Comparison

core/usermanager.lua @ 2929:1e4e314bef33

usermanager: Return sane errors/results when Cyrus SASL is in use.
author Waqas Hussain <waqas20@gmail.com>
date Tue, 23 Mar 2010 20:24:56 +0500
parent 2923:b7049746bd29
child 2934:060bb8217fea
comparison
equal deleted inserted replaced
2928:e6380fcaffda 2929:1e4e314bef33
12 local error = error; 12 local error = error;
13 local ipairs = ipairs; 13 local ipairs = ipairs;
14 local hashes = require "util.hashes"; 14 local hashes = require "util.hashes";
15 local jid_bare = require "util.jid".bare; 15 local jid_bare = require "util.jid".bare;
16 local config = require "core.configmanager"; 16 local config = require "core.configmanager";
17 local hosts = hosts;
17 18
18 module "usermanager" 19 module "usermanager"
19 20
21 local function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end
22
20 function validate_credentials(host, username, password, method) 23 function validate_credentials(host, username, password, method)
21 log("debug", "User '%s' is being validated", username); 24 log("debug", "User '%s' is being validated", username);
25 if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end
22 local credentials = datamanager.load(username, host, "accounts") or {}; 26 local credentials = datamanager.load(username, host, "accounts") or {};
23 27
24 if method == nil then method = "PLAIN"; end 28 if method == nil then method = "PLAIN"; end
25 if method == "PLAIN" and credentials.password then -- PLAIN, do directly 29 if method == "PLAIN" and credentials.password then -- PLAIN, do directly
26 if password == credentials.password then 30 if password == credentials.password then
46 return nil, "Auth failed. Invalid username or password."; 50 return nil, "Auth failed. Invalid username or password.";
47 end 51 end
48 end 52 end
49 53
50 function get_password(username, host) 54 function get_password(username, host)
51 return (datamanager.load(username, host, "accounts") or {}).password 55 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end
56 return (datamanager.load(username, host, "accounts") or {}).password
52 end 57 end
53 58
54 function user_exists(username, host) 59 function user_exists(username, host)
60 if is_cyrus(host) then return true; end
55 return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials 61 return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials
56 end 62 end
57 63
58 function create_user(username, password, host) 64 function create_user(username, password, host)
65 if is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end
59 return datamanager.store(username, host, "accounts", {password = password}); 66 return datamanager.store(username, host, "accounts", {password = password});
60 end 67 end
61 68
62 function get_supported_methods(host) 69 function get_supported_methods(host)
63 return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config 70 return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config