Software /
code /
prosody
File
core/usermanager.lua @ 443:bd1397b1dfc9
Merge from waqas
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Thu, 27 Nov 2008 17:12:05 +0000 |
parent | 228:875842235836 |
child | 449:c0a4a1e63d70 |
line wrap: on
line source
require "util.datamanager" local datamanager = datamanager; local log = require "util.logger".init("usermanager"); local error = error; local hashes = require "util.hashes"; module "usermanager" function validate_credentials(host, username, password, method) log("debug", "User '%s' is being validated", username); local credentials = datamanager.load(username, host, "accounts") or {}; if method == nil then method = "PLAIN"; end if method == "PLAIN" and credentials.password then -- PLAIN, do directly if password == credentials.password then return true; else return nil, "Auth failed. Invalid username or password."; end end -- must do md5 if not hashes.md5 then return nil, "Server misconfiguration, the md5 library is not available."; end -- make credentials md5 local pwd = credentials.password; if not pwd then pwd = credentials.md5; else pwd = hashes.md5(pwd); end -- make password md5 if method == "PLAIN" then password = hashes.md5(password or ""); elseif method ~= "DIGEST-MD5" then return nil, "Unsupported auth method"; end -- compare if password == pwd then return true; else return nil, "Auth failed. Invalid username or password."; end end function user_exists(username, host) return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials end function create_user(username, password, host) return datamanager.store(username, host, "accounts", {password = password}); end function get_supported_methods(host) local methods = {["PLAIN"] = true}; -- TODO this should be taken from the config if hashes.md5 then methods["DIGEST-MD5"] = true; end return methods; end return _M;