author | Matthew Wild <mwild1@gmail.com> |
Wed, 13 Jul 2022 11:20:09 +0100 | |
changeset 5002 | 5ab134b7e510 |
parent 4444 | 95262bd1bcb2 |
permissions | -rw-r--r-- |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 |
local captcha_options = module:get_option("captcha_options", {}); |
746
03595194075a
mod_register_web: nodeprep username before creating user (thanks IRON)
Matthew Wild <mwild1@gmail.com>
parents:
653
diff
changeset
|
2 |
local nodeprep = require "util.encodings".stringprep.nodeprep; |
1225
a3766d3baacb
mod_register_web: Import usermanager and util.http into locals
Kim Alvefur <zash@zash.se>
parents:
1223
diff
changeset
|
3 |
local usermanager = require "core.usermanager"; |
2743
7d864a03b509
mod_register_web: Import missing datamanager
Michel Le Bihan <michel@lebihan.pl>
parents:
2737
diff
changeset
|
4 |
local datamanager = require "util.datamanager"; |
1247
34fbe58d19da
mod_register_web: Use net.http instead of util.http, as we need to make requests (thanks dustin)
Matthew Wild <mwild1@gmail.com>
parents:
1239
diff
changeset
|
5 |
local http = require "net.http"; |
1459
742f3dc601b5
mod_register_web: Use path separator from package.config
Kim Alvefur <zash@zash.se>
parents:
1321
diff
changeset
|
6 |
local path_sep = package.config:sub(1,1); |
1782
32604bf33a4c
mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google.
Thijs Alkemade <me@thijsalkema.de>
parents:
1622
diff
changeset
|
7 |
local json = require "util.json".decode; |
32604bf33a4c
mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google.
Thijs Alkemade <me@thijsalkema.de>
parents:
1622
diff
changeset
|
8 |
local t_concat = table.concat; |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
|
3376
866167118d23
mod_register_web: Add soft dependency on mod_register_limits (0.11+)
Kim Alvefur <zash@zash.se>
parents:
3003
diff
changeset
|
10 |
pcall(function () |
866167118d23
mod_register_web: Add soft dependency on mod_register_limits (0.11+)
Kim Alvefur <zash@zash.se>
parents:
3003
diff
changeset
|
11 |
module:depends("register_limits"); |
866167118d23
mod_register_web: Add soft dependency on mod_register_limits (0.11+)
Kim Alvefur <zash@zash.se>
parents:
3003
diff
changeset
|
12 |
end); |
866167118d23
mod_register_web: Add soft dependency on mod_register_limits (0.11+)
Kim Alvefur <zash@zash.se>
parents:
3003
diff
changeset
|
13 |
|
1460
5e1f7af23cf0
mod_register_web: Add dependency on mod_http
Kim Alvefur <zash@zash.se>
parents:
1459
diff
changeset
|
14 |
module:depends"http"; |
5e1f7af23cf0
mod_register_web: Add dependency on mod_http
Kim Alvefur <zash@zash.se>
parents:
1459
diff
changeset
|
15 |
|
1235
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
16 |
local extra_fields = { |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
17 |
nick = true; name = true; first = true; last = true; email = true; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
18 |
address = true; city = true; state = true; zip = true; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
19 |
phone = true; url = true; date = true; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
20 |
} |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
21 |
|
1572
1aa894db3585
mod_register_web: Add option for specifying path to templates
Kim Alvefur <zash@zash.se>
parents:
1460
diff
changeset
|
22 |
local template_path = module:get_option_string("register_web_template", "templates"); |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
23 |
function template(data) |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
24 |
-- Like util.template, but deals with plain text |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
25 |
return { apply = function(values) return (data:gsub("{([^}]+)}", values)); end } |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
26 |
end |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
27 |
|
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
28 |
local function get_template(name) |
1572
1aa894db3585
mod_register_web: Add option for specifying path to templates
Kim Alvefur <zash@zash.se>
parents:
1460
diff
changeset
|
29 |
local fh = assert(module:load_resource(template_path..path_sep..name..".html")); |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
30 |
local data = assert(fh:read("*a")); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
31 |
fh:close(); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
32 |
return template(data); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
33 |
end |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
34 |
|
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
35 |
local function render(template, data) |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
36 |
return tostring(template.apply(data)); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
37 |
end |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
38 |
|
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
39 |
local register_tpl = get_template "register"; |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
40 |
local success_tpl = get_template "success"; |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
41 |
|
3728
1c3c7d73c5a6
mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian)
Kim Alvefur <zash@zash.se>
parents:
3683
diff
changeset
|
42 |
-- COMPAT `or request.conn:ip()` |
1c3c7d73c5a6
mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian)
Kim Alvefur <zash@zash.se>
parents:
3683
diff
changeset
|
43 |
|
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
44 |
if next(captcha_options) ~= nil then |
4444
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
45 |
local provider = captcha_options.provider; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
46 |
if provider == nil or provider == "recaptcha" then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
47 |
local recaptcha_tpl = get_template "recaptcha"; |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
48 |
|
4444
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
49 |
function generate_captcha(display_options) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
50 |
return recaptcha_tpl.apply(setmetatable({ |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
51 |
recaptcha_display_error = display_options and display_options.recaptcha_error |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
52 |
and ("&error="..display_options.recaptcha_error) or ""; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
53 |
}, { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
54 |
__index = function (_, k) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
55 |
if captcha_options[k] then return captcha_options[k]; end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
56 |
module:log("error", "Missing parameter from captcha_options: %s", k); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
57 |
end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
58 |
})); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
59 |
end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
60 |
function verify_captcha(request, form, callback) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
61 |
http.request("https://www.google.com/recaptcha/api/siteverify", { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
62 |
body = http.formencode { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
63 |
secret = captcha_options.recaptcha_private_key; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
64 |
remoteip = request.ip or request.conn:ip(); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
65 |
response = form["g-recaptcha-response"]; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
66 |
}; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
67 |
}, function (verify_result, code) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
68 |
local result = json(verify_result); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
69 |
if not result then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
70 |
module:log("warn", "Unable to decode response from recaptcha: [%d] %s", code, verify_result); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
71 |
callback(false, "Captcha API error"); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
72 |
elseif result.success == true then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
73 |
callback(true); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
74 |
else |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
75 |
callback(false, t_concat(result["error-codes"])); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
76 |
end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
77 |
end); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
78 |
end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
79 |
elseif provider == "hcaptcha" then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
80 |
local captcha_tpl = get_template "hcaptcha"; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
81 |
|
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
82 |
function generate_captcha(display_options) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
83 |
return captcha_tpl.apply(setmetatable({ |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
84 |
captcha_display_error = display_options and display_options.captcha_error |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
85 |
and ("&error="..display_options.captcha_error) or ""; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
86 |
}, { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
87 |
__index = function (_, k) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
88 |
if captcha_options[k] then return captcha_options[k]; end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
89 |
module:log("error", "Missing parameter from captcha_options: %s", k); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
90 |
end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
91 |
})); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
92 |
end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
93 |
function verify_captcha(request, form, callback) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
94 |
http.request("https://hcaptcha.com/siteverify", { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
95 |
body = http.formencode { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
96 |
secret = captcha_options.captcha_private_key; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
97 |
remoteip = request.ip or request.conn:ip(); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
98 |
response = form["h-captcha-response"]; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
99 |
}; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
100 |
}, function (verify_result, code) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
101 |
local result = json(verify_result); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
102 |
if not result then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
103 |
module:log("warn", "Unable to decode response from hcaptcha: [%d] %s", code, verify_result); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
104 |
callback(false, "Captcha API error"); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
105 |
elseif result.success == true then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
106 |
callback(true); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
107 |
else |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
108 |
callback(false, t_concat(result["error-codes"])); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
109 |
end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
110 |
end); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
111 |
end |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
112 |
end |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
113 |
else |
4444
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3757
diff
changeset
|
114 |
module:log("debug", "No captcha options set, using fallback captcha") |
1231 | 115 |
local random = math.random; |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
116 |
local hmac_sha1 = require "util.hashes".hmac_sha1; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
117 |
local secret = require "util.uuid".generate() |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
118 |
local ops = { '+', '-' }; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
119 |
local captcha_tpl = get_template "simplecaptcha"; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
120 |
function generate_captcha() |
1231 | 121 |
local op = ops[random(1, #ops)]; |
122 |
local x, y = random(1, 9) |
|
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
123 |
repeat |
1231 | 124 |
y = random(1, 9); |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
125 |
until x ~= y; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
126 |
local answer; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
127 |
if op == '+' then |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
128 |
answer = x + y; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
129 |
elseif op == '-' then |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
130 |
if x < y then |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
131 |
-- Avoid negative numbers |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
132 |
x, y = y, x; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
133 |
end |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
134 |
answer = x - y; |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
135 |
end |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
136 |
local challenge = hmac_sha1(secret, answer, true); |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
137 |
return captcha_tpl.apply { |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
138 |
op = op, x = x, y = y, challenge = challenge; |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
139 |
}; |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
140 |
end |
1234
da39ba4047a7
mod_register_web: Pass request to captcha handler
Kim Alvefur <zash@zash.se>
parents:
1233
diff
changeset
|
141 |
function verify_captcha(request, form, callback) |
3683
f9a93d7b6c50
mod_register_web: Fix traceback if captcha_reply is left out of the form (thanks woffs)
Kim Alvefur <zash@zash.se>
parents:
3376
diff
changeset
|
142 |
if hmac_sha1(secret, form.captcha_reply or "", true) == form.captcha_challenge then |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
143 |
callback(true); |
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
144 |
else |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
145 |
callback(false, "Captcha verification failed"); |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
146 |
end |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
147 |
end |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
148 |
end |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
149 |
|
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
150 |
function generate_page(event, display_options) |
1622
c56baec031e8
mod_register_web: Send Content-Type headers
Kim Alvefur <zash@zash.se>
parents:
1572
diff
changeset
|
151 |
local request, response = event.request, event.response; |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
152 |
|
1622
c56baec031e8
mod_register_web: Send Content-Type headers
Kim Alvefur <zash@zash.se>
parents:
1572
diff
changeset
|
153 |
response.headers.content_type = "text/html; charset=utf-8"; |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
154 |
return render(register_tpl, { |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
155 |
path = request.path; hostname = module.host; |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
156 |
notice = display_options and display_options.register_error or ""; |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
157 |
captcha = generate_captcha(display_options); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
158 |
}) |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
159 |
end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
160 |
|
1321
e670d4cc5027
mod_register_web: Pass request around so IP address can be reported
Kim Alvefur <zash@zash.se>
parents:
1247
diff
changeset
|
161 |
function register_user(form, origin) |
2928
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2927
diff
changeset
|
162 |
local username = form.username; |
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2927
diff
changeset
|
163 |
local password = form.password; |
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2927
diff
changeset
|
164 |
local confirm_password = form.confirm_password; |
2933
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2929
diff
changeset
|
165 |
local jid = nil; |
2928
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2927
diff
changeset
|
166 |
form.username, form.password, form.confirm_password = nil, nil, nil; |
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2927
diff
changeset
|
167 |
|
3729
19e43b7a969d
mod_register_web: Enforce strict username validation (on trunk, ignored otherwise)
Kim Alvefur <zash@zash.se>
parents:
3728
diff
changeset
|
168 |
local prepped_username = nodeprep(username, true); |
1230
f7c561fbd5a6
mod_register_web: Friendly error messages if the username is taken or failed nodeprep
Kim Alvefur <zash@zash.se>
parents:
1229
diff
changeset
|
169 |
if not prepped_username then |
f7c561fbd5a6
mod_register_web: Friendly error messages if the username is taken or failed nodeprep
Kim Alvefur <zash@zash.se>
parents:
1229
diff
changeset
|
170 |
return nil, "Username contains forbidden characters"; |
f7c561fbd5a6
mod_register_web: Friendly error messages if the username is taken or failed nodeprep
Kim Alvefur <zash@zash.se>
parents:
1229
diff
changeset
|
171 |
end |
1236
59332e0bfbdc
mod_register_web: Check for empty username
Kim Alvefur <zash@zash.se>
parents:
1235
diff
changeset
|
172 |
if #prepped_username == 0 then |
59332e0bfbdc
mod_register_web: Check for empty username
Kim Alvefur <zash@zash.se>
parents:
1235
diff
changeset
|
173 |
return nil, "The username field was empty"; |
59332e0bfbdc
mod_register_web: Check for empty username
Kim Alvefur <zash@zash.se>
parents:
1235
diff
changeset
|
174 |
end |
1229
12e3bc0fd6ed
mod_register_web: Indentation fix
Kim Alvefur <zash@zash.se>
parents:
1228
diff
changeset
|
175 |
if usermanager.user_exists(prepped_username, module.host) then |
1230
f7c561fbd5a6
mod_register_web: Friendly error messages if the username is taken or failed nodeprep
Kim Alvefur <zash@zash.se>
parents:
1229
diff
changeset
|
176 |
return nil, "Username already taken"; |
1229
12e3bc0fd6ed
mod_register_web: Indentation fix
Kim Alvefur <zash@zash.se>
parents:
1228
diff
changeset
|
177 |
end |
3728
1c3c7d73c5a6
mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian)
Kim Alvefur <zash@zash.se>
parents:
3683
diff
changeset
|
178 |
local registering = { username = prepped_username , host = module.host, additional = form, ip = origin.ip or origin.conn:ip(), allowed = true } |
1237
c669cb78b293
mod_register_web: Fire user-registering event like mod_register
Kim Alvefur <zash@zash.se>
parents:
1236
diff
changeset
|
179 |
module:fire_event("user-registering", registering); |
c669cb78b293
mod_register_web: Fire user-registering event like mod_register
Kim Alvefur <zash@zash.se>
parents:
1236
diff
changeset
|
180 |
if not registering.allowed then |
2927
9d53134a0b29
mod_register_web: Return reason for rejection if one was provided by another plugin during pre-registration checks
Kim Alvefur <zash@zash.se>
parents:
2926
diff
changeset
|
181 |
return nil, registering.reason or "Registration not allowed"; |
1237
c669cb78b293
mod_register_web: Fire user-registering event like mod_register
Kim Alvefur <zash@zash.se>
parents:
1236
diff
changeset
|
182 |
end |
2928
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2927
diff
changeset
|
183 |
if confirm_password ~= password then |
2737
c8161146c698
mod_register_web: Add password confirmation field
Michel Le Bihan <michel@lebihan.pl>
parents:
1782
diff
changeset
|
184 |
return nil, "Passwords don't match"; |
c8161146c698
mod_register_web: Add password confirmation field
Michel Le Bihan <michel@lebihan.pl>
parents:
1782
diff
changeset
|
185 |
end |
2928
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2927
diff
changeset
|
186 |
local ok, err = usermanager.create_user(prepped_username, password, module.host); |
1232
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
187 |
if ok then |
2933
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2929
diff
changeset
|
188 |
jid = prepped_username.."@"..module.host |
1235
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
189 |
local extra_data = {}; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
190 |
for field in pairs(extra_fields) do |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
191 |
local field_value = form[field]; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
192 |
if field_value and #field_value > 0 then |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
193 |
extra_data[field] = field_value; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
194 |
end |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
195 |
end |
1238
752285859607
mod_register_web: Use correct variables
Kim Alvefur <zash@zash.se>
parents:
1237
diff
changeset
|
196 |
if next(extra_data) ~= nil then |
1235
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
197 |
datamanager.store(prepped_username, module.host, "account_details", extra_data); |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
198 |
end |
1232
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
199 |
module:fire_event("user-registered", { |
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
200 |
username = prepped_username, |
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
201 |
host = module.host, |
1321
e670d4cc5027
mod_register_web: Pass request around so IP address can be reported
Kim Alvefur <zash@zash.se>
parents:
1247
diff
changeset
|
202 |
source = module.name, |
3728
1c3c7d73c5a6
mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian)
Kim Alvefur <zash@zash.se>
parents:
3683
diff
changeset
|
203 |
ip = origin.ip or origin.conn:ip(), |
1232
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
204 |
}); |
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
205 |
end |
2933
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2929
diff
changeset
|
206 |
return jid, err; |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
207 |
end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
208 |
|
2933
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2929
diff
changeset
|
209 |
function generate_success(event, jid) |
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2929
diff
changeset
|
210 |
return render(success_tpl, { jid = jid }); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
211 |
end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
212 |
|
2933
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2929
diff
changeset
|
213 |
function generate_register_response(event, jid, err) |
1622
c56baec031e8
mod_register_web: Send Content-Type headers
Kim Alvefur <zash@zash.se>
parents:
1572
diff
changeset
|
214 |
event.response.headers.content_type = "text/html; charset=utf-8"; |
2933
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2929
diff
changeset
|
215 |
if jid then |
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2929
diff
changeset
|
216 |
return generate_success(event, jid); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
217 |
else |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
218 |
return generate_page(event, { register_error = err }); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
219 |
end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
220 |
end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
221 |
|
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
222 |
function handle_form(event) |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
223 |
local request, response = event.request, event.response; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
224 |
local form = http.formdecode(request.body); |
1234
da39ba4047a7
mod_register_web: Pass request to captcha handler
Kim Alvefur <zash@zash.se>
parents:
1233
diff
changeset
|
225 |
verify_captcha(request, form, function (ok, err) |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
226 |
if ok then |
2933
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2929
diff
changeset
|
227 |
local jid, register_err = register_user(form, request); |
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2929
diff
changeset
|
228 |
response:send(generate_register_response(event, jid, register_err)); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
229 |
else |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
230 |
response:send(generate_page(event, { register_error = err })); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
231 |
end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
232 |
end); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
233 |
return true; -- Leave connection open until we respond above |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
234 |
end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
235 |
|
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
236 |
module:provides("http", { |
3757
cf3247ec5e01
mod_register_web: Set a (configurable) HTTP app title
Kim Alvefur <zash@zash.se>
parents:
3729
diff
changeset
|
237 |
title = module:get_option_string("register_web_title", "Account Registration"); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
238 |
route = { |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
239 |
GET = generate_page; |
1239
cc5cbeeb9fc7
mod_register_web: Handle URLs with a trailing slash
Kim Alvefur <zash@zash.se>
parents:
1238
diff
changeset
|
240 |
["GET /"] = generate_page; |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
241 |
POST = handle_form; |
1239
cc5cbeeb9fc7
mod_register_web: Handle URLs with a trailing slash
Kim Alvefur <zash@zash.se>
parents:
1238
diff
changeset
|
242 |
["POST /"] = handle_form; |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
243 |
}; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
244 |
}); |