--- a/mod_register_json/mod_register_json.lua Sun Apr 29 12:47:20 2012 +0000
+++ b/mod_register_json/mod_register_json.lua Sun Apr 29 13:05:46 2012 +0000
@@ -9,67 +9,74 @@
local usermanager = require "core.usermanager"
local b64_decode = require "util.encodings".base64.decode
local json_decode = require "util.json".decode
-local httpserver = require "net.httpserver"
local os_time = os.time
local nodeprep = require "util.encodings".stringprep.nodeprep
-module.host = "*" -- HTTP/BOSH Servlets need to be global.
+module:depends("http")
+module:set_global()
-- Pick up configuration.
local set_realm_name = module:get_option_string("reg_servlet_realm", "Restricted")
+local base_path = module:get_option_string("reg_servlet_base", "/register_account/")
local throttle_time = module:get_option_number("reg_servlet_ttime", nil)
local whitelist = module:get_option_set("reg_servlet_wl", {})
local blacklist = module:get_option_set("reg_servlet_bl", {})
-local ports = module:get_option_array("reg_servlet_ports", {{ port = 9280 }})
local recent_ips = {}
-- Begin
-local function http_response(code, message, extra_headers)
- local response = {
- status = code .. " " .. message,
- body = message .. "\n" }
- if extra_headers then response.headers = extra_headers end
- return response
+local function http_response(event, code, message, headers)
+ local response = event.response
+
+ if headers then
+ for header, data in pairs(headers) do response.headers[header] = data end
+ end
+
+ response.headers.content_type = "application/json"
+ response.status_code = code
+ response:send(message)
end
-local function handle_req(method, body, request)
+local function handle_req(event)
+ local request = event.request
+ local body = request.body
+
if request.method ~= "POST" then
- return http_response(405, "Bad method...", {["Allow"] = "POST"})
+ return http_response(event, 405, "Bad method...", {["Allow"] = "POST"})
end
if not request.headers["authorization"] then
- return http_response(401, "No... No...", {["WWW-Authenticate"]='Basic realm="'.. set_realm_name ..'"'})
+ return http_response(event, 401, "No... No...", {["WWW-Authenticate"]='Basic realm="'.. set_realm_name ..'"'})
end
local user, password = b64_decode(request.headers.authorization:match("[^ ]*$") or ""):match("([^:]*):(.*)")
user = jid_prep(user)
- if not user or not password then return http_response(400, "What's this..?") end
+ if not user or not password then return http_response(event, 400, "What's this..?") end
local user_node, user_host = jid_split(user)
- if not hosts[user_host] then return http_response(401, "Negative.") end
+ if not hosts[user_host] then return http_response(event, 401, "Negative.") end
module:log("warn", "%s is authing to submit a new user registration data", user)
if not usermanager.test_password(user_node, user_host, password) then
module:log("warn", "%s failed authentication", user)
- return http_response(401, "Who the hell are you?! Guards!")
+ return http_response(event, 401, "Who the hell are you?! Guards!")
end
local req_body
-- We check that what we have is valid JSON wise else we throw an error...
if not pcall(function() req_body = json_decode(body) end) then
module:log("debug", "JSON data submitted for user registration by %s failed to Decode.", user)
- return http_response(400, "JSON Decoding failed.")
+ return http_response(event, 400, "JSON Decoding failed.")
else
-- Decode JSON data and check that all bits are there else throw an error
req_body = json_decode(body)
if req_body["username"] == nil or req_body["password"] == nil or req_body["host"] == nil or req_body["ip"] == nil then
module:log("debug", "%s supplied an insufficent number of elements or wrong elements for the JSON registration", user)
- return http_response(400, "Invalid syntax.")
+ return http_response(event, 400, "Invalid syntax.")
end
-- Check if user is an admin of said host
if not usermanager.is_admin(user, req_body["host"]) then
module:log("warn", "%s tried to submit registration data for %s but he's not an admin", user, req_body["host"])
- return http_response(401, "I obey only to my masters... Have a nice day.")
+ return http_response(event, 401, "I obey only to my masters... Have a nice day.")
else
-- Checks for both Throttling/Whitelist and Blacklist (basically copycatted from prosody's register.lua code)
if blacklist:contains(req_body["ip"]) then module:log("warn", "Attempt of reg. submission to the JSON servlet from blacklisted address: %s", req_body["ip"]) ; return http_response(403, "The specified address is blacklisted, sorry sorry.") end
@@ -92,21 +99,21 @@
if not usermanager.user_exists(username, req_body["host"]) then
if not username then
module:log("debug", "%s supplied an username containing invalid characters: %s", user, username)
- return http_response(406, "Supplied username contains invalid characters, see RFC 6122.")
+ return http_response(event, 406, "Supplied username contains invalid characters, see RFC 6122.")
else
local ok, error = usermanager.create_user(username, req_body["password"], req_body["host"])
if ok then
hosts[req_body["host"]].events.fire_event("user-registered", { username = username, host = req_body["host"], source = "mod_register_json", session = { ip = req_body["ip"] } })
module:log("debug", "%s registration data submission for %s@%s is successful", user, username, req_body["host"])
- return http_response(200, "Done.")
+ return http_response(event, 200, "Done.")
else
module:log("error", "user creation failed: "..error)
- return http_response(500, "Encountered server error while creating the user: "..error)
+ return http_response(event 500, "Encountered server error while creating the user: "..error)
end
end
else
module:log("debug", "%s registration data submission for %s failed (user already exists)", user, username)
- return http_response(409, "User already exists.")
+ return http_response(event, 409, "User already exists.")
end
end
end
@@ -114,17 +121,10 @@
-- Set it up!
-function setup()
- for id, options in ipairs(ports) do
- if not options.port then
- if not options.ssl then ports[id].port = 9280
- else ports[id].port = 9443 end
- elseif options.port == 9280 and options.ssl then ports[id].port = 9443 end end
- httpserver.new_from_config(ports, handle_req, { base = "register_account" })
-end
-
-if prosody.start_time then -- already started
- setup()
-else
- module:hook("server-started", setup)
-end
+module:provides("http", {
+ default_path = base_path,
+ route = {
+ ["GET /"] = handle_req,
+ ["POST /"] = handle_req
+ }
+})