Software / code / prosody
Annotate
util/session.lua @ 12953:ebe3b2f96cad
mod_tokenauth: Switch to new token format (invalidates existing tokens!)
The new format has the following properties:
- 5 bytes longer than the previous format
- The token now has separate 'id' and 'secret' parts - the token itself is no
longer stored in the DB, and the secret part is hashed
- The only variable length field (JID) has been moved to the end
- The 'secret-token:' prefix (RFC 8959) is now included
Compatibility with the old token format was not maintained, and all previously
issued tokens are invalid after this commit (they will be removed from the DB
if used).
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Tue, 21 Mar 2023 14:33:29 +0000 |
| parent | 12640:999b1c59af6f |
| child | 12975:d10957394a3c |
| rev | line source |
|---|---|
|
6941
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
1 local initialize_filters = require "util.filters".initialize; |
|
6939
a9ae0c6ac4f4
util.session: What does the session say?
Kim Alvefur <zash@zash.se>
parents:
6938
diff
changeset
|
2 local logger = require "util.logger"; |
| 6937 | 3 |
| 4 local function new_session(typ) | |
| 5 local session = { | |
| 6 type = typ .. "_unauthed"; | |
|
9947
8ebca1240203
util.session: Fix session id not include unauthed forever
Kim Alvefur <zash@zash.se>
parents:
7181
diff
changeset
|
7 base_type = typ; |
| 6937 | 8 }; |
| 9 return session; | |
| 10 end | |
| 11 | |
|
6938
9df70e9e006b
util.session: What is the identity of a session?
Kim Alvefur <zash@zash.se>
parents:
6937
diff
changeset
|
12 local function set_id(session) |
|
9947
8ebca1240203
util.session: Fix session id not include unauthed forever
Kim Alvefur <zash@zash.se>
parents:
7181
diff
changeset
|
13 local id = session.base_type .. tostring(session):match("%x+$"):lower(); |
|
6938
9df70e9e006b
util.session: What is the identity of a session?
Kim Alvefur <zash@zash.se>
parents:
6937
diff
changeset
|
14 session.id = id; |
|
9df70e9e006b
util.session: What is the identity of a session?
Kim Alvefur <zash@zash.se>
parents:
6937
diff
changeset
|
15 return session; |
|
9df70e9e006b
util.session: What is the identity of a session?
Kim Alvefur <zash@zash.se>
parents:
6937
diff
changeset
|
16 end |
|
9df70e9e006b
util.session: What is the identity of a session?
Kim Alvefur <zash@zash.se>
parents:
6937
diff
changeset
|
17 |
|
6939
a9ae0c6ac4f4
util.session: What does the session say?
Kim Alvefur <zash@zash.se>
parents:
6938
diff
changeset
|
18 local function set_logger(session) |
|
7181
8af558965da3
util.session: Fix luacheck warnings
Kim Alvefur <zash@zash.se>
parents:
6941
diff
changeset
|
19 local log = logger.init(session.id); |
|
6939
a9ae0c6ac4f4
util.session: What does the session say?
Kim Alvefur <zash@zash.se>
parents:
6938
diff
changeset
|
20 session.log = log; |
|
a9ae0c6ac4f4
util.session: What does the session say?
Kim Alvefur <zash@zash.se>
parents:
6938
diff
changeset
|
21 return session; |
|
a9ae0c6ac4f4
util.session: What does the session say?
Kim Alvefur <zash@zash.se>
parents:
6938
diff
changeset
|
22 end |
|
a9ae0c6ac4f4
util.session: What does the session say?
Kim Alvefur <zash@zash.se>
parents:
6938
diff
changeset
|
23 |
|
6940
2be5e19485aa
util.session: How does a session relate do a connection?
Kim Alvefur <zash@zash.se>
parents:
6939
diff
changeset
|
24 local function set_conn(session, conn) |
|
2be5e19485aa
util.session: How does a session relate do a connection?
Kim Alvefur <zash@zash.se>
parents:
6939
diff
changeset
|
25 session.conn = conn; |
|
2be5e19485aa
util.session: How does a session relate do a connection?
Kim Alvefur <zash@zash.se>
parents:
6939
diff
changeset
|
26 session.ip = conn:ip(); |
|
2be5e19485aa
util.session: How does a session relate do a connection?
Kim Alvefur <zash@zash.se>
parents:
6939
diff
changeset
|
27 return session; |
|
2be5e19485aa
util.session: How does a session relate do a connection?
Kim Alvefur <zash@zash.se>
parents:
6939
diff
changeset
|
28 end |
|
2be5e19485aa
util.session: How does a session relate do a connection?
Kim Alvefur <zash@zash.se>
parents:
6939
diff
changeset
|
29 |
|
6941
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
30 local function set_send(session) |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
31 local conn = session.conn; |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
32 if not conn then |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
33 function session.send(data) |
|
10110
3fa3872588a8
util.session: Remove tostring call from logging
Kim Alvefur <zash@zash.se>
parents:
9947
diff
changeset
|
34 session.log("debug", "Discarding data sent to unconnected session: %s", data); |
|
6941
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
35 return false; |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
36 end |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
37 return session; |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
38 end |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
39 local filter = initialize_filters(session); |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
40 local w = conn.write; |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
41 session.send = function (t) |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
42 if t.name then |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
43 t = filter("stanzas/out", t); |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
44 end |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
45 if t then |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
46 t = filter("bytes/out", tostring(t)); |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
47 if t then |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
48 local ret, err = w(conn, t); |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
49 if not ret then |
|
10110
3fa3872588a8
util.session: Remove tostring call from logging
Kim Alvefur <zash@zash.se>
parents:
9947
diff
changeset
|
50 session.log("debug", "Error writing to connection: %s", err); |
|
6941
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
51 return false, err; |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
52 end |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
53 end |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
54 end |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
55 return true; |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
56 end |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
57 return session; |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
58 end |
|
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
59 |
|
12640
999b1c59af6f
util.session: Add role management methods
Matthew Wild <mwild1@gmail.com>
parents:
10110
diff
changeset
|
60 local function set_role(session, role) |
|
999b1c59af6f
util.session: Add role management methods
Matthew Wild <mwild1@gmail.com>
parents:
10110
diff
changeset
|
61 session.role = role; |
|
999b1c59af6f
util.session: Add role management methods
Matthew Wild <mwild1@gmail.com>
parents:
10110
diff
changeset
|
62 end |
|
999b1c59af6f
util.session: Add role management methods
Matthew Wild <mwild1@gmail.com>
parents:
10110
diff
changeset
|
63 |
| 6937 | 64 return { |
| 65 new = new_session; | |
|
12640
999b1c59af6f
util.session: Add role management methods
Matthew Wild <mwild1@gmail.com>
parents:
10110
diff
changeset
|
66 |
|
6938
9df70e9e006b
util.session: What is the identity of a session?
Kim Alvefur <zash@zash.se>
parents:
6937
diff
changeset
|
67 set_id = set_id; |
|
6939
a9ae0c6ac4f4
util.session: What does the session say?
Kim Alvefur <zash@zash.se>
parents:
6938
diff
changeset
|
68 set_logger = set_logger; |
|
6940
2be5e19485aa
util.session: How does a session relate do a connection?
Kim Alvefur <zash@zash.se>
parents:
6939
diff
changeset
|
69 set_conn = set_conn; |
|
6941
33fbc835697d
util.session: How would you even send anything to a session?
Kim Alvefur <zash@zash.se>
parents:
6940
diff
changeset
|
70 set_send = set_send; |
|
12640
999b1c59af6f
util.session: Add role management methods
Matthew Wild <mwild1@gmail.com>
parents:
10110
diff
changeset
|
71 set_role = set_role; |
| 6937 | 72 } |
