prosody-modules: mod_auth_phpbb3/mod_auth_phpbb3.lua@97c9b76867ca (annotated)

373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	1	-- phpbb3 authentication backend for Prosody
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	2	--
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	3	-- Copyright (C) 2011 Waqas Hussain
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	4	--
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	5
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	6	local log = require "util.logger".init("auth_sql");
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	7	local new_sasl = require "util.sasl".new;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	8	local nodeprep = require "util.encodings".stringprep.nodeprep;
419 2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	9	local saslprep = require "util.encodings".stringprep.saslprep;
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	10	local DBI = require "DBI"
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	11	local md5 = require "util.hashes".md5;
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	12	local uuid_gen = require "util.uuid".generate;
2172 28d99ffa3c06 mod_auth_phpbb3: Add support for verifying bcrypt hashes (thanks bios) Kim Alvefur <zash@zash.se> parents: 1343 diff changeset	13	local have_bcrypt, bcrypt = pcall(require, "bcrypt"); -- available from luarocks
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	14
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	15	local connection;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	16	local params = module:get_option("sql");
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	17
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	18	local resolve_relative_path = require "core.configmanager".resolve_relative_path;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	19
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	20	local function test_connection()
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	21	if not connection then return nil; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	22	if connection:ping() then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	23	return true;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	24	else
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	25	module:log("debug", "Database connection closed");
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	26	connection = nil;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	27	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	28	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	29	local function connect()
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	30	if not test_connection() then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	31	prosody.unlock_globals();
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	32	local dbh, err = DBI.Connect(
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	33	params.driver, params.database,
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	34	params.username, params.password,
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	35	params.host, params.port
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	36	);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	37	prosody.lock_globals();
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	38	if not dbh then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	39	module:log("debug", "Database connection failed: %s", tostring(err));
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	40	return nil, err;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	41	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	42	module:log("debug", "Successfully connected to database");
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	43	dbh:autocommit(true); -- don't run in transaction
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	44	connection = dbh;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	45	return connection;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	46	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	47	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	48
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	49	do -- process options to get a db connection
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	50	params = params or { driver = "SQLite3" };
1343 7dbde05b48a9 all the things: Remove trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 814 diff changeset	51
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	52	if params.driver == "SQLite3" then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	53	params.database = resolve_relative_path(prosody.paths.data or ".", params.database or "prosody.sqlite");
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	54	end
1343 7dbde05b48a9 all the things: Remove trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 814 diff changeset	55
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	56	assert(params.driver and params.database, "Both the SQL driver and the database need to be specified");
1343 7dbde05b48a9 all the things: Remove trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 814 diff changeset	57
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	58	assert(connect());
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	59	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	60
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	61	local function getsql(sql, ...)
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	62	if params.driver == "PostgreSQL" then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	63	sql = sql:gsub("`", "\"");
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	64	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	65	if not test_connection() then connect(); end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	66	-- do prepared statement stuff
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	67	local stmt, err = connection:prepare(sql);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	68	if not stmt and not test_connection() then error("connection failed"); end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	69	if not stmt then module:log("error", "QUERY FAILED: %s %s", err, debug.traceback()); return nil, err; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	70	-- run query
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	71	local ok, err = stmt:execute(...);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	72	if not ok and not test_connection() then error("connection failed"); end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	73	if not ok then return nil, err; end
1343 7dbde05b48a9 all the things: Remove trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 814 diff changeset	74
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	75	return stmt;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	76	end
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	77	local function setsql(sql, ...)
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	78	local stmt, err = getsql(sql, ...);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	79	if not stmt then return stmt, err; end
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	80	return stmt:affected();
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	81	end
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	82
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	83	local function get_password(username)
419 2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	84	local stmt, err = getsql("SELECT `user_password` FROM `phpbb_users` WHERE `username_clean`=?", username);
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	85	if stmt then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	86	for row in stmt:rows(true) do
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	87	return row.user_password;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	88	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	89	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	90	end
665 684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	91	local function check_sessionids(username, session_id)
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	92	-- TODO add session expiration and auto-login check
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	93	local stmt, err = getsql("SELECT phpbb_sessions.session_id FROM phpbb_sessions INNER JOIN phpbb_users ON phpbb_users.user_id = phpbb_sessions.session_user_id WHERE phpbb_users.username_clean =?", username);
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	94	if stmt then
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	95	for row in stmt:rows(true) do
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	96	-- if row.session_id == session_id then return true; end
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	97
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	98	-- workaround for possible LuaDBI bug
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	99	-- The session_id returned by the sql statement has an additional zero at the end. But that is not in the database.
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	100	if row.session_id == session_id or row.session_id == session_id.."0" then return true; end
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	101	end
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	102	end
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	103	end
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	104
421 816d8e3e83a3 mod_auth_phpbb3: A little refactoring. Waqas Hussain <waqas20@gmail.com> parents: 420 diff changeset	105
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	106	local itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	107	local function hashEncode64(input, count)
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	108	local output = "";
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	109	local i, value = 0, 0;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	110
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	111	while true do
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	112	value = input:byte(i+1)
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	113	i = i+1;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	114	local idx = value % 0x40 + 1;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	115	output = output .. itoa64:sub(idx, idx);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	116
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	117	if i < count then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	118	value = value + input:byte(i+1) * 256;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	119	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	120	local _ = value % (2^6);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	121	local idx = ((value - _) / (2^6)) % 0x40 + 1
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	122	output = output .. itoa64:sub(idx, idx);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	123
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	124	if i >= count then break; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	125	i = i+1;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	126
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	127	if i < count then
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	128	value = value + input:byte(i+1) * 256 * 256;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	129	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	130	local _ = value % (2^12);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	131	local idx = ((value - _) / (2^12)) % 0x40 + 1
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	132	output = output .. itoa64:sub(idx, idx);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	133
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	134	if i >= count then break; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	135	i = i+1;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	136
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	137	local _ = value % (2^18);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	138	local idx = ((value - _) / (2^18)) % 0x40 + 1
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	139	output = output .. itoa64:sub(idx, idx);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	140
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	141	if not(i < count) then break; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	142	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	143	return output;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	144	end
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	145	local function hashCryptPrivate(password, genSalt)
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	146	local output = "*";
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	147	if not genSalt:match("^%$H%$") then return output; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	148
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	149	local count_log2 = itoa64:find(genSalt:sub(4,4)) - 1;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	150	if count_log2 < 7 or count_log2 > 30 then return output; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	151
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	152	local count = 2 ^ count_log2;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	153	local salt = genSalt:sub(5, 12);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	154
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	155	if #salt ~= 8 then return output; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	156
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	157	local hash = md5(salt..password);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	158
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	159	while true do
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	160	hash = md5(hash..password);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	161	if not(count > 1) then break; end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	162	count = count-1;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	163	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	164
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	165	output = genSalt:sub(1, 12);
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	166	output = output .. hashEncode64(hash, 16);
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	167
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	168	return output;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	169	end
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	170	local function hashGensaltPrivate(input)
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	171	local iteration_count_log2 = 6;
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	172	local output = "$H$";
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	173	local idx = math.min(iteration_count_log2 + 5, 30) + 1;
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	174	output = output .. itoa64:sub(idx, idx);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	175	output = output .. hashEncode64(input, 6);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	176	return output;
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	177	end
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	178	local function phpbbCheckHash(password, hash)
421 816d8e3e83a3 mod_auth_phpbb3: A little refactoring. Waqas Hussain <waqas20@gmail.com> parents: 420 diff changeset	179	if #hash == 32 then return hash == md5(password, true); end -- legacy PHPBB2 hash
2172 28d99ffa3c06 mod_auth_phpbb3: Add support for verifying bcrypt hashes (thanks bios) Kim Alvefur <zash@zash.se> parents: 1343 diff changeset	180	if #hash == 34 then return hashCryptPrivate(password, hash) == hash; end
28d99ffa3c06 mod_auth_phpbb3: Add support for verifying bcrypt hashes (thanks bios) Kim Alvefur <zash@zash.se> parents: 1343 diff changeset	181	if #hash == 60 and have_bcrypt then return bcrypt.verify(password, hash); end
28d99ffa3c06 mod_auth_phpbb3: Add support for verifying bcrypt hashes (thanks bios) Kim Alvefur <zash@zash.se> parents: 1343 diff changeset	182	module:log("error", "Unsupported hash: %s", hash);
28d99ffa3c06 mod_auth_phpbb3: Add support for verifying bcrypt hashes (thanks bios) Kim Alvefur <zash@zash.se> parents: 1343 diff changeset	183	return false;
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	184	end
421 816d8e3e83a3 mod_auth_phpbb3: A little refactoring. Waqas Hussain <waqas20@gmail.com> parents: 420 diff changeset	185	local function phpbbCreateHash(password)
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	186	local random = uuid_gen():sub(-6);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	187	local salt = hashGensaltPrivate(random);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	188	local hash = hashCryptPrivate(password, salt);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	189	if #hash == 34 then return hash; end
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	190	return md5(password, true);
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	191	end
145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	192
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	193
814 881ec9919144 mod_auth_: Use module:provides(), and don't explicitly specify provider.name. Waqas Hussain <waqas20@gmail.com>* parents: 665 diff changeset	194	provider = {};
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	195
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	196	function provider.test_password(username, password)
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	197	local hash = get_password(username);
375 cac309a3d655 mod_auth_phpbb3: Fixed traceback when logging in as a non-existent user. Waqas Hussain <waqas20@gmail.com> parents: 374 diff changeset	198	return hash and phpbbCheckHash(password, hash);
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	199	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	200	function provider.user_exists(username)
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	201	module:log("debug", "test user %s existence", username);
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	202	return get_password(username) and true;
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	203	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	204
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	205	function provider.get_password(username)
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	206	return nil, "Getting password is not supported.";
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	207	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	208	function provider.set_password(username, password)
421 816d8e3e83a3 mod_auth_phpbb3: A little refactoring. Waqas Hussain <waqas20@gmail.com> parents: 420 diff changeset	209	local hash = phpbbCreateHash(password);
626 f19f723571d9 mod_auth_phpbb3: Match the username_clean column instead of the username column when updating password. Waqas Hussain <waqas20@gmail.com> parents: 421 diff changeset	210	local stmt, err = setsql("UPDATE `phpbb_users` SET `user_password`=? WHERE `username_clean`=?", hash, username);
377 145fa870321c mod_auth_phpbb3: Implement password change. Waqas Hussain <waqas20@gmail.com> parents: 376 diff changeset	211	return stmt and true, err;
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	212	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	213	function provider.create_user(username, password)
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	214	return nil, "Account creation/modification not supported.";
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	215	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	216
419 2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	217	local escapes = {
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	218	[" "] = "\\20";
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	219	['"'] = "\\22";
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	220	["&"] = "\\26";
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	221	["'"] = "\\27";
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	222	["/"] = "\\2f";
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	223	[":"] = "\\3a";
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	224	["<"] = "\\3c";
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	225	[">"] = "\\3e";
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	226	["@"] = "\\40";
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	227	["\\"] = "\\5c";
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	228	};
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	229	local unescapes = {};
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	230	for k,v in pairs(escapes) do unescapes[v] = k; end
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	231	local function jid_escape(s) return s and (s:gsub(".", escapes)); end
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	232	local function jid_unescape(s) return s and (s:gsub("\\%x%x", unescapes)); end
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	233
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	234	function provider.get_sasl_handler()
419 2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	235	local sasl = {};
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	236	function sasl:clean_clone() return provider.get_sasl_handler(); end
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	237	function sasl:mechanisms() return { PLAIN = true; }; end
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	238	function sasl:select(mechanism)
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	239	if not self.selected and mechanism == "PLAIN" then
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	240	self.selected = mechanism;
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	241	return true;
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	242	end
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	243	end
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	244	function sasl:process(message)
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	245	if not message then return "failure", "malformed-request"; end
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	246	local authorization, authentication, password = message:match("^([^%z]*)%z([^%z]+)%z([^%z]+)");
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	247	if not authorization then return "failure", "malformed-request"; end
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	248	authentication = saslprep(authentication);
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	249	password = saslprep(password);
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	250	if (not password) or (password == "") or (not authentication) or (authentication == "") then
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	251	return "failure", "malformed-request", "Invalid username or password.";
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	252	end
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	253	local function test(authentication)
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	254	local prepped = nodeprep(authentication);
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	255	local normalized = jid_unescape(prepped);
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	256	return normalized and provider.test_password(normalized, password) and prepped;
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	257	end
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	258	local username = test(authentication) or test(jid_escape(authentication));
665 684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	259	if not username and params.sessionid_as_password then
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	260	local function test(authentication)
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	261	local prepped = nodeprep(authentication);
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	262	local normalized = jid_unescape(prepped);
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	263	return normalized and check_sessionids(normalized, password) and prepped;
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	264	end
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	265	username = test(authentication) or test(jid_escape(authentication));
684cc57a49c1 mod_auth_phpbb3: Optionally allow using PHPBB3 session ID as password ( sql = { sessionid_as_password = true, ... } ). Waqas Hussain <waqas20@gmail.com> parents: 626 diff changeset	266	end
419 2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	267	if username then
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	268	self.username = username;
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	269	return "success";
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	270	end
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	271	return "failure", "not-authorized", "Unable to authorize you with the authentication credentials you've sent.";
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	272	end
2a2b70e1a998 mod_auth_phpbb3: Apply stringprep, and try automatic JID escaping to derive username. Waqas Hussain <waqas20@gmail.com> parents: 377 diff changeset	273	return sasl;
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	274	end
81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	275
814 881ec9919144 mod_auth_: Use module:provides(), and don't explicitly specify provider.name. Waqas Hussain <waqas20@gmail.com>* parents: 665 diff changeset	276	module:provides("auth", provider);
373 81c7b36e6cdd mod_auth_phpbb3: Initial commit. Waqas Hussain <waqas20@gmail.com> parents: diff changeset	277

author	Kim Alvefur <zash@zash.se>
	Sun, 03 Mar 2024 11:23:40 +0100
changeset 5857	97c9b76867ca
parent 2172	28d99ffa3c06
permissions	-rw-r--r--