prosody
d2333b468d07
util/id.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

util/id.lua @ 12907:d2333b468d07

mod_c2s: Disconnect accounts when they are disabled We decided that at the first stage, accounts that are disabled should simply be prevented from authenticating, thus they should also be prevented from having connected sessions. Since this is aimed to be a moderation action for cases of abuse, they shouldn't be allowed to continue being connected.
author Kim Alvefur <zash@zash.se>
date Thu, 23 Feb 2023 16:28:57 +0100
parent 12111:f8d280215633
child 12975:d10957394a3c
line wrap: on
line source

-- Prosody IM
-- Copyright (C) 2008-2017 Matthew Wild
-- Copyright (C) 2008-2017 Waqas Hussain
-- Copyright (C) 2008-2017 Kim Alvefur
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--

local s_gsub = string.gsub;
local random_bytes = require "util.random".bytes;
local base64_encode = require "util.encodings".base64.encode;

local b64url = { ["+"] = "-", ["/"] = "_", ["="] = "" };
local function b64url_random(len)
	return (s_gsub(base64_encode(random_bytes(len)), "[+/=]", b64url));
end

return {
	-- sizes divisible by 3 fit nicely into base64 without padding==

	-- for short lived things with low risk of collisions
	tiny = function() return b64url_random(3); end;

	-- close to 8 bytes, should be good enough for relatively short lived or uses
	-- scoped by host or users, half the size of an uuid
	short = function() return b64url_random(9); end;

	-- more entropy than uuid at 2/3 the size
	-- should be okay for globally scoped ids or security token
	medium = function() return b64url_random(18); end;

	-- as long as an uuid but MOAR entropy
	long = function() return b64url_random(27); end;

	-- pick your own adventure
	custom = function (size)
		return function () return b64url_random(size); end;
	end;
}