# HG changeset patch # User Matthew Wild # Date 1657628087 -3600 # Node ID 3f38f4735c7a973f3d5e5866856d4ea21148266f # Parent a741183eec97b7d40f275dec9489d02e7dd5c6d7 usermanager, mod_auth_*: Add get_account_info() returning creation/update time This is useful for a number of things. For example, listing users that need to rotate their passwords after some event. It also provides a safer way for code to determine that a user password has changed without needing to set a handler for the password change event (which is a more fragile approach). diff -r a741183eec97 -r 3f38f4735c7a core/usermanager.lua --- a/core/usermanager.lua Wed Jun 15 23:04:17 2022 +0200 +++ b/core/usermanager.lua Tue Jul 12 13:14:47 2022 +0100 @@ -116,6 +116,12 @@ return ok, err; end +local function get_account_info(username, host) + local method = hosts[host].users.get_account_info; + if not method then return nil, "method-not-supported"; end + return method(username); +end + local function user_exists(username, host) if hosts[host].sessions[username] then return true; end return hosts[host].users.user_exists(username); @@ -211,6 +217,7 @@ test_password = test_password; get_password = get_password; set_password = set_password; + get_account_info = get_account_info; user_exists = user_exists; create_user = create_user; delete_user = delete_user; diff -r a741183eec97 -r 3f38f4735c7a plugins/mod_auth_internal_hashed.lua --- a/plugins/mod_auth_internal_hashed.lua Wed Jun 15 23:04:17 2022 +0200 +++ b/plugins/mod_auth_internal_hashed.lua Tue Jul 12 13:14:47 2022 +0100 @@ -86,11 +86,21 @@ account.server_key = server_key_hex account.password = nil; + account.updated = os.time(); return accounts:set(username, account); end return nil, "Account not available."; end +function provider.get_account_info(username) + local account = accounts:get(username); + if not account then return nil, "Account not available"; end + return { + created = account.created; + password_updated = account.updated; + }; +end + function provider.user_exists(username) local account = accounts:get(username); if not account then @@ -115,9 +125,11 @@ end local stored_key_hex = to_hex(stored_key); local server_key_hex = to_hex(server_key); + local now = os.time(); return accounts:set(username, { stored_key = stored_key_hex, server_key = server_key_hex, - salt = salt, iteration_count = default_iteration_count + salt = salt, iteration_count = default_iteration_count, + created = now, updated = now; }); end diff -r a741183eec97 -r 3f38f4735c7a plugins/mod_auth_internal_plain.lua --- a/plugins/mod_auth_internal_plain.lua Wed Jun 15 23:04:17 2022 +0200 +++ b/plugins/mod_auth_internal_plain.lua Tue Jul 12 13:14:47 2022 +0100 @@ -48,11 +48,21 @@ local account = accounts:get(username); if account then account.password = password; + account.updated = os.time(); return accounts:set(username, account); end return nil, "Account not available."; end +function provider.get_account_info(username) + local account = accounts:get(username); + if not account then return nil, "Account not available"; end + return { + created = account.created; + password_updated = account.updated; + }; +end + function provider.user_exists(username) local account = accounts:get(username); if not account then @@ -71,7 +81,11 @@ if not password then return nil, "Password fails SASLprep."; end - return accounts:set(username, {password = password}); + local now = os.time(); + return accounts:set(username, { + password = password; + created = now, updated = now; + }); end function provider.delete_user(username)