Software /
code /
prosody
File
plugins/mod_legacyauth.lua @ 1698:af89f646200f
modulemanager: Added module API function to get all items for a given host based on a key
author | Waqas Hussain <waqas20@gmail.com> |
---|---|
date | Tue, 18 Aug 2009 12:35:42 +0500 |
parent | 1690:b675ae5b4c91 |
child | 1836:f4c88dd32724 |
line wrap: on
line source
-- Prosody IM -- Copyright (C) 2008-2009 Matthew Wild -- Copyright (C) 2008-2009 Waqas Hussain -- -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. -- local st = require "util.stanza"; local t_concat = table.concat; local secure_auth_only = module:get_option("require_encryption"); local sessionmanager = require "core.sessionmanager"; local usermanager = require "core.usermanager"; module:add_feature("jabber:iq:auth"); module:add_event_hook("stream-features", function (session, features) if secure_auth_only and not session.secure then -- Sorry, not offering to insecure streams! return; elseif not session.username then features:tag("auth", {xmlns='http://jabber.org/features/iq-auth'}):up(); end end); module:add_iq_handler("c2s_unauthed", "jabber:iq:auth", function (session, stanza) if secure_auth_only and not session.secure then session.send(st.error_reply(stanza, "modify", "not-acceptable", "Encryption (SSL or TLS) is required to connect to this server")); return true; end local username = stanza.tags[1]:child_with_name("username"); local password = stanza.tags[1]:child_with_name("password"); local resource = stanza.tags[1]:child_with_name("resource"); if not (username and password and resource) then local reply = st.reply(stanza); session.send(reply:query("jabber:iq:auth") :tag("username"):up() :tag("password"):up() :tag("resource"):up()); else username, password, resource = t_concat(username), t_concat(password), t_concat(resource); local reply = st.reply(stanza); if usermanager.validate_credentials(session.host, username, password) then -- Authentication successful! local success, err = sessionmanager.make_authenticated(session, username); if success then local err_type, err_msg; success, err_type, err, err_msg = sessionmanager.bind_resource(session, resource); if not success then session.send(st.error_reply(stanza, err_type, err, err_msg)); return true; -- FIXME need to unauthenticate here end end session.send(st.reply(stanza)); else session.send(st.error_reply(stanza, "auth", "not-authorized")); end end return true; end);