prosody
edc066730d11
core/usermanager.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

core/usermanager.lua @ 1585:edc066730d11

Switch to using a more generic credentials_callback/handler for SASL auth. Not all authentication mechanisms have the same requirements; it makes sense to provide them only with the information they require (and for them to depend on that) so that as many auth mechanisms as possible can be supported with a variety of credentials-storing schemes. This commit patches that together
author nick@lupine.me.uk
date Fri, 24 Jul 2009 01:34:25 +0100
parent 1523:841d61be198f
child 1588:9107d3221ccb
comparison
equal deleted inserted replaced
1584:ffe8a9296e04 1585:edc066730d11
1 -- Prosody IM 1 -- Prosody IM
2 -- Copyright (C) 2008-2009 Matthew Wild 2 -- Copyright (C) 2008-2009 Matthew Wild
3 -- Copyright (C) 2008-2009 Waqas Hussain 3 -- Copyright (C) 2008-2009 Waqas Hussain
4 -- 4 --
5 -- This project is MIT/X11 licensed. Please see the 5 -- This project is MIT/X11 licensed. Please see the
6 -- COPYING file in the source package for more information. 6 -- COPYING file in the source package for more information.
7 -- 7 --
8 8
9 9
21 module "usermanager" 21 module "usermanager"
22 22
23 function validate_credentials(host, username, password, method) 23 function validate_credentials(host, username, password, method)
24 log("debug", "User '%s' is being validated", username); 24 log("debug", "User '%s' is being validated", username);
25 local credentials = datamanager.load(username, host, "accounts") or {}; 25 local credentials = datamanager.load(username, host, "accounts") or {};
26
26 if method == nil then method = "PLAIN"; end 27 if method == nil then method = "PLAIN"; end
27 if method == "PLAIN" and credentials.password then -- PLAIN, do directly 28 if method == "PLAIN" and credentials.password then -- PLAIN, do directly
28 if password == credentials.password then 29 if password == credentials.password then
29 return true; 30 return true;
30 else 31 else
31 return nil, "Auth failed. Invalid username or password."; 32 return nil, "Auth failed. Invalid username or password.";
32 end 33 end
33 end 34 end
34 -- must do md5 35 -- must do md5
35 -- make credentials md5 36 -- make credentials md5
36 local pwd = credentials.password; 37 local pwd = credentials.password;
37 if not pwd then pwd = credentials.md5; else pwd = hashes.md5(pwd, true); end 38 if not pwd then pwd = credentials.md5; else pwd = hashes.md5(pwd, true); end
38 -- make password md5 39 -- make password md5
47 else 48 else
48 return nil, "Auth failed. Invalid username or password."; 49 return nil, "Auth failed. Invalid username or password.";
49 end 50 end
50 end 51 end
51 52
53 function get_password(username, host)
54 return (datamanager.load(username, host, "accounts") or {}).password
55 end
56
52 function user_exists(username, host) 57 function user_exists(username, host)
53 return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials 58 return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials
54 end 59 end
55 60
56 function create_user(username, password, host) 61 function create_user(username, password, host)
57 return datamanager.store(username, host, "accounts", {password = password}); 62 return datamanager.store(username, host, "accounts", {password = password});
58 end 63 end
59 64
60 function get_supported_methods(host) 65 function get_supported_methods(host)
61 local methods = {["PLAIN"] = true}; -- TODO this should be taken from the config 66 local methods = {["PLAIN"] = true}; -- TODO this should be taken from the config
62 methods["DIGEST-MD5"] = true; 67 methods["DIGEST-MD5"] = true;
63 return methods; 68 return methods;
64 end 69 end
65 70
66 function is_admin(jid) 71 function is_admin(jid)