prosody
db9def53fe9c
plugins/mod_saslauth.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Diff

plugins/mod_saslauth.lua @ 3164:db9def53fe9c

Check in mod_hashpassauth -- works!
author Jeff Mitchell <jeff@jefferai.org>
date Wed, 26 May 2010 18:16:58 -0400
parent 3066:5e5137057b5f
child 3167:546695e80e0a
line wrap: on
line diff
--- a/plugins/mod_saslauth.lua	Thu May 20 18:06:21 2010 -0400
+++ b/plugins/mod_saslauth.lua	Wed May 26 18:16:58 2010 -0400
@@ -15,10 +15,10 @@
 
 local nodeprep = require "util.encodings".stringprep.nodeprep;
 local datamanager_load = require "util.datamanager".load;
-local usermanager_validate_credentials = require "core.usermanager".validate_credentials;
 local usermanager_get_supported_methods = require "core.usermanager".get_supported_methods;
 local usermanager_user_exists = require "core.usermanager".user_exists;
 local usermanager_get_password = require "core.usermanager".get_password;
+local usermanager_test_password = require "core.usermanager".test_password;
 local t_concat, t_insert = table.concat, table.insert;
 local tostring = tostring;
 local jid_split = require "util.jid".split;
@@ -81,6 +81,17 @@
 	end
 };
 
+local hashpass_authentication_profile = {
+	plain_test = 	function(username, password, realm)
+			local prepped_username = nodeprep(username);
+			if not prepped_username then
+				log("debug", "NODEprep failed on username: %s", username);
+				return "", nil;
+			end
+			return usermanager_test_password(prepped_username, password, realm), true;
+			end
+};
+
 local anonymous_authentication_profile = {
 	anonymous = function(username, realm)
 		return true; -- for normal usage you should always return true here
@@ -183,7 +194,13 @@
 		if module:get_option("anonymous_login") then
 			origin.sasl_handler = new_sasl(realm, anonymous_authentication_profile);
 		else
-			origin.sasl_handler = new_sasl(realm, default_authentication_profile);
+			local authentication = module:get_option("authentication");
+			log("debug", "AUTH: creating handler for '%s' type", authentication);
+			if authentication == nil or authentication == "default" then
+				origin.sasl_handler = new_sasl(realm, default_authentication_profile);
+			elseif authentication == "hashpass" then
+				origin.sasl_handler = new_sasl(realm, hashpass_authentication_profile);
+			end
 			if not (module:get_option("allow_unencrypted_plain_auth")) and not origin.secure then
 				origin.sasl_handler:forbidden({"PLAIN"});
 			end