <waqas20@gmail.com>
parents: 311
diff changeset
41 local roster = session.roster;
926
ceaa7d54a3cb Fixed: mod_regster: traceback when removing accounts
Waqas Hussain <waqas20@gmail.com>
parents: 896
diff changeset
42 for _, session in pairs(hosts[host].sessions[username].sessions) do -- disconnect all resources
790
f42ad7385640 Fixed: User resources not disconnected correctly on account delete
Waqas Hussain <waqas20@gmail.com>
parents: 760
diff changeset
43 session:close({condition = "not-authorized", text = "Account deleted"});
386
a47b6e8e133e Account deletion support
Waqas Hussain <waqas20@gmail.com>
parents: 311
diff changeset
44 end
a47b6e8e133e Account deletion support
Waqas Hussain <waqas20@gmail.com>
parents: 311
diff changeset
45 -- TODO datamanager should be able to delete all user data itself
926
ceaa7d54a3cb Fixed: mod_regster: traceback when removing accounts
Waqas Hussain <waqas20@gmail.com>
parents: 896
diff changeset
46 datamanager.store(username, host, "vcard", nil);
ceaa7d54a3cb Fixed: mod_regster: traceback when removing accounts
Waqas Hussain <waqas20@gmail.com>
parents: 896
diff changeset
47 datamanager.store(username, host, "private", nil);
3302
4d21ce9c0eb7 mod_register: Remove the offline store as a list (originally aa3725bbcde5 but missed in a merge)
Matthew Wild <mwild1@gmail.com>
parents: 3301
diff changeset
48 datamanager.list_store(username, host, "offline", nil);
2260
67b64995ae1e mod_register: Properly notify contacts of subscription removal on account deletion.
Waqas Hussain <waqas20@gmail.com>
parents: 2085
diff changeset
49 local bare = username.."@"..host;
386
a47b6e8e133e Account deletion support
Waqas Hussain <waqas20@gmail.com>
parents: 311
diff changeset
50 for jid, item in pairs(roster) do
2260
67b64995ae1e mod_register: Properly notify contacts of subscription removal on account deletion.
Waqas Hussain <waqas20@gmail.com>
parents: 2085
diff changeset
51 if jid and jid ~= "pending" then
67b64995ae1e mod_register: Properly notify contacts of subscription removal on account deletion.
Waqas Hussain <waqas20@gmail.com>
parents: 2085
diff changeset
52 if item.subscription == "both" or item.subscription == "from" or (roster.pending and roster.pending[jid]) then
67b64995ae1e mod_register: Properly notify contacts of subscription removal on account deletion.
Waqas Hussain <waqas20@gmail.com>
parents: 2085
diff changeset
53 core_post_stanza(hosts[host], st.presence({type="unsubscribed", from=bare, to=jid}));
386
a47b6e8e133e Account deletion support
Waqas Hussain <waqas20@gmail.com>
parents: 311
diff changeset
54 end
2260
67b64995ae1e mod_register: Properly notify contacts of subscription removal on account deletion.
Waqas Hussain <waqas20@gmail.com>
parents: 2085
diff changeset
55 if item.subscription == "both" or item.subscription == "to" or item.ask then
67b64995ae1e mod_register: Properly notify contacts of subscription removal on account deletion.
Waqas Hussain <waqas20@gmail.com>
parents: 2085
diff changeset
56 core_post_stanza(hosts[host], st.presence({type="unsubscribe", from=bare, to=jid}));
386
a47b6e8e133e Account deletion support
Waqas Hussain <waqas20@gmail.com>
parents: 311
diff changeset
57 end
a47b6e8e133e Account deletion support
Waqas Hussain <waqas20@gmail.com>
parents: 311
diff changeset
58 end
a47b6e8e133e Account deletion support
Waqas Hussain <waqas20@gmail.com>
parents: 311
diff changeset
59 end
2260
67b64995ae1e mod_register: Properly notify contacts of subscription removal on account deletion.
Waqas Hussain <waqas20@gmail.com>
parents: 2085
diff changeset
60 datamanager.store(username, host, "roster", nil);
3297
aa3725bbcde5 mod_register: Delete the offline store as a list, and delete the privacy store.
Waqas Hussain <waqas20@gmail.com>
parents: 3296
diff changeset
61 datamanager.store(username, host, "privacy", nil);
926
ceaa7d54a3cb Fixed: mod_regster: traceback when removing accounts
Waqas Hussain <waqas20@gmail.com>
parents: 896
diff changeset
62 datamanager.store(username, host, "accounts", nil); -- delete accounts datastore at the end
1184
fa6df7e83fb3 mod_register: Fire events and log on account creation/deletion
Matthew Wild <mwild1@gmail.com>
parents: 1042
diff changeset
63 module:log("info", "User removed their account: %s@%s", username, host);
1189
63ed3902f357 mod_register: Attach session to user-registered and user-deregistered events
Matthew Wild <mwild1@gmail.com>
parents: 1184
diff changeset
64 module:fire_event("user-deregistered", { username = username, host = host, source = "mod_register", session = session });
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
65 else
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
66 local username = query:child_with_name("username");
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
67 local password = query:child_with_name("password");
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
68 if username and password then
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
69 -- FIXME shouldn't use table.concat
927
cc180d25dbeb Fixed: mod_register: Node prepping was not being applied to usernames (part of issue #57)
Waqas Hussain <waqas20@gmail.com>
parents: 926
diff changeset
70 username = nodeprep(table.concat(username));
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
71 password = table.concat(password);
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
72 if username == session.username then
3164
db9def53fe9c Check in mod_hashpassauth -- works!
Jeff Mitchell <jeff@jefferai.org>
parents: 2935
diff changeset
73 if usermanager_set_password(username, password, session.host) then
311
513bd52e8e19 Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents: 85
diff changeset
74 session.send(st.reply(stanza));
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
75 else
85
a115b99419ad Added: mod_register now replies with an error stanza when file write fails
Waqas Hussain <waqas20@gmail.com>
parents: 63
diff changeset
76 -- TODO unable to write file, file may be locked, etc, what's the correct error?
311
513bd52e8e19 Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents: 85
diff changeset
77 session.send(st.error_reply(stanza, "wait", "internal-server-error"));
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
78 end
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
79 else
311
513bd52e8e19 Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents: 85
diff changeset
80 session.send(st.error_reply(stanza, "modify", "bad-request"));
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
81 end
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
82 else
311
513bd52e8e19 Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents: 85
diff changeset
83 session.send(st.error_reply(stanza, "modify", "bad-request"));
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
84 end
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
85 end
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
86 end
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
87 else
311
513bd52e8e19 Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents: 85
diff changeset
88 session.send(st.error_reply(stanza, "cancel", "service-unavailable"));
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
89 end;
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
90 end);
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
91
690
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
92 local recent_ips = {};
1692
be76bac8e174 mod_register: Updated to use module:get_option instead of configmanager
Waqas Hussain <waqas20@gmail.com>
parents: 1523
diff changeset
93 local min_seconds_between_registrations = module:get_option("min_seconds_between_registrations");
be76bac8e174 mod_register: Updated to use module:get_option instead of configmanager
Waqas Hussain <waqas20@gmail.com>
parents: 1523
diff changeset
94 local whitelist_only = module:get_option("whitelist_registration_only");
be76bac8e174 mod_register: Updated to use module:get_option instead of configmanager
Waqas Hussain <waqas20@gmail.com>
parents: 1523
diff changeset
95 local whitelisted_ips = module:get_option("registration_whitelist") or { "127.0.0.1" };
be76bac8e174 mod_register: Updated to use module:get_option instead of configmanager
Waqas Hussain <waqas20@gmail.com>
parents: 1523
diff changeset
96 local blacklisted_ips = module:get_option("registration_blacklist") or {};
690
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
97
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
98 for _, ip in ipairs(whitelisted_ips) do whitelisted_ips[ip] = true; end
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
99 for _, ip in ipairs(blacklisted_ips) do blacklisted_ips[ip] = true; end
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
100
438
193f9dd64f17 Bumper commit for the new modulemanager API \o/ Updates all the modules, though some more changes may be in store.
Matthew Wild <mwild1@gmail.com>
parents: 421
diff changeset
101 module:add_iq_handler("c2s_unauthed", "jabber:iq:register", function (session, stanza)
1692
be76bac8e174 mod_register: Updated to use module:get_option instead of configmanager
Waqas Hussain <waqas20@gmail.com>
parents: 1523
diff changeset
102 if module:get_option("allow_registration") == false then
665
09e0e9c722a3 Add allow_registration option to disable account registration
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
103 session.send(st.error_reply(stanza, "cancel", "service-unavailable"));
09e0e9c722a3 Add allow_registration option to disable account registration
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
104 elseif stanza.tags[1].name == "query" then
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
105 local query = stanza.tags[1];
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
106 if stanza.attr.type == "get" then
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
107 local reply = st.reply(stanza);
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
108 reply:tag("query", {xmlns = "jabber:iq:register"})
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
109 :tag("instructions"):text("Choose a username and password for use with this service."):up()
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
110 :tag("username"):up()
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
111 :tag("password"):up();
311
513bd52e8e19 Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents: 85
diff changeset
112 session.send(reply);
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
113 elseif stanza.attr.type == "set" then
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
114 if query.tags[1] and query.tags[1].name == "remove" then
311
513bd52e8e19 Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents: 85
diff changeset
115 session.send(st.error_reply(stanza, "auth", "registration-required"));
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
116 else
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
117 local username = query:child_with_name("username");
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
118 local password = query:child_with_name("password");
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
119 if username and password then
690
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
120 -- Check that the user is not blacklisted or registering too often
2085
64872e216e23 mod_register: Log a debug message when a session's IP is not available.
Waqas Hussain <waqas20@gmail.com>
parents: 1861
diff changeset
121 if not session.ip then
64872e216e23 mod_register: Log a debug message when a session's IP is not available.
Waqas Hussain <waqas20@gmail.com>
parents: 1861
diff changeset
122 module:log("debug", "User's IP not known; can't apply blacklist/whitelist");
64872e216e23 mod_register: Log a debug message when a session's IP is not available.
Waqas Hussain <waqas20@gmail.com>
parents: 1861
diff changeset
123 elseif blacklisted_ips[session.ip] or (whitelist_only and not whitelisted_ips[session.ip]) then
1859
c965b0accc7c mod_register: Added helpful text to registration error responses.
Waqas Hussain <waqas20@gmail.com>
parents: 1858
diff changeset
124 session.send(st.error_reply(stanza, "cancel", "not-acceptable", "You are not allowed to register an account."));
c965b0accc7c mod_register: Added helpful text to registration error responses.
Waqas Hussain <waqas20@gmail.com>
parents: 1858
diff changeset
125 return;
690
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
126 elseif min_seconds_between_registrations and not whitelisted_ips[session.ip] then
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
127 if not recent_ips[session.ip] then
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
128 recent_ips[session.ip] = { time = os_time(), count = 1 };
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
129 else
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
130 local ip = recent_ips[session.ip];
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
131 ip.count = ip.count + 1;
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
132
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
133 if os_time() - ip.time < min_seconds_between_registrations then
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
134 ip.time = os_time();
1858
49eef8e19a71 mod_register: Changed error type for hitting registration rate limit from 'cancel' to 'wait'.
Waqas Hussain <waqas20@gmail.com>
parents: 1857
diff changeset
135 session.send(st.error_reply(stanza, "wait", "not-acceptable"));
690
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
136 return;
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
137 end
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
138 ip.time = os_time();
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
139 end
e901a0709005 Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents: 665
diff changeset
140 end
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
141 -- FIXME shouldn't use table.concat
927
cc180d25dbeb Fixed: mod_register: Node prepping was not being applied to usernames (part of issue #57)
Waqas Hussain <waqas20@gmail.com>
parents: 926
diff changeset
142 username = nodeprep(table.concat(username));
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
143 password = table.concat(password);
1857
ef266aa8e18f mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents: 1523
diff changeset
144 local host = module.host;
2448
542335c8a5bc mod_register: Return a <not-acceptable/> error on empty usernames (thanks Neustradamus).
Waqas Hussain <waqas20@gmail.com>
parents: 2260
diff changeset
145 if not username or username == "" then
1859
c965b0accc7c mod_register: Added helpful text to registration error responses.
Waqas Hussain <waqas20@gmail.com>
parents: 1858
diff changeset
146 session.send(st.error_reply(stanza, "modify", "not-acceptable", "The requested username is invalid."));
1857
ef266aa8e18f mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents: 1523
diff changeset
147 elseif usermanager_user_exists(username, host) then
1859
c965b0accc7c mod_register: Added helpful text to registration error responses.
Waqas Hussain <waqas20@gmail.com>
parents: 1858
diff changeset
148 session.send(st.error_reply(stanza, "cancel", "conflict", "The requested username already exists."));
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
149 else
1857
ef266aa8e18f mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents: 1523
diff changeset
150 if usermanager_create_user(username, password, host) then
311
513bd52e8e19 Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents: 85
diff changeset
151 session.send(st.reply(stanza)); -- user created!
1857
ef266aa8e18f mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents: 1523
diff changeset
152 module:log("info", "User account created: %s@%s", username, host);
1184
fa6df7e83fb3 mod_register: Fire events and log on account creation/deletion
Matthew Wild <mwild1@gmail.com>
parents: 1042
diff changeset
153 module:fire_event("user-registered", {
1857
ef266aa8e18f mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents: 1523
diff changeset
154 username = username, host = host, source = "mod_register",
1189
63ed3902f357 mod_register: Attach session to user-registered and user-deregistered events
Matthew Wild <mwild1@gmail.com>
parents: 1184
diff changeset
155 session = session });
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
156 else
85
a115b99419ad Added: mod_register now replies with an error stanza when file write fails
Waqas Hussain <waqas20@gmail.com>
parents: 63
diff changeset
157 -- TODO unable to write file, file may be locked, etc, what's the correct error?
1859
c965b0accc7c mod_register: Added helpful text to registration error responses.
Waqas Hussain <waqas20@gmail.com>
parents: 1858
diff changeset
158 session.send(st.error_reply(stanza, "wait", "internal-server-error", "Failed to write data to disk."));
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
159 end
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
160 end
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
161 else
311
513bd52e8e19 Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents: 85
diff changeset
162 session.send(st.error_reply(stanza, "modify", "not-acceptable"));
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
163 end
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
164 end
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
165 end
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
166 else
311
513bd52e8e19 Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents: 85
diff changeset
167 session.send(st.error_reply(stanza, "cancel", "service-unavailable"));
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
168 end;
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
169 end);
665
09e0e9c722a3 Add allow_registration option to disable account registration
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
170