prosody
db9def53fe9c
plugins/mod_saslauth.lua
Software / code / prosody
Comparison
plugins/mod_saslauth.lua @ 3164:db9def53fe9c
Check in mod_hashpassauth -- works!
| author | Jeff Mitchell <jeff@jefferai.org> |
|---|---|
| date | Wed, 26 May 2010 18:16:58 -0400 |
| parent | 3066:5e5137057b5f |
| child | 3167:546695e80e0a |
comparison
equal
deleted
inserted
replaced
| 3163:a23168cc4af5 | 3164:db9def53fe9c |
|---|---|
| 13 local sm_make_authenticated = require "core.sessionmanager".make_authenticated; | 13 local sm_make_authenticated = require "core.sessionmanager".make_authenticated; |
| 14 local base64 = require "util.encodings".base64; | 14 local base64 = require "util.encodings".base64; |
| 15 | 15 |
| 16 local nodeprep = require "util.encodings".stringprep.nodeprep; | 16 local nodeprep = require "util.encodings".stringprep.nodeprep; |
| 17 local datamanager_load = require "util.datamanager".load; | 17 local datamanager_load = require "util.datamanager".load; |
| 18 local usermanager_validate_credentials = require "core.usermanager".validate_credentials; | |
| 19 local usermanager_get_supported_methods = require "core.usermanager".get_supported_methods; | 18 local usermanager_get_supported_methods = require "core.usermanager".get_supported_methods; |
| 20 local usermanager_user_exists = require "core.usermanager".user_exists; | 19 local usermanager_user_exists = require "core.usermanager".user_exists; |
| 21 local usermanager_get_password = require "core.usermanager".get_password; | 20 local usermanager_get_password = require "core.usermanager".get_password; |
| 21 local usermanager_test_password = require "core.usermanager".test_password; | |
| 22 local t_concat, t_insert = table.concat, table.insert; | 22 local t_concat, t_insert = table.concat, table.insert; |
| 23 local tostring = tostring; | 23 local tostring = tostring; |
| 24 local jid_split = require "util.jid".split; | 24 local jid_split = require "util.jid".split; |
| 25 local md5 = require "util.hashes".md5; | 25 local md5 = require "util.hashes".md5; |
| 26 local config = require "core.configmanager"; | 26 local config = require "core.configmanager"; |
| 79 end | 79 end |
| 80 return password, true; | 80 return password, true; |
| 81 end | 81 end |
| 82 }; | 82 }; |
| 83 | 83 |
| 84 local hashpass_authentication_profile = { | |
| 85 plain_test = function(username, password, realm) | |
| 86 local prepped_username = nodeprep(username); | |
| 87 if not prepped_username then | |
| 88 log("debug", "NODEprep failed on username: %s", username); | |
| 89 return "", nil; | |
| 90 end | |
| 91 return usermanager_test_password(prepped_username, password, realm), true; | |
| 92 end | |
| 93 }; | |
| 94 | |
| 84 local anonymous_authentication_profile = { | 95 local anonymous_authentication_profile = { |
| 85 anonymous = function(username, realm) | 96 anonymous = function(username, realm) |
| 86 return true; -- for normal usage you should always return true here | 97 return true; -- for normal usage you should always return true here |
| 87 end | 98 end |
| 88 }; | 99 }; |
| 181 end | 192 end |
| 182 local realm = module:get_option("sasl_realm") or origin.host; | 193 local realm = module:get_option("sasl_realm") or origin.host; |
| 183 if module:get_option("anonymous_login") then | 194 if module:get_option("anonymous_login") then |
| 184 origin.sasl_handler = new_sasl(realm, anonymous_authentication_profile); | 195 origin.sasl_handler = new_sasl(realm, anonymous_authentication_profile); |
| 185 else | 196 else |
| 186 origin.sasl_handler = new_sasl(realm, default_authentication_profile); | 197 local authentication = module:get_option("authentication"); |
| 198 log("debug", "AUTH: creating handler for '%s' type", authentication); | |
| 199 if authentication == nil or authentication == "default" then | |
| 200 origin.sasl_handler = new_sasl(realm, default_authentication_profile); | |
| 201 elseif authentication == "hashpass" then | |
| 202 origin.sasl_handler = new_sasl(realm, hashpass_authentication_profile); | |
| 203 end | |
| 187 if not (module:get_option("allow_unencrypted_plain_auth")) and not origin.secure then | 204 if not (module:get_option("allow_unencrypted_plain_auth")) and not origin.secure then |
| 188 origin.sasl_handler:forbidden({"PLAIN"}); | 205 origin.sasl_handler:forbidden({"PLAIN"}); |
| 189 end | 206 end |
| 190 end | 207 end |
| 191 features:tag("mechanisms", mechanisms_attr); | 208 features:tag("mechanisms", mechanisms_attr); |
