| author | Matthew Wild <mwild1@gmail.com> |
| Sat, 24 Sep 2022 08:06:11 +0100 | |
| changeset 5060 | 2583bd7eb5d1 |
| parent 1343 | 7dbde05b48a9 |
| permissions | -rw-r--r-- |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
1 |
-- Expose a simple token based servlet to handle user registrations from web pages |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
2 |
-- through Base64 encoded JSON. |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
3 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
4 |
-- Copyright (C) 2010 - 2013, Marco Cirillo (LW.Org) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
5 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
6 |
local datamanager = datamanager |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
7 |
local b64_decode = require "util.encodings".base64.decode |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
8 |
local b64_encode = require "util.encodings".base64.encode |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
9 |
local http_event = require "net.http.server".fire_event |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
10 |
local jid_prep = require "util.jid".prep |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
11 |
local jid_split = require "util.jid".split |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
12 |
local json_decode = require "util.json".decode |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
13 |
local nodeprep = require "util.encodings".stringprep.nodeprep |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
14 |
local open, os_time, setmt, type = io.open, os.time, setmetatable, type |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
15 |
local sha1 = require "util.hashes".sha1 |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
16 |
local urldecode = http.urldecode |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
17 |
local usermanager = usermanager |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
18 |
local uuid_gen = require "util.uuid".generate |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
19 |
local timer = require "util.timer" |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
20 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
21 |
module:depends("http") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
22 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
23 |
-- Pick up configuration and setup stores/variables. |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
24 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
25 |
local auth_token = module:get_option_string("reg_servlet_auth_token") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
26 |
local secure = module:get_option_boolean("reg_servlet_secure", true) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
27 |
local base_path = module:get_option_string("reg_servlet_base", "/register_account/") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
28 |
local throttle_time = module:get_option_number("reg_servlet_ttime", nil) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
29 |
local whitelist = module:get_option_set("reg_servlet_wl", {}) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
30 |
local blacklist = module:get_option_set("reg_servlet_bl", {}) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
31 |
local fm_patterns = module:get_option("reg_servlet_filtered_mails", {}) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
32 |
if type(fm_patterns) ~= "table" then fm_patterns = {} end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
33 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
34 |
local files_base = module.path:gsub("/[^/]+$","") .. "/template/" |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
35 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
36 |
local recent_ips = {} |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
37 |
local pending = {} |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
38 |
local pending_node = {} |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
39 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
40 |
-- Setup hashes data structure |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
41 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
42 |
hashes = { _index = {} } |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
43 |
local hashes_mt = {} ; hashes_mt.__index = hashes_mt |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
44 |
function hashes_mt:add(node, mail) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
45 |
local _hash = b64_encode(sha1(mail)) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
46 |
if not self:exists(_hash) then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
47 |
self[_hash] = node ; self._index[node] = _hash ; self:save() |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
48 |
return true |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
49 |
else |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
50 |
return false |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
51 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
52 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
53 |
function hashes_mt:exists(hash) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
54 |
if hashes[hash] then return true else return false end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
55 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
56 |
function hashes_mt:remove(node) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
57 |
local _hash = self._index[node] |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
58 |
if _hash then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
59 |
self[_hash] = nil ; self._index[node] = nil ; self:save() |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
60 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
61 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
62 |
function hashes_mt:save() |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
63 |
if not datamanager.store("register_json", module.host, "hashes", hashes) then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
64 |
module:log("error", "Failed to save the mail addresses' hashes store.") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
65 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
66 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
67 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
68 |
local function check_mail(address) |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
69 |
for _, pattern in ipairs(fm_patterns) do |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
70 |
if address:match(pattern) then return false end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
71 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
72 |
return true |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
73 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
74 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
75 |
-- Begin |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
76 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
77 |
local function handle(code, message) return http_event("http-error", { code = code, message = message }) end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
78 |
local function http_response(event, code, message, headers) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
79 |
local response = event.response |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
80 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
81 |
if headers then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
82 |
for header, data in pairs(headers) do response.headers[header] = data end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
83 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
84 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
85 |
response.status_code = code |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
86 |
response:send(handle(code, message)) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
87 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
88 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
89 |
local function handle_req(event) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
90 |
local request = event.request |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
91 |
if secure and not request.secure then return nil end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
92 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
93 |
if request.method ~= "POST" then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
94 |
return http_response(event, 405, "Bad method.", {["Allow"] = "POST"}) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
95 |
end |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
96 |
|
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
97 |
local req_body |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
98 |
-- We check that what we have is valid JSON wise else we throw an error... |
|
991
929dcf3c4bcb
mod_register_json: small code cleanup & optimization.
Marco Cirillo <maranda@lightwitch.org>
parents:
989
diff
changeset
|
99 |
if not pcall(function() req_body = json_decode(b64_decode(request.body)) end) then |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
100 |
module:log("debug", "Data submitted for user registration by %s failed to Decode.", user) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
101 |
return http_response(event, 400, "Decoding failed.") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
102 |
else |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
103 |
-- Decode JSON data and check that all bits are there else throw an error |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
104 |
if req_body["username"] == nil or req_body["password"] == nil or req_body["ip"] == nil or req_body["mail"] == nil or |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
105 |
req_body["auth_token"] == nil then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
106 |
module:log("debug", "%s supplied an insufficent number of elements or wrong elements for the JSON registration", user) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
107 |
return http_response(event, 400, "Invalid syntax.") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
108 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
109 |
-- Set up variables |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
110 |
local username, password, ip, mail, token = req_body.username, req_body.password, req_body.ip, req_body.mail, req_body.auth_token |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
111 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
112 |
-- Check if user is an admin of said host |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
113 |
if token ~= auth_token then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
114 |
module:log("warn", "%s tried to retrieve a registration token for %s@%s", request.ip, username, module.host) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
115 |
return http_response(event, 401, "Auth token is invalid! The attempt has been logged.") |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
116 |
else |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
117 |
-- Blacklist can be checked here. |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
118 |
if blacklist:contains(ip) then |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
119 |
module:log("warn", "Attempt of reg. submission to the JSON servlet from blacklisted address: %s", ip) |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
120 |
return http_response(event, 403, "The specified address is blacklisted, sorry.") |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
121 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
122 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
123 |
if not check_mail(mail) then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
124 |
module:log("warn", "%s attempted to use a mail address (%s) matching one of the forbidden patterns.", ip, mail) |
|
992
794817421fc6
mod_register_json: added missing parameter to some http_response calls.
Marco Cirillo <maranda@lightwitch.org>
parents:
991
diff
changeset
|
125 |
return http_response(event, 403, "Requesting to register using this E-Mail address is forbidden, sorry.") |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
126 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
127 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
128 |
-- We first check if the supplied username for registration is already there. |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
129 |
-- And nodeprep the username |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
130 |
username = nodeprep(username) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
131 |
if not username then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
132 |
module:log("debug", "An username containing invalid characters was supplied: %s", req_body["username"]) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
133 |
return http_response(event, 406, "Supplied username contains invalid characters, see RFC 6122.") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
134 |
else |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
135 |
if pending_node[username] then |
|
995
716a2b9cc18d
mod_register_json: fix logging message for already pending registrations' bounces.
Marco Cirillo <maranda@lightwitch.org>
parents:
992
diff
changeset
|
136 |
module:log("warn", "%s attempted to submit a registration request but another request for that user (%s) is pending", ip, username) |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
137 |
return http_response(event, 401, "Another user registration by that username is pending.") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
138 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
139 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
140 |
if not usermanager.user_exists(username, module.host) then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
141 |
-- if username fails to register successive requests shouldn't be throttled until one is successful. |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
142 |
if throttle_time and not whitelist:contains(ip) then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
143 |
if not recent_ips[ip] then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
144 |
recent_ips[ip] = os_time() |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
145 |
else |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
146 |
if os_time() - recent_ips[ip] < throttle_time then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
147 |
recent_ips[ip] = os_time() |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
148 |
module:log("warn", "JSON Registration request from %s has been throttled.", req_body["ip"]) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
149 |
return http_response(event, 503, "Request throttled, wait a bit and try again.") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
150 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
151 |
recent_ips[ip] = os_time() |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
152 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
153 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
154 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
155 |
local uuid = uuid_gen() |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
156 |
if not hashes:add(username, mail) then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
157 |
module:log("warn", "%s (%s) attempted to register to the server with an E-Mail address we already possess the hash of.", username, ip) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
158 |
return http_response(event, 409, "The E-Mail Address provided matches the hash associated to an existing account.") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
159 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
160 |
pending[uuid] = { node = username, password = password, ip = ip } |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
161 |
pending_node[username] = uuid |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
162 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
163 |
timer.add_task(300, function() |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
164 |
if pending[uuid] then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
165 |
pending[uuid] = nil |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
166 |
pending_node[username] = nil |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
167 |
hashes:remove(username) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
168 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
169 |
end) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
170 |
module:log("info", "%s (%s) submitted a registration request and is awaiting final verification", username, uuid) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
171 |
return uuid |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
172 |
else |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
173 |
module:log("debug", "%s registration data submission failed (user already exists)", username) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
174 |
return http_response(event, 409, "User already exists.") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
175 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
176 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
177 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
178 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
179 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
180 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
181 |
local function open_file(file) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
182 |
local f, err = open(file, "rb"); |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
183 |
if not f then return nil end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
184 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
185 |
local data = f:read("*a") ; f:close() |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
186 |
return data |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
187 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
188 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
189 |
local function r_template(event, type) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
190 |
local data = open_file(files_base..type.."_t.html") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
191 |
if data then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
192 |
data = data:gsub("%%REG%-URL", base_path.."verify/") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
193 |
return data |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
194 |
else return http_response(event, 500, "Failed to obtain template.") end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
195 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
196 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
197 |
local function handle_verify(event, path) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
198 |
local request = event.request |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
199 |
local body = request.body |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
200 |
if secure and not request.secure then return nil end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
201 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
202 |
local valid_files = { |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
203 |
["css/style.css"] = files_base.."css/style.css", |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
204 |
["images/tile.png"] = files_base.."images/tile.png", |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
205 |
["images/header.png"] = files_base.."images/header.png" |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
206 |
} |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
207 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
208 |
if request.method == "GET" then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
209 |
if path == "" then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
210 |
return r_template(event, "form") |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
211 |
end |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
212 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
213 |
if valid_files[path] then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
214 |
local data = open_file(valid_files[path]) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
215 |
if data then return data |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
216 |
else return http_response(event, 404, "Not found.") end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
217 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
218 |
elseif request.method == "POST" then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
219 |
if path == "" then |
|
991
929dcf3c4bcb
mod_register_json: small code cleanup & optimization.
Marco Cirillo <maranda@lightwitch.org>
parents:
989
diff
changeset
|
220 |
if not body then return http_response(event, 400, "Bad Request.") end |
|
929dcf3c4bcb
mod_register_json: small code cleanup & optimization.
Marco Cirillo <maranda@lightwitch.org>
parents:
989
diff
changeset
|
221 |
local uuid = urldecode(body):match("^uuid=(.*)$") |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
222 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
223 |
if not pending[uuid] then |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
224 |
return r_template(event, "fail") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
225 |
else |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
226 |
local username, password, ip = |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
227 |
pending[uuid].node, pending[uuid].password, pending[uuid].ip |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
228 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
229 |
local ok, error = usermanager.create_user(username, password, module.host) |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
230 |
if ok then |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
231 |
module:fire_event( |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
232 |
"user-registered", |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
233 |
{ username = username, host = module.host, source = "mod_register_json", session = { ip = ip } } |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
234 |
) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
235 |
module:log("info", "Account %s@%s is successfully verified and activated", username, module.host) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
236 |
-- we shall not clean the user from the pending lists as long as registration doesn't succeed. |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
237 |
pending[uuid] = nil ; pending_node[username] = nil |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
238 |
return r_template(event, "success") |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
239 |
else |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
240 |
module:log("error", "User creation failed: "..error) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
241 |
return http_response(event, 500, "Encountered server error while creating the user: "..error) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
242 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
243 |
end |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
244 |
end |
|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
245 |
else |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
246 |
return http_response(event, 405, "Invalid method.") |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
247 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
248 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
249 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
250 |
local function handle_user_deletion(event) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
251 |
local user, hostname = event.username, event.host |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
252 |
if hostname == module.host then hashes:remove(user) end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
253 |
end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
254 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
255 |
-- Set it up! |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
256 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
257 |
hashes = datamanager.load("register_json", module.host, "hashes") or hashes ; setmt(hashes, hashes_mt) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
258 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
259 |
module:provides("http", { |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
260 |
default_path = base_path, |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
261 |
route = { |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
262 |
["GET /"] = handle_req, |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
263 |
["POST /"] = handle_req, |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
264 |
["GET /verify/*"] = handle_verify, |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
265 |
["POST /verify/*"] = handle_verify |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
266 |
} |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
267 |
}) |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
268 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
269 |
module:hook_global("user-deleted", handle_user_deletion, 10); |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
270 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
271 |
-- Reloadability |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
272 |
|
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
273 |
module.save = function() return { hashes = hashes } end |
|
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
274 |
module.restore = function(data) hashes = data.hashes or { _index = {} } ; setmt(hashes, hashes_mt) end |