author | Matthew Wild <mwild1@gmail.com> |
Sat, 28 Apr 2012 03:49:13 +0100 | |
changeset 4762 | 943f9f860ab4 |
parent 4603 | 6900c9484834 |
child 5115 | 3939960b3c07 |
permissions | -rw-r--r-- |
3162 | 1 |
-- Prosody IM |
2 |
-- Copyright (C) 2008-2010 Matthew Wild |
|
3 |
-- Copyright (C) 2008-2010 Waqas Hussain |
|
4 |
-- |
|
5 |
-- This project is MIT/X11 licensed. Please see the |
|
6 |
-- COPYING file in the source package for more information. |
|
7 |
-- |
|
8 |
||
9 |
local datamanager = require "util.datamanager"; |
|
3163 | 10 |
local usermanager = require "core.usermanager"; |
3186
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
11 |
local new_sasl = require "util.sasl".new; |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
12 |
local nodeprep = require "util.encodings".stringprep.nodeprep; |
3162 | 13 |
|
4762
943f9f860ab4
mod_auth_internal_plain: Remove unused imports
Matthew Wild <mwild1@gmail.com>
parents:
4603
diff
changeset
|
14 |
local log = module._log; |
3162 | 15 |
|
16 |
function new_default_provider(host) |
|
3336
3a8ce659edfc
mod_auth_internal, usermanager: Rename to mod_auth_internal_plain, and update usermanager to still use it as the default
Matthew Wild <mwild1@gmail.com>
parents:
3335
diff
changeset
|
17 |
local provider = { name = "internal_plain" }; |
4603
6900c9484834
mod_auth_internal_{plain,hashed}: Clarify log messages on initialization
Matthew Wild <mwild1@gmail.com>
parents:
4160
diff
changeset
|
18 |
log("debug", "initializing internal_plain authentication provider for host '%s'", host); |
3163 | 19 |
|
3162 | 20 |
function provider.test_password(username, password) |
3163 | 21 |
log("debug", "test password '%s' for user %s at host %s", password, username, module.host); |
3162 | 22 |
local credentials = datamanager.load(username, host, "accounts") or {}; |
23 |
||
24 |
if password == credentials.password then |
|
25 |
return true; |
|
26 |
else |
|
27 |
return nil, "Auth failed. Invalid username or password."; |
|
28 |
end |
|
29 |
end |
|
30 |
||
31 |
function provider.get_password(username) |
|
3163 | 32 |
log("debug", "get_password for username '%s' at host '%s'", username, module.host); |
3162 | 33 |
return (datamanager.load(username, host, "accounts") or {}).password; |
34 |
end |
|
35 |
||
36 |
function provider.set_password(username, password) |
|
37 |
local account = datamanager.load(username, host, "accounts"); |
|
38 |
if account then |
|
39 |
account.password = password; |
|
40 |
return datamanager.store(username, host, "accounts", account); |
|
41 |
end |
|
42 |
return nil, "Account not available."; |
|
43 |
end |
|
44 |
||
45 |
function provider.user_exists(username) |
|
46 |
local account = datamanager.load(username, host, "accounts"); |
|
47 |
if not account then |
|
3163 | 48 |
log("debug", "account not found for username '%s' at host '%s'", username, module.host); |
3162 | 49 |
return nil, "Auth failed. Invalid username"; |
50 |
end |
|
51 |
return true; |
|
52 |
end |
|
53 |
||
54 |
function provider.create_user(username, password) |
|
55 |
return datamanager.store(username, host, "accounts", {password = password}); |
|
56 |
end |
|
3994
42899d5efe3b
mod_auth_internal_*: Support for delete_user method
Matthew Wild <mwild1@gmail.com>
parents:
3981
diff
changeset
|
57 |
|
42899d5efe3b
mod_auth_internal_*: Support for delete_user method
Matthew Wild <mwild1@gmail.com>
parents:
3981
diff
changeset
|
58 |
function provider.delete_user(username) |
42899d5efe3b
mod_auth_internal_*: Support for delete_user method
Matthew Wild <mwild1@gmail.com>
parents:
3981
diff
changeset
|
59 |
return datamanager.store(username, host, "accounts", nil); |
42899d5efe3b
mod_auth_internal_*: Support for delete_user method
Matthew Wild <mwild1@gmail.com>
parents:
3981
diff
changeset
|
60 |
end |
3162 | 61 |
|
3186
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
62 |
function provider.get_sasl_handler() |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
63 |
local getpass_authentication_profile = { |
3981
2b0b8fe68df2
util.sasl.*, mod_auth_*, mod_saslauth: Pass SASL handler as first parameter to SASL profile callbacks.
Waqas Hussain <waqas20@gmail.com>
parents:
3465
diff
changeset
|
64 |
plain = function(sasl, username, realm) |
3186
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
65 |
local prepped_username = nodeprep(username); |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
66 |
if not prepped_username then |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
67 |
log("debug", "NODEprep failed on username: %s", username); |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
68 |
return "", nil; |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
69 |
end |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
70 |
local password = usermanager.get_password(prepped_username, realm); |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
71 |
if not password then |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
72 |
return "", nil; |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
73 |
end |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
74 |
return password, true; |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
75 |
end |
b5f261123013
mod_auth_internal, mod_auth_internal_hashed: Updated to provide get_sasl_handler.
Waqas Hussain <waqas20@gmail.com>
parents:
3180
diff
changeset
|
76 |
}; |
4160
f08f649b898b
mod_auth_*: Get rid of undocumented and broken 'sasl_realm' config option.
Waqas Hussain <waqas20@gmail.com>
parents:
3994
diff
changeset
|
77 |
return new_sasl(module.host, getpass_authentication_profile); |
3162 | 78 |
end |
3287
e425e27c12be
mod_auth_internal, mod_auth_internal_hashed: Remove is_admin method from providers
Matthew Wild <mwild1@gmail.com>
parents:
3272
diff
changeset
|
79 |
|
3162 | 80 |
return provider; |
81 |
end |
|
82 |
||
83 |
module:add_item("auth-provider", new_default_provider(module.host)); |
|
84 |