12 local error = error; |
12 local error = error; |
13 local ipairs = ipairs; |
13 local ipairs = ipairs; |
14 local hashes = require "util.hashes"; |
14 local hashes = require "util.hashes"; |
15 local jid_bare = require "util.jid".bare; |
15 local jid_bare = require "util.jid".bare; |
16 local config = require "core.configmanager"; |
16 local config = require "core.configmanager"; |
|
17 local hosts = hosts; |
17 |
18 |
18 module "usermanager" |
19 module "usermanager" |
19 |
20 |
|
21 local function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end |
|
22 |
20 function validate_credentials(host, username, password, method) |
23 function validate_credentials(host, username, password, method) |
21 log("debug", "User '%s' is being validated", username); |
24 log("debug", "User '%s' is being validated", username); |
|
25 if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end |
22 local credentials = datamanager.load(username, host, "accounts") or {}; |
26 local credentials = datamanager.load(username, host, "accounts") or {}; |
23 |
27 |
24 if method == nil then method = "PLAIN"; end |
28 if method == nil then method = "PLAIN"; end |
25 if method == "PLAIN" and credentials.password then -- PLAIN, do directly |
29 if method == "PLAIN" and credentials.password then -- PLAIN, do directly |
26 if password == credentials.password then |
30 if password == credentials.password then |
46 return nil, "Auth failed. Invalid username or password."; |
50 return nil, "Auth failed. Invalid username or password."; |
47 end |
51 end |
48 end |
52 end |
49 |
53 |
50 function get_password(username, host) |
54 function get_password(username, host) |
51 return (datamanager.load(username, host, "accounts") or {}).password |
55 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end |
|
56 return (datamanager.load(username, host, "accounts") or {}).password |
52 end |
57 end |
53 |
58 |
54 function user_exists(username, host) |
59 function user_exists(username, host) |
|
60 if is_cyrus(host) then return true; end |
55 return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials |
61 return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials |
56 end |
62 end |
57 |
63 |
58 function create_user(username, password, host) |
64 function create_user(username, password, host) |
|
65 if is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end |
59 return datamanager.store(username, host, "accounts", {password = password}); |
66 return datamanager.store(username, host, "accounts", {password = password}); |
60 end |
67 end |
61 |
68 |
62 function get_supported_methods(host) |
69 function get_supported_methods(host) |
63 return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config |
70 return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config |