author | Matthew Wild <mwild1@gmail.com> |
Tue, 04 Jan 2011 17:19:39 +0000 | |
changeset 3996 | 7f35b292531b |
parent 3995 | e504b06492c6 |
child 3997 | 678e0688c18c |
permissions | -rw-r--r-- |
1523
841d61be198f
Remove version number from copyright headers
Matthew Wild <mwild1@gmail.com>
parents:
1189
diff
changeset
|
1 |
-- Prosody IM |
2923
b7049746bd29
Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents:
2448
diff
changeset
|
2 |
-- Copyright (C) 2008-2010 Matthew Wild |
b7049746bd29
Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents:
2448
diff
changeset
|
3 |
-- Copyright (C) 2008-2010 Waqas Hussain |
519
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
438
diff
changeset
|
4 |
-- |
758 | 5 |
-- This project is MIT/X11 licensed. Please see the |
6 |
-- COPYING file in the source package for more information. |
|
519
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
438
diff
changeset
|
7 |
-- |
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
438
diff
changeset
|
8 |
|
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
438
diff
changeset
|
9 |
|
1042
a3d77353c18a
mod_*: Fix a load of global accesses
Matthew Wild <mwild1@gmail.com>
parents:
927
diff
changeset
|
10 |
local hosts = _G.hosts; |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
11 |
local st = require "util.stanza"; |
1042
a3d77353c18a
mod_*: Fix a load of global accesses
Matthew Wild <mwild1@gmail.com>
parents:
927
diff
changeset
|
12 |
local datamanager = require "util.datamanager"; |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
13 |
local usermanager_user_exists = require "core.usermanager".user_exists; |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
14 |
local usermanager_create_user = require "core.usermanager".create_user; |
2935
4e4d0d899d9d
mod_register: Use set_password to set passwords instead of create_user.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
15 |
local usermanager_set_password = require "core.usermanager".set_password; |
3996
7f35b292531b
mod_register: Change to use new delete_user auth provider method
Matthew Wild <mwild1@gmail.com>
parents:
3995
diff
changeset
|
16 |
local usermanager_delete_user = require "core.usermanager".delete_user; |
690
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
17 |
local os_time = os.time; |
927
cc180d25dbeb
Fixed: mod_register: Node prepping was not being applied to usernames (part of issue #57)
Waqas Hussain <waqas20@gmail.com>
parents:
926
diff
changeset
|
18 |
local nodeprep = require "util.encodings".stringprep.nodeprep; |
3995
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
19 |
local jid_bare = require "util.jid".bare; |
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
20 |
|
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
21 |
local compat = module:get_option_boolean("registration_compat", true); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
22 |
|
541
3521e0851c9e
Change modules to use the new add_feature module API method.
Waqas Hussain <waqas20@gmail.com>
parents:
519
diff
changeset
|
23 |
module:add_feature("jabber:iq:register"); |
421
63be85693710
Modules now sending disco replies
Waqas Hussain <waqas20@gmail.com>
parents:
386
diff
changeset
|
24 |
|
3995
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
25 |
local function handle_registration_stanza(event) |
3529
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
26 |
local session, stanza = event.origin, event.stanza; |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
27 |
|
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
28 |
local query = stanza.tags[1]; |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
29 |
if stanza.attr.type == "get" then |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
30 |
local reply = st.reply(stanza); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
31 |
reply:tag("query", {xmlns = "jabber:iq:register"}) |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
32 |
:tag("registered"):up() |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
33 |
:tag("username"):text(session.username):up() |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
34 |
:tag("password"):up(); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
35 |
session.send(reply); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
36 |
else -- stanza.attr.type == "set" |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
37 |
if query.tags[1] and query.tags[1].name == "remove" then |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
38 |
-- TODO delete user auth data, send iq response, kick all user resources with a <not-authorized/>, delete all user data |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
39 |
local username, host = session.username, session.host; |
3996
7f35b292531b
mod_register: Change to use new delete_user auth provider method
Matthew Wild <mwild1@gmail.com>
parents:
3995
diff
changeset
|
40 |
|
7f35b292531b
mod_register: Change to use new delete_user auth provider method
Matthew Wild <mwild1@gmail.com>
parents:
3995
diff
changeset
|
41 |
local ok, err = usermanager_delete_user(username, host); |
7f35b292531b
mod_register: Change to use new delete_user auth provider method
Matthew Wild <mwild1@gmail.com>
parents:
3995
diff
changeset
|
42 |
|
7f35b292531b
mod_register: Change to use new delete_user auth provider method
Matthew Wild <mwild1@gmail.com>
parents:
3995
diff
changeset
|
43 |
if not ok then |
7f35b292531b
mod_register: Change to use new delete_user auth provider method
Matthew Wild <mwild1@gmail.com>
parents:
3995
diff
changeset
|
44 |
module:log("debug", "Removing user account %s@%s failed: %s", username, host, err); |
7f35b292531b
mod_register: Change to use new delete_user auth provider method
Matthew Wild <mwild1@gmail.com>
parents:
3995
diff
changeset
|
45 |
session.send(st.error_reply(stanza, "cancel", "service-unavailable", err)); |
7f35b292531b
mod_register: Change to use new delete_user auth provider method
Matthew Wild <mwild1@gmail.com>
parents:
3995
diff
changeset
|
46 |
return true; |
7f35b292531b
mod_register: Change to use new delete_user auth provider method
Matthew Wild <mwild1@gmail.com>
parents:
3995
diff
changeset
|
47 |
end |
7f35b292531b
mod_register: Change to use new delete_user auth provider method
Matthew Wild <mwild1@gmail.com>
parents:
3995
diff
changeset
|
48 |
|
3529
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
49 |
session.send(st.reply(stanza)); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
50 |
local roster = session.roster; |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
51 |
for _, session in pairs(hosts[host].sessions[username].sessions) do -- disconnect all resources |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
52 |
session:close({condition = "not-authorized", text = "Account deleted"}); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
53 |
end |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
54 |
-- TODO datamanager should be able to delete all user data itself |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
55 |
datamanager.store(username, host, "vcard", nil); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
56 |
datamanager.store(username, host, "private", nil); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
57 |
datamanager.list_store(username, host, "offline", nil); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
58 |
local bare = username.."@"..host; |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
59 |
for jid, item in pairs(roster) do |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
60 |
if jid and jid ~= "pending" then |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
61 |
if item.subscription == "both" or item.subscription == "from" or (roster.pending and roster.pending[jid]) then |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
62 |
core_post_stanza(hosts[host], st.presence({type="unsubscribed", from=bare, to=jid})); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
63 |
end |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
64 |
if item.subscription == "both" or item.subscription == "to" or item.ask then |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
65 |
core_post_stanza(hosts[host], st.presence({type="unsubscribe", from=bare, to=jid})); |
386 | 66 |
end |
67 |
end |
|
3529
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
68 |
end |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
69 |
datamanager.store(username, host, "roster", nil); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
70 |
datamanager.store(username, host, "privacy", nil); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
71 |
module:log("info", "User removed their account: %s@%s", username, host); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
72 |
module:fire_event("user-deregistered", { username = username, host = host, source = "mod_register", session = session }); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
73 |
else |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
74 |
local username = query:child_with_name("username"); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
75 |
local password = query:child_with_name("password"); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
76 |
if username and password then |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
77 |
-- FIXME shouldn't use table.concat |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
78 |
username = nodeprep(table.concat(username)); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
79 |
password = table.concat(password); |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
80 |
if username == session.username then |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
81 |
if usermanager_set_password(username, password, session.host) then |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
82 |
session.send(st.reply(stanza)); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
83 |
else |
3529
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
84 |
-- TODO unable to write file, file may be locked, etc, what's the correct error? |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
85 |
session.send(st.error_reply(stanza, "wait", "internal-server-error")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
86 |
end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
87 |
else |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
88 |
session.send(st.error_reply(stanza, "modify", "bad-request")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
89 |
end |
3529
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
90 |
else |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
91 |
session.send(st.error_reply(stanza, "modify", "bad-request")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
92 |
end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
93 |
end |
3529
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
94 |
end |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
95 |
return true; |
3995
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
96 |
end |
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
97 |
|
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
98 |
module:hook("iq/self/jabber:iq:register:query", handle_registration_stanza); |
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
99 |
if compat then |
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
100 |
module:hook("iq/host/jabber:iq:register:query", function (event) |
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
101 |
local session, stanza = event.origin, event.stanza; |
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
102 |
if session.type == "c2s" and jid_bare(stanza.attr.to) == session.host then |
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
103 |
return handle_registration_stanza(event); |
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
104 |
end |
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
105 |
end); |
e504b06492c6
mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true)
Matthew Wild <mwild1@gmail.com>
parents:
3540
diff
changeset
|
106 |
end |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
107 |
|
690
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
108 |
local recent_ips = {}; |
1692
be76bac8e174
mod_register: Updated to use module:get_option instead of configmanager
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
109 |
local min_seconds_between_registrations = module:get_option("min_seconds_between_registrations"); |
be76bac8e174
mod_register: Updated to use module:get_option instead of configmanager
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
110 |
local whitelist_only = module:get_option("whitelist_registration_only"); |
be76bac8e174
mod_register: Updated to use module:get_option instead of configmanager
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
111 |
local whitelisted_ips = module:get_option("registration_whitelist") or { "127.0.0.1" }; |
be76bac8e174
mod_register: Updated to use module:get_option instead of configmanager
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
112 |
local blacklisted_ips = module:get_option("registration_blacklist") or {}; |
690
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
113 |
|
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
114 |
for _, ip in ipairs(whitelisted_ips) do whitelisted_ips[ip] = true; end |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
115 |
for _, ip in ipairs(blacklisted_ips) do blacklisted_ips[ip] = true; end |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
116 |
|
3529
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
117 |
module:hook("stanza/iq/jabber:iq:register:query", function(event) |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
118 |
local session, stanza = event.origin, event.stanza; |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
119 |
|
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
120 |
if module:get_option("allow_registration") == false or session.type ~= "c2s_unauthed" then |
665
09e0e9c722a3
Add allow_registration option to disable account registration
Matthew Wild <mwild1@gmail.com>
parents:
615
diff
changeset
|
121 |
session.send(st.error_reply(stanza, "cancel", "service-unavailable")); |
3529
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
122 |
else |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
123 |
local query = stanza.tags[1]; |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
124 |
if stanza.attr.type == "get" then |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
125 |
local reply = st.reply(stanza); |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
126 |
reply:tag("query", {xmlns = "jabber:iq:register"}) |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
127 |
:tag("instructions"):text("Choose a username and password for use with this service."):up() |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
128 |
:tag("username"):up() |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
129 |
:tag("password"):up(); |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
130 |
session.send(reply); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
131 |
elseif stanza.attr.type == "set" then |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
132 |
if query.tags[1] and query.tags[1].name == "remove" then |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
133 |
session.send(st.error_reply(stanza, "auth", "registration-required")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
134 |
else |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
135 |
local username = query:child_with_name("username"); |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
136 |
local password = query:child_with_name("password"); |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
137 |
if username and password then |
690
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
138 |
-- Check that the user is not blacklisted or registering too often |
2085
64872e216e23
mod_register: Log a debug message when a session's IP is not available.
Waqas Hussain <waqas20@gmail.com>
parents:
1861
diff
changeset
|
139 |
if not session.ip then |
64872e216e23
mod_register: Log a debug message when a session's IP is not available.
Waqas Hussain <waqas20@gmail.com>
parents:
1861
diff
changeset
|
140 |
module:log("debug", "User's IP not known; can't apply blacklist/whitelist"); |
64872e216e23
mod_register: Log a debug message when a session's IP is not available.
Waqas Hussain <waqas20@gmail.com>
parents:
1861
diff
changeset
|
141 |
elseif blacklisted_ips[session.ip] or (whitelist_only and not whitelisted_ips[session.ip]) then |
1859
c965b0accc7c
mod_register: Added helpful text to registration error responses.
Waqas Hussain <waqas20@gmail.com>
parents:
1858
diff
changeset
|
142 |
session.send(st.error_reply(stanza, "cancel", "not-acceptable", "You are not allowed to register an account.")); |
3529
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
143 |
return true; |
690
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
144 |
elseif min_seconds_between_registrations and not whitelisted_ips[session.ip] then |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
145 |
if not recent_ips[session.ip] then |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
146 |
recent_ips[session.ip] = { time = os_time(), count = 1 }; |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
147 |
else |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
148 |
local ip = recent_ips[session.ip]; |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
149 |
ip.count = ip.count + 1; |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
150 |
|
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
151 |
if os_time() - ip.time < min_seconds_between_registrations then |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
152 |
ip.time = os_time(); |
1858
49eef8e19a71
mod_register: Changed error type for hitting registration rate limit from 'cancel' to 'wait'.
Waqas Hussain <waqas20@gmail.com>
parents:
1857
diff
changeset
|
153 |
session.send(st.error_reply(stanza, "wait", "not-acceptable")); |
3529
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
154 |
return true; |
690
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
155 |
end |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
156 |
ip.time = os_time(); |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
157 |
end |
e901a0709005
Added rate limiting to in-band registration, and added IP [black/white]lists
Matthew Wild <mwild1@gmail.com>
parents:
665
diff
changeset
|
158 |
end |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
159 |
-- FIXME shouldn't use table.concat |
927
cc180d25dbeb
Fixed: mod_register: Node prepping was not being applied to usernames (part of issue #57)
Waqas Hussain <waqas20@gmail.com>
parents:
926
diff
changeset
|
160 |
username = nodeprep(table.concat(username)); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
161 |
password = table.concat(password); |
1857
ef266aa8e18f
mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
162 |
local host = module.host; |
2448
542335c8a5bc
mod_register: Return a <not-acceptable/> error on empty usernames (thanks Neustradamus).
Waqas Hussain <waqas20@gmail.com>
parents:
2260
diff
changeset
|
163 |
if not username or username == "" then |
1859
c965b0accc7c
mod_register: Added helpful text to registration error responses.
Waqas Hussain <waqas20@gmail.com>
parents:
1858
diff
changeset
|
164 |
session.send(st.error_reply(stanza, "modify", "not-acceptable", "The requested username is invalid.")); |
1857
ef266aa8e18f
mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
165 |
elseif usermanager_user_exists(username, host) then |
1859
c965b0accc7c
mod_register: Added helpful text to registration error responses.
Waqas Hussain <waqas20@gmail.com>
parents:
1858
diff
changeset
|
166 |
session.send(st.error_reply(stanza, "cancel", "conflict", "The requested username already exists.")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
167 |
else |
1857
ef266aa8e18f
mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
168 |
if usermanager_create_user(username, password, host) then |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
169 |
session.send(st.reply(stanza)); -- user created! |
1857
ef266aa8e18f
mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
170 |
module:log("info", "User account created: %s@%s", username, host); |
3540
bc139431830b
Monster whitespace commit (beware the whitespace monster).
Waqas Hussain <waqas20@gmail.com>
parents:
3529
diff
changeset
|
171 |
module:fire_event("user-registered", { |
1857
ef266aa8e18f
mod_register: Fixed: No error was returned if username failed nodeprep.
Waqas Hussain <waqas20@gmail.com>
parents:
1523
diff
changeset
|
172 |
username = username, host = host, source = "mod_register", |
1189
63ed3902f357
mod_register: Attach session to user-registered and user-deregistered events
Matthew Wild <mwild1@gmail.com>
parents:
1184
diff
changeset
|
173 |
session = session }); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
174 |
else |
85
a115b99419ad
Added: mod_register now replies with an error stanza when file write fails
Waqas Hussain <waqas20@gmail.com>
parents:
63
diff
changeset
|
175 |
-- TODO unable to write file, file may be locked, etc, what's the correct error? |
1859
c965b0accc7c
mod_register: Added helpful text to registration error responses.
Waqas Hussain <waqas20@gmail.com>
parents:
1858
diff
changeset
|
176 |
session.send(st.error_reply(stanza, "wait", "internal-server-error", "Failed to write data to disk.")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
177 |
end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
178 |
end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
179 |
else |
311
513bd52e8e19
Fixed mod_register to use session.send for sending stanzas
Waqas Hussain <waqas20@gmail.com>
parents:
85
diff
changeset
|
180 |
session.send(st.error_reply(stanza, "modify", "not-acceptable")); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
181 |
end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
182 |
end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
183 |
end |
3529
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
184 |
end |
3f9cc12308aa
mod_register: Updated to use the new events API.
Waqas Hussain <waqas20@gmail.com>
parents:
3394
diff
changeset
|
185 |
return true; |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
186 |
end); |