prosody
a5050e21ab08
plugins/mod_register_ibr.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Annotate

plugins/mod_register_ibr.lua @ 11455:a5050e21ab08

util.datamapper: Separate extraction of xml from coercion to target type Now it gets the text, attribute or name first, then turns it into whatever the schema wants. This should be easier to further factor out into preparation for array support.
author Kim Alvefur <zash@zash.se>
date Sun, 14 Mar 2021 03:06:37 +0100
parent 10946:84441c19750e
child 12330:38b5b05407be
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1523
841d61be198f Remove version number from copyright headers
Matthew Wild <mwild1@gmail.com>
parents: 1189
diff changeset
1 -- Prosody IM
2923
b7049746bd29 Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents: 2448
diff changeset
2 -- Copyright (C) 2008-2010 Matthew Wild
b7049746bd29 Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents: 2448
diff changeset
3 -- Copyright (C) 2008-2010 Waqas Hussain
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5763
diff changeset
4 --
758
b1885732e979 GPL->MIT!
Matthew Wild <mwild1@gmail.com>
parents: 691
diff changeset
5 -- This project is MIT/X11 licensed. Please see the
b1885732e979 GPL->MIT!
Matthew Wild <mwild1@gmail.com>
parents: 691
diff changeset
6 -- COPYING file in the source package for more information.
519
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
7 --
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
8
cccd610a0ef9 Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents: 438
diff changeset
9
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
10 local st = require "util.stanza";
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
11 local dataform_new = require "util.dataforms".new;
10939
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
12 local usermanager_user_exists = require "core.usermanager".user_exists;
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
13 local usermanager_create_user = require "core.usermanager".create_user;
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
14 local usermanager_set_password = require "core.usermanager".create_user;
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
15 local usermanager_delete_user = require "core.usermanager".delete_user;
927
cc180d25dbeb Fixed: mod_register: Node prepping was not being applied to usernames (part of issue #57)
Waqas Hussain <waqas20@gmail.com>
parents: 926
diff changeset
16 local nodeprep = require "util.encodings".stringprep.nodeprep;
10939
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
17 local util_error = require "util.error";
3995
e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents: 3540
diff changeset
18
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
19 local additional_fields = module:get_option("additional_registration_fields", {});
8484
f591855f060d mod_register: Split into mod_register_ibr and mod_user_account_management (#723)
Kim Alvefur <zash@zash.se>
parents: 8464
diff changeset
20 local require_encryption = module:get_option_boolean("c2s_require_encryption",
f591855f060d mod_register: Split into mod_register_ibr and mod_user_account_management (#723)
Kim Alvefur <zash@zash.se>
parents: 8464
diff changeset
21 module:get_option_boolean("require_encryption", false));
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
22
9608
3e44b8dc2cc0 mod_register: Move dependency on mod_register_limits into mod_register_ibr
Kim Alvefur <zash@zash.se>
parents: 9453
diff changeset
23 pcall(function ()
3e44b8dc2cc0 mod_register: Move dependency on mod_register_limits into mod_register_ibr
Kim Alvefur <zash@zash.se>
parents: 9453
diff changeset
24 module:depends("register_limits");
3e44b8dc2cc0 mod_register: Move dependency on mod_register_limits into mod_register_ibr
Kim Alvefur <zash@zash.se>
parents: 9453
diff changeset
25 end);
3e44b8dc2cc0 mod_register: Move dependency on mod_register_limits into mod_register_ibr
Kim Alvefur <zash@zash.se>
parents: 9453
diff changeset
26
5500
eeea0eb2602a mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()
Kim Alvefur <zash@zash.se>
parents: 5371
diff changeset
27 local account_details = module:open_store("account_details");
eeea0eb2602a mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()
Kim Alvefur <zash@zash.se>
parents: 5371
diff changeset
28
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
29 local field_map = {
10281
f90abf142d53 mod_register_ibr: Add FORM_TYPE as required by XEP-0077.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 9608
diff changeset
30 FORM_TYPE = { name = "FORM_TYPE", type = "hidden", value = "jabber:iq:register" };
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
31 username = { name = "username", type = "text-single", label = "Username", required = true };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
32 password = { name = "password", type = "text-private", label = "Password", required = true };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
33 nick = { name = "nick", type = "text-single", label = "Nickname" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
34 name = { name = "name", type = "text-single", label = "Full Name" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
35 first = { name = "first", type = "text-single", label = "Given Name" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
36 last = { name = "last", type = "text-single", label = "Family Name" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
37 email = { name = "email", type = "text-single", label = "Email" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
38 address = { name = "address", type = "text-single", label = "Street" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
39 city = { name = "city", type = "text-single", label = "City" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
40 state = { name = "state", type = "text-single", label = "State" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
41 zip = { name = "zip", type = "text-single", label = "Postal code" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
42 phone = { name = "phone", type = "text-single", label = "Telephone number" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
43 url = { name = "url", type = "text-single", label = "Webpage" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
44 date = { name = "date", type = "text-single", label = "Birth date" };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
45 };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
46
7812
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
47 local title = module:get_option_string("registration_title",
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
48 "Creating a new account");
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
49 local instructions = module:get_option_string("registration_instructions",
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
50 "Choose a username and password for use with this service.");
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
51
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
52 local registration_form = dataform_new{
7812
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
53 title = title;
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
54 instructions = instructions;
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
55
10281
f90abf142d53 mod_register_ibr: Add FORM_TYPE as required by XEP-0077.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 9608
diff changeset
56 field_map.FORM_TYPE;
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
57 field_map.username;
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
58 field_map.password;
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
59 };
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
60
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
61 local registration_query = st.stanza("query", {xmlns = "jabber:iq:register"})
7812
2bc339352dcd mod_register: Allow 'title' and 'instructions' fields to be customized
Kim Alvefur <zash@zash.se>
parents: 7754
diff changeset
62 :tag("instructions"):text(instructions):up()
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
63 :tag("username"):up()
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
64 :tag("password"):up();
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
65
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
66 for _, field in ipairs(additional_fields) do
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
67 if type(field) == "table" then
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
68 registration_form[#registration_form + 1] = field;
7816
2624f4ee34a2 mod_register: Fix syntax errors
Kim Alvefur <zash@zash.se>
parents: 7815
diff changeset
69 elseif field_map[field] or field_map[field:sub(1, -2)] then
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
70 if field:match("%+$") then
7814
2120d71b0d56 mod_register: Strip '+' char from field names without using length
Kim Alvefur <zash@zash.se>
parents: 7812
diff changeset
71 field = field:sub(1, -2);
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
72 field_map[field].required = true;
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
73 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
74
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
75 registration_form[#registration_form + 1] = field_map[field];
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
76 registration_query:tag(field):up();
7815
f8d25a2e80ea mod_register: Verify that fields are known to prevent traceback
Kim Alvefur <zash@zash.se>
parents: 7814
diff changeset
77 else
f8d25a2e80ea mod_register: Verify that fields are known to prevent traceback
Kim Alvefur <zash@zash.se>
parents: 7814
diff changeset
78 module:log("error", "Unknown field %q", field);
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
79 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
80 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
81 registration_query:add_child(registration_form:form());
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
82
4268
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
83 local register_stream_feature = st.stanza("register", {xmlns="http://jabber.org/features/iq-register"}):up();
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
84 module:hook("stream-features", function(event)
5707
36a289e9244c mod_register: Fix indentation
Kim Alvefur <zash@zash.se>
parents: 5637
diff changeset
85 local session, features = event.origin, event.features;
4268
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
86
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
87 -- Advertise registration to unauthorized clients only.
8484
f591855f060d mod_register: Split into mod_register_ibr and mod_user_account_management (#723)
Kim Alvefur <zash@zash.se>
parents: 8464
diff changeset
88 if session.type ~= "c2s_unauthed" or (require_encryption and not session.secure) then
4268
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
89 return
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
90 end
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
91
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
92 features:add_child(register_stream_feature);
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
93 end);
c249f10eb9bb Advertise in-band registration support.
Glenn Maynard <glenn@zewt.org>
parents: 3997
diff changeset
94
4398
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
95 local function parse_response(query)
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
96 local form = query:get_child("x", "jabber:x:data");
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
97 if form then
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
98 return registration_form:data(form);
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
99 else
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
100 local data = {};
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
101 local errors = {};
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
102 for _, field in ipairs(registration_form) do
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
103 local name, required = field.name, field.required;
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
104 if field_map[name] then
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
105 data[name] = query:get_child_text(name);
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
106 if (not data[name] or #data[name] == 0) and required then
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
107 errors[name] = "Required value missing";
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
108 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
109 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
110 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
111 if next(errors) then
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
112 return data, errors;
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
113 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
114 return data;
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
115 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
116 end
acc37e221940 mod_register: Add support for additional registration fields
Florian Zeitz <florob@babelmonkeys.de>
parents: 4270
diff changeset
117
8194
ba9cd8447578 mod_register: Add comments saying which section handles password change, account deletion and which is in-band registration
Kim Alvefur <zash@zash.se>
parents: 8192
diff changeset
118 -- In-band registration
3529
3f9cc12308aa mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 3394
diff changeset
119 module:hook("stanza/iq/jabber:iq:register:query", function(event)
3f9cc12308aa mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 3394
diff changeset
120 local session, stanza = event.origin, event.stanza;
7017
ff734a602886 mod_register: Use session log instance to ease indentification
Kim Alvefur <zash@zash.se>
parents: 5776
diff changeset
121 local log = session.log or module._log;
3529
3f9cc12308aa mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 3394
diff changeset
122
8484
f591855f060d mod_register: Split into mod_register_ibr and mod_user_account_management (#723)
Kim Alvefur <zash@zash.se>
parents: 8464
diff changeset
123 if session.type ~= "c2s_unauthed" then
7709
0af1783d1592 mod_register: Additional logging for various registration failure cases
Kim Alvefur <zash@zash.se>
parents: 7570
diff changeset
124 log("debug", "Attempted registration when disabled or already authenticated");
665
09e0e9c722a3 Add allow_registration option to disable account registration
Matthew Wild <mwild1@gmail.com>
parents: 615
diff changeset
125 session.send(st.error_reply(stanza, "cancel", "service-unavailable"));
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
126 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
127 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
128
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
129 if require_encryption and not session.secure then
7916
72b6d5ab4137 mod_register: Require encryption before registration if c2s_require_encryption is set (fixes #595)
Kim Alvefur <zash@zash.se>
parents: 5637
diff changeset
130 session.send(st.error_reply(stanza, "modify", "policy-violation", "Encryption is required"));
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
131 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
132 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
133
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
134 local query = stanza.tags[1];
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
135 if stanza.attr.type == "get" then
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
136 local reply = st.reply(stanza);
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
137 reply:add_child(registration_query);
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
138 session.send(reply);
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
139 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
140 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
141
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
142 -- stanza.attr.type == "set"
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
143 if query.tags[1] and query.tags[1].name == "remove" then
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
144 session.send(st.error_reply(stanza, "auth", "registration-required"));
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
145 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
146 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
147
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
148 local data, errors = parse_response(query);
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
149 if errors then
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
150 log("debug", "Error parsing registration form:");
8737
6d71845bf56f mod_register_ibr: Return a textual error to the user for problems with parsing form data
Kim Alvefur <zash@zash.se>
parents: 8736
diff changeset
151 local textual_errors = {};
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
152 for field, err in pairs(errors) do
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
153 log("debug", "Field %q: %s", field, err);
8737
6d71845bf56f mod_register_ibr: Return a textual error to the user for problems with parsing form data
Kim Alvefur <zash@zash.se>
parents: 8736
diff changeset
154 table.insert(textual_errors, ("%s: %s"):format(field:gsub("^%a", string.upper), err));
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
155 end
8737
6d71845bf56f mod_register_ibr: Return a textual error to the user for problems with parsing form data
Kim Alvefur <zash@zash.se>
parents: 8736
diff changeset
156 session.send(st.error_reply(stanza, "modify", "not-acceptable", table.concat(textual_errors, "\n")));
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
157 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
158 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
159
10368
76eb79d372de mod_register_ibr: Enforce strict JID validation
Kim Alvefur <zash@zash.se>
parents: 10363
diff changeset
160 local username, password = nodeprep(data.username, true), data.password;
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
161 data.username, data.password = nil, nil;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
162 local host = module.host;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
163 if not username or username == "" then
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
164 log("debug", "The requested username is invalid.");
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
165 session.send(st.error_reply(stanza, "modify", "not-acceptable", "The requested username is invalid."));
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
166 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
167 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
168
9453
b6cdadb1175d mod_register_ibr: Include password in user-registering event, to allow e.g. password policy enforcement
Matthew Wild <mwild1@gmail.com>
parents: 8737
diff changeset
169 local user = { username = username, password = password, host = host, additional = data, ip = session.ip, session = session, allowed = true }
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
170 module:fire_event("user-registering", user);
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
171 if not user.allowed then
10363
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
172 local error_type, error_condition, reason;
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
173 local err = user.error;
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
174 if err then
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
175 error_type, error_condition, reason = err.type, err.condition, err.text;
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
176 else
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
177 -- COMPAT pre-util.error
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
178 error_type, error_condition, reason = user.error_type, user.error_condition, user.reason;
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
179 end
10767
a0166932479f mod_register_ibr: Fix reporting of registration rejection reason
Kim Alvefur <zash@zash.se>
parents: 10368
diff changeset
180 log("debug", "Registration disallowed by module: %s", reason or "no reason given");
10363
1010a1ff8d21 mod_register_ibr: Allow registartion rejection reason as util.error object
Kim Alvefur <zash@zash.se>
parents: 10290
diff changeset
181 session.send(st.error_reply(stanza, error_type or "modify", error_condition or "not-acceptable", reason));
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
182 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
183 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
184
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
185 if usermanager_user_exists(username, host) then
10939
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
186 if user.allow_reset == username then
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
187 local ok, err = util_error.coerce(usermanager_set_password(username, password, host));
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
188 if ok then
10946
84441c19750e mod_register_ibr: Add event for successful password reset
Matthew Wild <mwild1@gmail.com>
parents: 10939
diff changeset
189 module:fire_event("user-password-reset", user);
10939
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
190 session.send(st.reply(stanza)); -- reset ok!
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
191 else
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
192 session.log("error", "Unable to reset password for %s@%s: %s", username, host, err);
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
193 session.send(st.error_reply(stanza, err.type, err.condition, err.text));
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
194 end
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
195 return true;
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
196 else
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
197 log("debug", "Attempt to register with existing username");
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
198 session.send(st.error_reply(stanza, "cancel", "conflict", "The requested username already exists."));
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
199 return true;
99ae457c2459 mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin
Matthew Wild <mwild1@gmail.com>
parents: 10767
diff changeset
200 end
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
201 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
202
10290
b2ce3300f26a mod_register_ibr: Distinguish between failure to create account or save extra data
Kim Alvefur <zash@zash.se>
parents: 10287
diff changeset
203 local created, err = usermanager_create_user(username, password, host);
b2ce3300f26a mod_register_ibr: Distinguish between failure to create account or save extra data
Kim Alvefur <zash@zash.se>
parents: 10287
diff changeset
204 if created then
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
205 data.registered = os.time();
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
206 if not account_details:set(username, data) then
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
207 log("debug", "Could not store extra details");
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
208 usermanager_delete_user(username, host);
10290
b2ce3300f26a mod_register_ibr: Distinguish between failure to create account or save extra data
Kim Alvefur <zash@zash.se>
parents: 10287
diff changeset
209 session.send(st.error_reply(stanza, "wait", "internal-server-error", "Failed to write data to disk."));
8736
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
210 return true;
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
211 end
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
212 session.send(st.reply(stanza)); -- user created!
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
213 log("info", "User account created: %s@%s", username, host);
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
214 module:fire_event("user-registered", {
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
215 username = username, host = host, source = "mod_register",
a071c203a1a0 mod_register_ibr: Reshape the code using early returns to reduce needless indentation
Kim Alvefur <zash@zash.se>
parents: 8583
diff changeset
216 session = session });
3529
3f9cc12308aa mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 3394
diff changeset
217 else
10290
b2ce3300f26a mod_register_ibr: Distinguish between failure to create account or save extra data
Kim Alvefur <zash@zash.se>
parents: 10287
diff changeset
218 log("debug", "Could not create user", err);
b2ce3300f26a mod_register_ibr: Distinguish between failure to create account or save extra data
Kim Alvefur <zash@zash.se>
parents: 10287
diff changeset
219 session.send(st.error_reply(stanza, "cancel", "feature-not-implemented", err));
3529
3f9cc12308aa mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 3394
diff changeset
220 end
3f9cc12308aa mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents: 3394
diff changeset
221 return true;
60
44800be871f5 User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
222 end);