prosody
7c57fb2ffbb0
plugins/mod_auth_anonymous.lua
Software / code / prosody
File
plugins/mod_auth_anonymous.lua @ 13765:7c57fb2ffbb0 13.0
mod_websocket: Merge session close handling changes from mod_c2s (bug fixes)
This should bring some fixes and general robustness that mod_websocket had
missed out on. The duplicated code here is not at all ideal. To prevent this
happening again, we should figure out how to have the common logic in a single
place, while still being able to do the websocket-specific parts that we need.
The main known bug that this fixes is that it's possible for a session to get
into a non-destroyable state. For example, if we try to session:close() a
hibernating session, then session.conn is nil and the function will simply
return without doing anything. In the mod_c2s code we already handle this, and
just destroy the session. But if a hibernating websocket session is never
resumed or becomes non-resumable, it will become immortal!
By merging the fix from mod_c2s, the session should now be correctly
destroyed.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Tue, 11 Mar 2025 18:44:40 +0000 (2 months ago) |
| parent | 12977:74b9e05af71e |
line wrap: on
line source
-- Prosody IM -- Copyright (C) 2008-2010 Matthew Wild -- Copyright (C) 2008-2010 Waqas Hussain -- -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. -- -- luacheck: ignore 212 local new_sasl = require "prosody.util.sasl".new; local datamanager = require "prosody.util.datamanager"; local hosts = prosody.hosts; local allow_storage = module:get_option_boolean("allow_anonymous_storage", false); -- define auth provider local provider = {}; function provider.test_password(username, password) return nil, "Password based auth not supported."; end function provider.get_password(username) return nil, "Password not available."; end function provider.set_password(username, password) return nil, "Password based auth not supported."; end function provider.user_exists(username) return nil, "Only anonymous users are supported."; -- FIXME check if anonymous user is connected? end function provider.create_user(username, password) return nil, "Account creation/modification not supported."; end function provider.get_sasl_handler() local anonymous_authentication_profile = { anonymous = function(sasl, username, realm) return true; -- for normal usage you should always return true here end }; return new_sasl(module.host, anonymous_authentication_profile); end function provider.users() return next, hosts[module.host].sessions, nil; end -- datamanager callback to disable writes local function dm_callback(username, host, datastore, data) if host == module.host then return false; end return username, host, datastore, data; end if not module:get_option_boolean("allow_anonymous_s2s", false) then module:hook("route/remote", function (event) return false; -- Block outgoing s2s from anonymous users end, 300); end function module.load() if not allow_storage then datamanager.add_callback(dm_callback); end end function module.unload() if not allow_storage then datamanager.remove_callback(dm_callback); end end module:provides("auth", provider);
