prosody
11f285a439a4
plugins/mod_auth_anonymous.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

plugins/mod_auth_anonymous.lua @ 11192:11f285a439a4

tools/cfgdump: Reads Prosody config file and pretty-prints it back out Useful for comparing what you think you have in your config with what Prosody sees, e.g. wrt (lack of) significance of indentation, order of options vs scope etc. (global options do not go at the end!) Could probably be turned into a prosodyctl command, especially if it learns to redact secrets and passwords.
author Kim Alvefur <zash@zash.se>
date Wed, 28 Oct 2020 22:48:31 +0100
parent 11122:d60094d9b458
child 12977:74b9e05af71e
line wrap: on
line source

-- Prosody IM
-- Copyright (C) 2008-2010 Matthew Wild
-- Copyright (C) 2008-2010 Waqas Hussain
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
-- luacheck: ignore 212

local new_sasl = require "util.sasl".new;
local datamanager = require "util.datamanager";
local hosts = prosody.hosts;

local allow_storage = module:get_option_boolean("allow_anonymous_storage", false);

-- define auth provider
local provider = {};

function provider.test_password(username, password)
	return nil, "Password based auth not supported.";
end

function provider.get_password(username)
	return nil, "Password not available.";
end

function provider.set_password(username, password)
	return nil, "Password based auth not supported.";
end

function provider.user_exists(username)
	return nil, "Only anonymous users are supported."; -- FIXME check if anonymous user is connected?
end

function provider.create_user(username, password)
	return nil, "Account creation/modification not supported.";
end

function provider.get_sasl_handler()
	local anonymous_authentication_profile = {
		anonymous = function(sasl, username, realm)
			return true; -- for normal usage you should always return true here
		end
	};
	return new_sasl(module.host, anonymous_authentication_profile);
end

function provider.users()
	return next, hosts[module.host].sessions, nil;
end

-- datamanager callback to disable writes
local function dm_callback(username, host, datastore, data)
	if host == module.host then
		return false;
	end
	return username, host, datastore, data;
end

if not module:get_option_boolean("allow_anonymous_s2s", false) then
	module:hook("route/remote", function (event)
		return false; -- Block outgoing s2s from anonymous users
	end, 300);
end

function module.load()
	if not allow_storage then
		datamanager.add_callback(dm_callback);
	end
end
function module.unload()
	if not allow_storage then
		datamanager.remove_callback(dm_callback);
	end
end

module:provides("auth", provider);