File

plugins/mod_auth_anonymous.lua @ 10787:459efb1afbfe

mod_admin_telnet: Pretty-print values returned from commands This makes it much nicer to inspect Prosody internals. Existing textual status messages from commands are not serialized to preserve existing behavior. Explicit serialization of configuration is kept in order to make it clear that returned strings are serialized strings that would look like what's actually in the config file. The default maxdepth of 2 seems ought to be an okay default, balanced between showing enough structure to continue exploring and DoS-ing your terminal. Thanks to Ge0rG for the motivation to finally do this.
author Kim Alvefur <zash@zash.se>
date Wed, 29 Apr 2020 22:23:05 +0200
parent 8053:7d26dab7ce0d
child 11122:d60094d9b458
line wrap: on
line source

-- Prosody IM
-- Copyright (C) 2008-2010 Matthew Wild
-- Copyright (C) 2008-2010 Waqas Hussain
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
-- luacheck: ignore 212

local new_sasl = require "util.sasl".new;
local datamanager = require "util.datamanager";
local hosts = prosody.hosts;

-- define auth provider
local provider = {};

function provider.test_password(username, password)
	return nil, "Password based auth not supported.";
end

function provider.get_password(username)
	return nil, "Password not available.";
end

function provider.set_password(username, password)
	return nil, "Password based auth not supported.";
end

function provider.user_exists(username)
	return nil, "Only anonymous users are supported."; -- FIXME check if anonymous user is connected?
end

function provider.create_user(username, password)
	return nil, "Account creation/modification not supported.";
end

function provider.get_sasl_handler()
	local anonymous_authentication_profile = {
		anonymous = function(sasl, username, realm)
			return true; -- for normal usage you should always return true here
		end
	};
	return new_sasl(module.host, anonymous_authentication_profile);
end

function provider.users()
	return next, hosts[module.host].sessions, nil;
end

-- datamanager callback to disable writes
local function dm_callback(username, host, datastore, data)
	if host == module.host then
		return false;
	end
	return username, host, datastore, data;
end

if not module:get_option_boolean("allow_anonymous_s2s", false) then
	module:hook("route/remote", function (event)
		return false; -- Block outgoing s2s from anonymous users
	end, 300);
end

function module.load()
	datamanager.add_callback(dm_callback);
end
function module.unload()
	datamanager.remove_callback(dm_callback);
end

module:provides("auth", provider);