prosody-modules: mod_auth_phpbb3/mod_auth_phpbb3.lua@145fa870321c (annotated)

373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	1	-- phpbb3 authentication backend for Prosody
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	2	--
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	3	-- Copyright (C) 2011 Waqas Hussain
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	4	--
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	5
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	6	local log = require "util.logger".init("auth_sql");
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	7	local new_sasl = require "util.sasl".new;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	8	local nodeprep = require "util.encodings".stringprep.nodeprep;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	9	local DBI = require "DBI"
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	10	local md5 = require "util.hashes".md5;
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	11	local uuid_gen = require "util.uuid".generate;
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	12
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	13	local connection;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	14	local params = module:get_option("sql");
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	15
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	16	local resolve_relative_path = require "core.configmanager".resolve_relative_path;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	17
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	18	local function test_connection()
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	19	if not connection then return nil; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	20	if connection:ping() then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	21	return true;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	22	else
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	23	module:log("debug", "Database connection closed");
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	24	connection = nil;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	25	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	26	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	27	local function connect()
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	28	if not test_connection() then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	29	prosody.unlock_globals();
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	30	local dbh, err = DBI.Connect(
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	31	params.driver, params.database,
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	32	params.username, params.password,
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	33	params.host, params.port
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	34	);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	35	prosody.lock_globals();
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	36	if not dbh then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	37	module:log("debug", "Database connection failed: %s", tostring(err));
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	38	return nil, err;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	39	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	40	module:log("debug", "Successfully connected to database");
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	41	dbh:autocommit(true); -- don't run in transaction
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	42	connection = dbh;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	43	return connection;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	44	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	45	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	46
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	47	do -- process options to get a db connection
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	48	params = params or { driver = "SQLite3" };
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	49
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	50	if params.driver == "SQLite3" then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	51	params.database = resolve_relative_path(prosody.paths.data or ".", params.database or "prosody.sqlite");
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	52	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	53
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	54	assert(params.driver and params.database, "Both the SQL driver and the database need to be specified");
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	55
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	56	assert(connect());
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	57	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	58
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	59	local function getsql(sql, ...)
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	60	if params.driver == "PostgreSQL" then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	61	sql = sql:gsub("`", "\"");
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	62	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	63	if not test_connection() then connect(); end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	64	-- do prepared statement stuff
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	65	local stmt, err = connection:prepare(sql);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	66	if not stmt and not test_connection() then error("connection failed"); end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	67	if not stmt then module:log("error", "QUERY FAILED: %s %s", err, debug.traceback()); return nil, err; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	68	-- run query
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	69	local ok, err = stmt:execute(...);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	70	if not ok and not test_connection() then error("connection failed"); end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	71	if not ok then return nil, err; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	72
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	73	return stmt;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	74	end
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	75	local function setsql(sql, ...)
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	76	local stmt, err = getsql(sql, ...);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	77	if not stmt then return stmt, err; end
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	78	return stmt:affected();
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	79	end
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	80
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	81	local function get_password(username)
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	82	local stmt, err = getsql("SELECT `user_password` FROM `phpbb_users` WHERE `username`=?", username);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	83	if stmt then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	84	for row in stmt:rows(true) do
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	85	return row.user_password;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	86	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	87	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	88	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	89
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	90	local itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	91
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	92	local function hashEncode64(input, count)
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	93	local output = "";
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	94	local i, value = 0, 0;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	95
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	96	while true do
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	97	value = input:byte(i+1)
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	98	i = i+1;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	99	local idx = value % 0x40 + 1;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	100	output = output .. itoa64:sub(idx, idx);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	101
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	102	if i < count then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	103	value = value + input:byte(i+1) * 256;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	104	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	105	local _ = value % (2^6);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	106	local idx = ((value - _) / (2^6)) % 0x40 + 1
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	107	output = output .. itoa64:sub(idx, idx);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	108
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	109	if i >= count then break; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	110	i = i+1;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	111
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	112	if i < count then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	113	value = value + input:byte(i+1) * 256 * 256;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	114	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	115	local _ = value % (2^12);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	116	local idx = ((value - _) / (2^12)) % 0x40 + 1
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	117	output = output .. itoa64:sub(idx, idx);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	118
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	119	if i >= count then break; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	120	i = i+1;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	121
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	122	local _ = value % (2^18);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	123	local idx = ((value - _) / (2^18)) % 0x40 + 1
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	124	output = output .. itoa64:sub(idx, idx);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	125
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	126	if not(i < count) then break; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	127	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	128	return output;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	129	end
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	130	local function hashCryptPrivate(password, genSalt)
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	131	local output = "*";
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	132	if not genSalt:match("^%$H%$") then return output; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	133
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	134	local count_log2 = itoa64:find(genSalt:sub(4,4)) - 1;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	135	if count_log2 < 7 or count_log2 > 30 then return output; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	136
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	137	local count = 2 ^ count_log2;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	138	local salt = genSalt:sub(5, 12);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	139
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	140	if #salt ~= 8 then return output; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	141
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	142	local hash = md5(salt..password);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	143
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	144	while true do
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	145	hash = md5(hash..password);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	146	if not(count > 1) then break; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	147	count = count-1;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	148	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	149
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	150	output = genSalt:sub(1, 12);
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	151	output = output .. hashEncode64(hash, 16);
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	152
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	153	return output;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	154	end
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	155	local function hashGensaltPrivate(input)
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	156	local iteration_count_log2 = 6;
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	157	local output = "$H$";
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	158	local idx = math.min(iteration_count_log2 + 5, 30) + 1;
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	159	output = output .. itoa64:sub(idx, idx);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	160	output = output .. hashEncode64(input, 6);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	161	return output;
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	162	end
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	163	local function phpbbCheckHash(password, hash)
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	164	return #hash == 34 and hashCryptPrivate(password, hash) == hash;
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	165	end
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	166	local function phpbbHash(password)
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	167	local random = uuid_gen():sub(-6);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	168	local salt = hashGensaltPrivate(random);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	169	local hash = hashCryptPrivate(password, salt);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	170	if #hash == 34 then return hash; end
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	171	return md5(password, true);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	172	end
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	173
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	174
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	175	provider = { name = "phpbb3" };
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	176
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	177	function provider.test_password(username, password)
376 8f5726adc61e mod_auth_phpbb3: Comment logging of user password. Waqas Hussain <waqas20@gmail.com> parents: 375 diff changeset	178	--module:log("debug", "test_password '%s' for user %s", tostring(password), tostring(username));
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	179	local hash = get_password(username);
375 cac309a3d655 mod_auth_phpbb3: Fixed traceback when logging in as a non-existent user. Waqas Hussain <waqas20@gmail.com> parents: 374 diff changeset	180	return hash and phpbbCheckHash(password, hash);
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	181	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	182	function provider.user_exists(username)
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	183	module:log("debug", "test user %s existence", username);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	184	return get_password(username) and true;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	185	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	186
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	187	function provider.get_password(username)
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	188	return nil, "Getting password is not supported.";
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	189	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	190	function provider.set_password(username, password)
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	191	local hash = phpbbHash(password);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	192	local stmt, err = setsql("UPDATE `phpbb_users` SET `user_password`=? WHERE `username`=?", hash, username);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	193	return stmt and true, err;
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	194	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	195	function provider.create_user(username, password)
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	196	return nil, "Account creation/modification not supported.";
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	197	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	198
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	199	function provider.get_sasl_handler()
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	200	local profile = {
374 2dd6dfda94d6 mod_auth_phpbb3: Fixed a missing function parameter causing auth to fail. Waqas Hussain <waqas20@gmail.com> parents: 373 diff changeset	201	plain_test = function(sasl, username, password, realm)
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	202	-- TODO stringprep
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	203	return provider.test_password(username, password), true;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	204	end;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	205	};
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	206	return new_sasl(module.host, profile);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	207	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	208
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	209	module:add_item("auth-provider", provider);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	210

author	Waqas Hussain <waqas20@gmail.com>
	Fri, 01 Jul 2011 07:55:22 +0500
changeset 377	145fa870321c
parent 376	8f5726adc61e
child 419	2a2b70e1a998
permissions	-rw-r--r--