Software /
code /
prosody
Annotate
plugins/mod_register.lua @ 3394:9bf5f2b3314b
mod_register: Drop useless depencency on datamanager.
author | Waqas Hussain <waqas20@gmail.com> |
---|---|
date | Tue, 20 Jul 2010 17:42:44 +0500 |
parent | 3302:4d21ce9c0eb7 |
child | 3529:3f9cc12308aa |
rev | line source |
---|---|
1523
841d61be198f
Remove version number from copyright headers
Matthew Wild <mwild1@gmail.com>
parents:
1189
diff
changeset
|
1 -- Prosody IM |
2923
b7049746bd29
Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents:
2448
diff
changeset
|
2 -- Copyright (C) 2008-2010 Matthew Wild |
b7049746bd29
Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents:
2448
diff
changeset
|
3 -- Copyright (C) 2008-2010 Waqas Hussain |
519
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
438
diff
changeset
|
4 -- |
758 | 5 -- This project is MIT/X11 licensed. Please see the |
6 -- COPYING file in the source package for more information. | |
519
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
438
diff
changeset
|
7 -- |
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
438
diff
changeset
|
8 |
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
438
diff
changeset
|
9 |
1042
a3d77353c18a
mod_*: Fix a load of global accesses
Matthew Wild <mwild1@gmail.com>
parents:
927
diff
changeset
|
10 local hosts = _G.hosts; |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
11 local st = require "util.stanza"; |
1042
a3d77353c18a
mod_*: Fix a load of global accesses
Matthew Wild <mwild1@gmail.com>
parents:
927
diff
changeset
|
12 local datamanager = require "util.datamanager"; |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
13 local usermanager_user_exists = require "core.usermanager".user_exists; |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
14 local usermanager_create_user = require "core.usermanager".create_user; |
2935
4e4d0d899d9d
mod_register: Use set_password to set passwords instead of create_user.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
15 local usermanager_set_password = require "core.usermanager".set_password; |
690
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
16 local os_time = os.time; |
927
cc180d25dbeb
Fixed: mod_register: Node prepping was not being applied to usernames (part of issue #57)
Waqas Hussain <waqas20@gmail.com>
parents:
926
diff
changeset
|
17 local nodeprep = require "util.encodings".stringprep.nodeprep; |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
18 |
541
3521e0851c9e
Change modules to use the new add_feature module API method.
Waqas Hussain <waqas20@gmail.com>
parents:
519
diff
changeset
|
19 module:add_feature("jabber:iq:register"); |
421
63be85693710
Modules now sending disco replies
Waqas Hussain <waqas20@gmail.com>
parents:
386
diff
changeset
|
20 |
438
193f9dd64f17
Bumper commit for the new modulemanager API \o/ Updates all the modules, though some more changes may be in store.
Matthew Wild <mwild1@gmail.com>
parents:
421
diff
changeset
|
21 module:add_iq_handler("c2s", "jabber:iq:register", function (session, stanza) |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
22 if stanza.tags[1].name == "query" then |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
23 local query = stanza.tags[1]; |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
24 if stanza.attr.type == "get" then |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
25 local reply = st.reply(stanza); |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
26 reply:tag("query", {xmlns = "jabber:iq:register"}) |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
27 :tag("registered"):up() |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
28 :tag("username"):text(session.username):up() |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
29 :tag("password"):up(); |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
30 session.send(reply); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
31 elseif stanza.attr.type == "set" then |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
32 if query.tags[1] and query.tags[1].name == "remove" then |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
33 -- TODO delete user auth data, send iq response, kick all user resources with a <not-authorized/>, delete all user data |
926
ceaa7d54a3cb
Fixed: mod_regster: traceback when removing accounts
Waqas Hussain <waqas20@gmail.com>
parents:
896
diff
changeset
|
34 local username, host = session.username, session.host; |
386 | 35 --session.send(st.error_reply(stanza, "cancel", "not-allowed")); |
36 --return; | |
3164
db9def53fe9c
Check in mod_hashpassauth -- works!
Jeff Mitchell <jeff@jefferai.org>
parents:
2935
diff
changeset
|
37 usermanager_set_password(username, nil, host); -- Disable account |
386 | 38 -- FIXME the disabling currently allows a different user to recreate the account |
39 -- we should add an in-memory account block mode when we have threading | |
40 session.send(st.reply(stanza)); | |
41 local roster = session.roster; | |
926
ceaa7d54a3cb
Fixed: mod_regster: traceback when removing accounts
Waqas Hussain <waqas20@gmail.com>
parents:
896
diff
changeset
|
42 for _, session in pairs(hosts[host].sessions[username].sessions) do -- disconnect all resources |
790
f42ad7385640
Fixed: User resources not disconnected correctly on account delete
Waqas Hussain <waqas20@gmail.com>
parents:
760
diff
changeset
|
43 session:close({condition = "not-authorized", text = "Account deleted"}); |
386 | 44 end |
45 -- TODO datamanager should be able to delete all user data itself | |
926
ceaa7d54a3cb
Fixed: mod_regster: traceback when removing accounts
Waqas Hussain <waqas20@gmail.com>
parents:
896
diff
changeset
|
46 datamanager.store(username, host, "vcard", nil); |
ceaa7d54a3cb
Fixed: mod_regster: traceback when removing accounts
Waqas Hussain <waqas20@gmail.com>
parents:
896
diff
changeset
|
47 datamanager.store(username, host, "private", nil); |
3302
4d21ce9c0eb7
mod_register: Remove the offline store as a list (originally aa3725bbcde5 but missed in a merge)
Matthew Wild <mwild1@gmail.com>
parents:
3301
diff
changeset
|
48 datamanager.list_store(username, host, "offline", nil); |
2260
67b64995ae1e
mod_register: Properly notify contacts of subscription removal on account deletion.
Waqas Hussain <waqas20@gmail.com>
parents:
2085
diff
changeset
|
49 local bare = username.."@"..host; |
386 | 50 for jid, item in pairs(roster) do |
2260
67b64995ae1e
mod_register: Properly notify contacts of subscription removal on account deletion.
Waqas Hussain <waqas20@gmail.com>
parents:
2085
diff
changeset
|
51 if jid and jid ~= "pending" then |
67b64995ae1e
mod_register: Properly notify contacts of subscription removal on account deletion.
Waqas Hussain <waqas20@gmail.com>
parents:
2085
diff
changeset
|
52 if item.subscription == "both" or item.subscription == "from" or (roster.pending and roster.pending[jid]) then |
67b64995ae1e
mod_register: Properly notify contacts of subscription removal on account deletion.
Waqas Hussain <waqas20@gmail.com>
parents:
2085
diff
changeset
|
53 core_post_stanza(hosts[host], st.presence({type="unsubscribed", from=bare, to=jid})); |
386 | 54 end |
2260
67b64995ae1e
mod_register: Properly notify contacts of subscription removal on account deletion.
Waqas Hussain <waqas20@gmail.com>
parents:
2085
diff
changeset
|
55 if item.subscription == "both" or item.subscription == "to" or item.ask then |
67b64995ae1e
mod_register: Properly notify contacts of subscription removal on account deletion.
Waqas Hussain <waqas20@gmail.com>
parents:
2085
diff
changeset
|
56 core_post_stanza(hosts[host], st.presence({type="unsubscribe", from=bare, to=jid})); |
386 | 57 end |
58 end | |
59 end | |
2260
67b64995ae1e
mod_register: Properly notify contacts of subscription removal on account deletion.
Waqas Hussain <waqas20@gmail.com>
parents:
2085
diff
changeset
|
60 datamanager.store(username, host, "roster", nil); |
3297
aa3725bbcde5
mod_register: Delete the offline store as a list, and delete the privacy store.
Waqas Hussain <waqas20@gmail.com>
parents:
3296
diff
changeset
|
61 datamanager.store(username, host, "privacy", nil); |
926
ceaa7d54a3cb
Fixed: mod_regster: traceback when removing accounts
Waqas Hussain <waqas20@gmail.com>
parents:
896
diff
changeset
|
62 datamanager.store(username, host, "accounts", nil); -- delete accounts datastore at the end |
1184
fa6df7e83fb3
mod_register: Fire events and log on account creation/deletion
Matthew Wild <mwild1@gmail.com>
parents:
1042
diff
changeset
|
63 module:log("info", "User removed their account: %s@%s", username, host); |
1189
63ed3902f357
mod_register: Attach session to user-registered and user-deregistered events
Matthew Wild <mwild1@gmail.com>
parents:
1184
diff
changeset
|
64 module:fire_event("user-deregistered", { username = username, host = host, source = "mod_register", session = session }); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
65 else |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
66 local username = query:child_with_name("username"); |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
67 local password = query:child_with_name("password"); |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
68 if username and password then |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
69 -- FIXME shouldn't use table.concat |
927
cc180d25dbeb
Fixed: mod_register: Node prepping was not being applied to usernames (part of issue #57)
Waqas Hussain <waqas20@gmail.com>
parents:
926
diff
changeset
|
70 username = nodeprep(table.concat(username)); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
71 password = table.concat(password); |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
72 if username == session.username then |
3164
db9def53fe9c
Check in mod_hashpassauth -- works!
Jeff Mitchell <jeff@jefferai.org>
parents:
2935
diff
changeset
|
73 if usermanager_set_password(username, password, session.host) then |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
74 session.send(st.reply(stanza)); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
75 else |
85
a115b99419ad
Added: mod_register now replies with an error stanza when file write fails
Waqas Hussain <waqas20@gmail.com>
parents:
63
diff
changeset
|
76 -- TODO unable to write file, file may be locked, etc, what's the correct error? |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
77 session.send(st.error_reply(stanza, "wait", "internal-server-error")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
78 end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
79 else |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
80 session.send(st.error_reply(stanza, "modify", "bad-request")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
81 end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
82 else |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
83 session.send(st.error_reply(stanza, "modify", "bad-request")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
84 end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
85 end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
86 end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
87 else |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
88 session.send(st.error_reply(stanza, "cancel", "service-unavailable")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
89 end; |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
90 end); |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
91 |
690
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
92 local recent_ips = {}; |
1692
be76bac8e174
mod_register: Updated to use module:get_option instead of configmanager
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
93 local min_seconds_between_registrations = module:get_option("min_seconds_between_registrations"); |
be76bac8e174
mod_register: Updated to use module:get_option instead of configmanager
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
94 local whitelist_only = module:get_option("whitelist_registration_only"); |
be76bac8e174
mod_register: Updated to use module:get_option instead of configmanager
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
95 local whitelisted_ips = module:get_option("registration_whitelist") or { "127.0.0.1" }; |
be76bac8e174
mod_register: Updated to use module:get_option instead of configmanager
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
96 local blacklisted_ips = module:get_option("registration_blacklist") or {}; |
690
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
97 |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
98 for _, ip in ipairs(whitelisted_ips) do whitelisted_ips[ip] = true; end |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
99 for _, ip in ipairs(blacklisted_ips) do blacklisted_ips[ip] = true; end |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
100 |
438
193f9dd64f17
Bumper commit for the new modulemanager API \o/ Updates all the modules, though some more changes may be in store.
Matthew Wild <mwild1@gmail.com>
parents:
421
diff
changeset
|
101 module:add_iq_handler("c2s_unauthed", "jabber:iq:register", function (session, stanza) |
1692
be76bac8e174
mod_register: Updated to use module:get_option instead of configmanager
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
102 if module:get_option("allow_registration") == false then |
665
09e0e9c722a3
Add allow_registration option to disable account registration
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
103 session.send(st.error_reply(stanza, "cancel", "service-unavailable")); |
09e0e9c722a3
Add allow_registration option to disable account registration
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
104 elseif stanza.tags[1].name == "query" then |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
105 local query = stanza.tags[1]; |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
106 if stanza.attr.type == "get" then |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
107 local reply = st.reply(stanza); |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
108 reply:tag("query", {xmlns = "jabber:iq:register"}) |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
109 :tag("instructions"):text("Choose a username and password for use with this service."):up() |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
110 :tag("username"):up() |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
111 :tag("password"):up(); |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
112 session.send(reply); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
113 elseif stanza.attr.type == "set" then |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
114 if query.tags[1] and query.tags[1].name == "remove" then |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
115 session.send(st.error_reply(stanza, "auth", "registration-required")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
116 else |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
117 local username = query:child_with_name("username"); |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
118 local password = query:child_with_name("password"); |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
119 if username and password then |
690
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
120 -- Check that the user is not blacklisted or registering too often |
2085
64872e216e23
mod_register: Log a debug message when a session's IP is not available.
Waqas Hussain <waqas20@gmail.com>
parents:
1861
diff
changeset
|
121 if not session.ip then |
64872e216e23
mod_register: Log a debug message when a session's IP is not available.
Waqas Hussain <waqas20@gmail.com>
parents:
1861
diff
changeset
|
122 module:log("debug", "User's IP not known; can't apply blacklist/whitelist"); |
64872e216e23
mod_register: Log a debug message when a session's IP is not available.
Waqas Hussain <waqas20@gmail.com>
parents:
1861
diff
changeset
|
123 elseif blacklisted_ips[session.ip] or (whitelist_only and not whitelisted_ips[session.ip]) then |
1859
c965b0accc7c
mod_register: Added helpful text to registration error responses.
Waqas Hussain <waqas20@gmail.com>
parents:
1858
diff
changeset
|
124 session.send(st.error_reply(stanza, "cancel", "not-acceptable", "You are not allowed to register an account.")); |
c965b0accc7c
mod_register: Added helpful text to registration error responses.
Waqas Hussain <waqas20@gmail.com>
parents:
1858
diff
changeset
|
125 return; |
690
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
126 elseif min_seconds_between_registrations and not whitelisted_ips[session.ip] then |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
127 if not recent_ips[session.ip] then |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
128 recent_ips[session.ip] = { time = os_time(), count = 1 }; |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
129 else |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
130 local ip = recent_ips[session.ip]; |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
131 ip.count = ip.count + 1; |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
132 |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
133 if os_time() - ip.time < min_seconds_between_registrations then |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
134 ip.time = os_time(); |
1858
49eef8e19a71
mod_register: Changed error type for hitting registration rate limit from 'cancel' to 'wait'.
Waqas Hussain <waqas20@gmail.com>
parents:
1857
diff
changeset
|
135 session.send(st.error_reply(stanza, "wait", "not-acceptable")); |
690
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
136 return; |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
137 end |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
138 ip.time = os_time(); |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
139 end |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
140 end |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
141 -- FIXME shouldn't use table.concat |
927
cc180d25dbeb
Fixed: mod_register: Node prepping was not being applied to usernames (part of issue #57)
Waqas Hussain <waqas20@gmail.com>
parents:
926
diff
changeset
|
142 username = nodeprep(table.concat(username)); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
143 password = table.concat(password); |
1857
ef266aa8e18f
mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
144 local host = module.host; |
2448
542335c8a5bc
mod_register: Return a <not-acceptable/> error on empty usernames (thanks Neustradamus).
Waqas Hussain <waqas20@gmail.com>
parents:
2260
diff
changeset
|
145 if not username or username == "" then |
1859
c965b0accc7c
mod_register: Added helpful text to registration error responses.
Waqas Hussain <waqas20@gmail.com>
parents:
1858
diff
changeset
|
146 session.send(st.error_reply(stanza, "modify", "not-acceptable", "The requested username is invalid.")); |
1857
ef266aa8e18f
mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
147 elseif usermanager_user_exists(username, host) then |
1859
c965b0accc7c
mod_register: Added helpful text to registration error responses.
Waqas Hussain <waqas20@gmail.com>
parents:
1858
diff
changeset
|
148 session.send(st.error_reply(stanza, "cancel", "conflict", "The requested username already exists.")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
149 else |
1857
ef266aa8e18f
mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
150 if usermanager_create_user(username, password, host) then |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
151 session.send(st.reply(stanza)); -- user created! |
1857
ef266aa8e18f
mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
152 module:log("info", "User account created: %s@%s", username, host); |
1184
fa6df7e83fb3
mod_register: Fire events and log on account creation/deletion
Matthew Wild <mwild1@gmail.com>
parents:
1042
diff
changeset
|
153 module:fire_event("user-registered", { |
1857
ef266aa8e18f
mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
154 username = username, host = host, source = "mod_register", |
1189
63ed3902f357
mod_register: Attach session to user-registered and user-deregistered events
Matthew Wild <mwild1@gmail.com>
parents:
1184
diff
changeset
|
155 session = session }); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
156 else |
85
a115b99419ad
Added: mod_register now replies with an error stanza when file write fails
Waqas Hussain <waqas20@gmail.com>
parents:
63
diff
changeset
|
157 -- TODO unable to write file, file may be locked, etc, what's the correct error? |
1859
c965b0accc7c
mod_register: Added helpful text to registration error responses.
Waqas Hussain <waqas20@gmail.com>
parents:
1858
diff
changeset
|
158 session.send(st.error_reply(stanza, "wait", "internal-server-error", "Failed to write data to disk.")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
159 end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
160 end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
161 else |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
162 session.send(st.error_reply(stanza, "modify", "not-acceptable")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
163 end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
164 end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
165 end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
166 else |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
167 session.send(st.error_reply(stanza, "cancel", "service-unavailable")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
168 end; |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
169 end); |
665
09e0e9c722a3
Add allow_registration option to disable account registration
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
170 |