prosody-modules: mod_register_web/mod_register_web.lua@a3766d3baacb (annotated)

653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	1	local captcha_options = module:get_option("captcha_options", {});
746 03595194075a mod_register_web: nodeprep username before creating user (thanks IRON) Matthew Wild <mwild1@gmail.com> parents: 653 diff changeset	2	local nodeprep = require "util.encodings".stringprep.nodeprep;
1225 a3766d3baacb mod_register_web: Import usermanager and util.http into locals Kim Alvefur <zash@zash.se> parents: 1223 diff changeset	3	local usermanager = require "core.usermanager";
a3766d3baacb mod_register_web: Import usermanager and util.http into locals Kim Alvefur <zash@zash.se> parents: 1223 diff changeset	4	local http = require "util.http";
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	5
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	6	function generate_captcha(display_options)
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	7	return (([[
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	8	<script type="text/javascript"
1223 6617f5f79d68 mod_register_web: Always use HTTPS to connect to recaptcha's API (thanks hexa) Matthew Wild <mwild1@gmail.com> parents: 791 diff changeset	9	src="https://www.google.com/recaptcha/api/challenge?k=$$recaptcha_public_key$$">
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	10	</script>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	11	<noscript>
1223 6617f5f79d68 mod_register_web: Always use HTTPS to connect to recaptcha's API (thanks hexa) Matthew Wild <mwild1@gmail.com> parents: 791 diff changeset	12	<iframe src="https://www.google.com/recaptcha/api/noscript?k=$$recaptcha_public_key$$$$recaptcha_display_error$$"
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	13	height="300" width="500" frameborder="0"></iframe><br>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	14	<textarea name="recaptcha_challenge_field" rows="3" cols="40">
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	15	</textarea>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	16	<input type="hidden" name="recaptcha_response_field"
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	17	value="manual_challenge">
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	18	</noscript>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	19	]]):gsub("$$([^$]+)$%$", setmetatable({
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	20	recaptcha_display_error = display_options and display_options.recaptcha_error
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	21	and ("&error="..display_options.recaptcha_error) or "";
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	22	}, {
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	23	__index = function (t, k)
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	24	if captcha_options[k] then return captcha_options[k]; end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	25	module:log("error", "Missing parameter from captcha_options: %s", k);
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	26	end })
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	27	));
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	28	end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	29
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	30	function generate_page(event, display_options)
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	31	local request = event.request;
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	32	return [[<!DOCTYPE html>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	33	<html><body>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	34	<h1>XMPP Account Registration</h1>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	35	<form action="]]..request.path..[[" method="POST">]]
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	36	..("<p>%s</p>\n"):format((display_options or {}).register_error or "")..
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	37	[[ <table>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	38	<tr>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	39	<td>Username:</td>
791 b9d149936764 mod_register_web: Show actual hostname in registration form Kim Alvefur <zash@zash.se> parents: 746 diff changeset	40	<td><input type="text" name="username">@]]..module.host..[[</td>
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	41	</tr>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	42	<tr>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	43	<td>Password:</td>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	44	<td><input type="password" name="password"></td>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	45	</tr>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	46	<tr>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	47	<td colspan='2'>]]..generate_captcha(display_options)..[[</td>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	48	</tr>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	49	</table>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	50	<input type="submit" value="Register!">
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	51	</form>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	52	</body></html>]];
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	53	end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	54
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	55	function register_user(form)
746 03595194075a mod_register_web: nodeprep username before creating user (thanks IRON) Matthew Wild <mwild1@gmail.com> parents: 653 diff changeset	56	local prepped_username = nodeprep(form.username);
03595194075a mod_register_web: nodeprep username before creating user (thanks IRON) Matthew Wild <mwild1@gmail.com> parents: 653 diff changeset	57	if usermanager.user_exists(prepped_username, module.host) then
03595194075a mod_register_web: nodeprep username before creating user (thanks IRON) Matthew Wild <mwild1@gmail.com> parents: 653 diff changeset	58	return nil, "user-exists";
03595194075a mod_register_web: nodeprep username before creating user (thanks IRON) Matthew Wild <mwild1@gmail.com> parents: 653 diff changeset	59	end
03595194075a mod_register_web: nodeprep username before creating user (thanks IRON) Matthew Wild <mwild1@gmail.com> parents: 653 diff changeset	60	return usermanager.create_user(prepped_username, form.password, module.host);
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	61	end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	62
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	63	function generate_success(event, form)
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	64	return [[<!DOCTYPE html>
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	65	<html><body><p>Registration succeeded! Your account is <pre>]]
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	66	..form.username.."@"..module.host..
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	67	[[</pre> - happy chatting!</p></body></html>]];
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	68	end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	69
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	70	function generate_register_response(event, form, ok, err)
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	71	local message;
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	72	if ok then
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	73	return generate_success(event, form);
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	74	else
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	75	return generate_page(event, { register_error = err });
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	76	end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	77	end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	78
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	79	function handle_form(event)
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	80	local request, response = event.request, event.response;
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	81	local form = http.formdecode(request.body);
1223 6617f5f79d68 mod_register_web: Always use HTTPS to connect to recaptcha's API (thanks hexa) Matthew Wild <mwild1@gmail.com> parents: 791 diff changeset	82	http.request("https://www.google.com/recaptcha/api/verify", {
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	83	body = http.formencode {
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	84	privatekey = captcha_options.recaptcha_private_key;
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	85	remoteip = request.conn:ip();
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	86	challenge = form.recaptcha_challenge_field;
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	87	response = form.recaptcha_response_field;
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	88	};
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	89	}, function (verify_result, code)
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	90	local verify_ok, verify_err = verify_result:match("^([^\n]+)\n([^\n]+)");
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	91	if verify_ok == "true" then
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	92	local register_ok, register_err = register_user(form);
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	93	response:send(generate_register_response(event, form, register_ok, register_err));
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	94	else
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	95	response:send(generate_page(event, { register_error = verify_err }));
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	96	end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	97	end);
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	98	return true; -- Leave connection open until we respond above
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	99	end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	100
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	101	module:provides("http", {
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	102	route = {
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	103	GET = generate_page;
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	104	POST = handle_form;
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	105	};
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	106	});

author	Kim Alvefur <zash@zash.se>
	Sat, 30 Nov 2013 18:22:58 +0100
changeset 1225	a3766d3baacb
parent 1223	6617f5f79d68
child 1226	0667624637da
permissions	-rw-r--r--