Mercurial Mercurial > prosody > prosody / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
core/usermanager.lua
changeset 2929 1e4e314bef33
parent 2923 b7049746bd29
child 2934 060bb8217fea
equal deleted inserted replaced
2928:e6380fcaffda 2929:1e4e314bef33 
    12 local error = error;
 
    12 local error = error;
 
    13 local ipairs = ipairs;
 
    13 local ipairs = ipairs;
 
    14 local hashes = require "util.hashes";
 
    14 local hashes = require "util.hashes";
 
    15 local jid_bare = require "util.jid".bare;
 
    15 local jid_bare = require "util.jid".bare;
 
    16 local config = require "core.configmanager";
 
    16 local config = require "core.configmanager";
 
       
    17 local hosts = hosts;
 
    17 
    18 
    18 module "usermanager"
 
    19 module "usermanager"
 
    19 
    20 
       
    21 local function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end
 
       
    22 
    20 function validate_credentials(host, username, password, method)
 
    23 function validate_credentials(host, username, password, method)
 
    21 	log("debug", "User '%s' is being validated", username);
 
    24 	log("debug", "User '%s' is being validated", username);
 
       
    25 	if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end
 
    22 	local credentials = datamanager.load(username, host, "accounts") or {};
 
    26 	local credentials = datamanager.load(username, host, "accounts") or {};
 
    23 
    27 
    24 	if method == nil then method = "PLAIN"; end
 
    28 	if method == nil then method = "PLAIN"; end
 
    25 	if method == "PLAIN" and credentials.password then -- PLAIN, do directly
 
    29 	if method == "PLAIN" and credentials.password then -- PLAIN, do directly
 
    26 		if password == credentials.password then
 
    30 		if password == credentials.password then
 
    46 		return nil, "Auth failed. Invalid username or password.";
 
    50 		return nil, "Auth failed. Invalid username or password.";
 
    47 	end
 
    51 	end
 
    48 end
 
    52 end
 
    49 
    53 
    50 function get_password(username, host)
 
    54 function get_password(username, host)
 
    51   return (datamanager.load(username, host, "accounts") or {}).password
 
    55 	if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end
 
       
    56 	return (datamanager.load(username, host, "accounts") or {}).password
 
    52 end
 
    57 end
 
    53 
    58 
    54 function user_exists(username, host)
 
    59 function user_exists(username, host)
 
       
    60 	if is_cyrus(host) then return true; end
 
    55 	return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials
 
    61 	return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials
 
    56 end
 
    62 end
 
    57 
    63 
    58 function create_user(username, password, host)
 
    64 function create_user(username, password, host)
 
       
    65 	if is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end
 
    59 	return datamanager.store(username, host, "accounts", {password = password});
 
    66 	return datamanager.store(username, host, "accounts", {password = password});
 
    60 end
 
    67 end
 
    61 
    68 
    62 function get_supported_methods(host)
 
    69 function get_supported_methods(host)
 
    63 	return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config
 
    70 	return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config
prosody