Software /
code /
prosody
Comparison
core/usermanager.lua @ 2929:1e4e314bef33
usermanager: Return sane errors/results when Cyrus SASL is in use.
author | Waqas Hussain <waqas20@gmail.com> |
---|---|
date | Tue, 23 Mar 2010 20:24:56 +0500 |
parent | 2923:b7049746bd29 |
child | 2934:060bb8217fea |
comparison
equal
deleted
inserted
replaced
2928:e6380fcaffda | 2929:1e4e314bef33 |
---|---|
12 local error = error; | 12 local error = error; |
13 local ipairs = ipairs; | 13 local ipairs = ipairs; |
14 local hashes = require "util.hashes"; | 14 local hashes = require "util.hashes"; |
15 local jid_bare = require "util.jid".bare; | 15 local jid_bare = require "util.jid".bare; |
16 local config = require "core.configmanager"; | 16 local config = require "core.configmanager"; |
17 local hosts = hosts; | |
17 | 18 |
18 module "usermanager" | 19 module "usermanager" |
19 | 20 |
21 local function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end | |
22 | |
20 function validate_credentials(host, username, password, method) | 23 function validate_credentials(host, username, password, method) |
21 log("debug", "User '%s' is being validated", username); | 24 log("debug", "User '%s' is being validated", username); |
25 if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end | |
22 local credentials = datamanager.load(username, host, "accounts") or {}; | 26 local credentials = datamanager.load(username, host, "accounts") or {}; |
23 | 27 |
24 if method == nil then method = "PLAIN"; end | 28 if method == nil then method = "PLAIN"; end |
25 if method == "PLAIN" and credentials.password then -- PLAIN, do directly | 29 if method == "PLAIN" and credentials.password then -- PLAIN, do directly |
26 if password == credentials.password then | 30 if password == credentials.password then |
46 return nil, "Auth failed. Invalid username or password."; | 50 return nil, "Auth failed. Invalid username or password."; |
47 end | 51 end |
48 end | 52 end |
49 | 53 |
50 function get_password(username, host) | 54 function get_password(username, host) |
51 return (datamanager.load(username, host, "accounts") or {}).password | 55 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end |
56 return (datamanager.load(username, host, "accounts") or {}).password | |
52 end | 57 end |
53 | 58 |
54 function user_exists(username, host) | 59 function user_exists(username, host) |
60 if is_cyrus(host) then return true; end | |
55 return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials | 61 return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials |
56 end | 62 end |
57 | 63 |
58 function create_user(username, password, host) | 64 function create_user(username, password, host) |
65 if is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end | |
59 return datamanager.store(username, host, "accounts", {password = password}); | 66 return datamanager.store(username, host, "accounts", {password = password}); |
60 end | 67 end |
61 | 68 |
62 function get_supported_methods(host) | 69 function get_supported_methods(host) |
63 return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config | 70 return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config |