Mercurial > prosody-hg
comparison plugins/mod_legacyauth.lua @ 3527:59cdb9166bd0
mod_legacyauth: Updated to use the new events API.
| author | Waqas Hussain <waqas20@gmail.com> |
|---|---|
| date | Sat, 16 Oct 2010 05:41:49 +0500 |
| parents | e736f68c1047 |
| children | 5cdcd7ee6ef5 |
comparison
equal
deleted
inserted
replaced
| 3526:69a8c7e635c5 | 3527:59cdb9166bd0 |
|---|---|
| 27 elseif not origin.username then | 27 elseif not origin.username then |
| 28 features:tag("auth", {xmlns='http://jabber.org/features/iq-auth'}):up(); | 28 features:tag("auth", {xmlns='http://jabber.org/features/iq-auth'}):up(); |
| 29 end | 29 end |
| 30 end); | 30 end); |
| 31 | 31 |
| 32 module:add_iq_handler("c2s_unauthed", "jabber:iq:auth", | 32 module:hook("stanza/iq/jabber:iq:auth:query", function(event) |
| 33 function (session, stanza) | 33 local session, stanza = event.origin, event.stanza; |
| 34 if secure_auth_only and not session.secure then | 34 |
| 35 session.send(st.error_reply(stanza, "modify", "not-acceptable", "Encryption (SSL or TLS) is required to connect to this server")); | 35 if secure_auth_only and not session.secure then |
| 36 return true; | 36 session.send(st.error_reply(stanza, "modify", "not-acceptable", "Encryption (SSL or TLS) is required to connect to this server")); |
| 37 end | 37 return true; |
| 38 | 38 end |
| 39 local username = stanza.tags[1]:child_with_name("username"); | 39 |
| 40 local password = stanza.tags[1]:child_with_name("password"); | 40 local username = stanza.tags[1]:child_with_name("username"); |
| 41 local resource = stanza.tags[1]:child_with_name("resource"); | 41 local password = stanza.tags[1]:child_with_name("password"); |
| 42 if not (username and password and resource) then | 42 local resource = stanza.tags[1]:child_with_name("resource"); |
| 43 local reply = st.reply(stanza); | 43 if not (username and password and resource) then |
| 44 session.send(reply:query("jabber:iq:auth") | 44 local reply = st.reply(stanza); |
| 45 :tag("username"):up() | 45 session.send(reply:query("jabber:iq:auth") |
| 46 :tag("password"):up() | 46 :tag("username"):up() |
| 47 :tag("resource"):up()); | 47 :tag("password"):up() |
| 48 else | 48 :tag("resource"):up()); |
| 49 username, password, resource = t_concat(username), t_concat(password), t_concat(resource); | 49 else |
| 50 username = nodeprep(username); | 50 username, password, resource = t_concat(username), t_concat(password), t_concat(resource); |
| 51 resource = resourceprep(resource) | 51 username = nodeprep(username); |
| 52 local reply = st.reply(stanza); | 52 resource = resourceprep(resource) |
| 53 if usermanager.test_password(username, session.host, password) then | 53 local reply = st.reply(stanza); |
| 54 -- Authentication successful! | 54 if usermanager.test_password(username, session.host, password) then |
| 55 local success, err = sessionmanager.make_authenticated(session, username); | 55 -- Authentication successful! |
| 56 if success then | 56 local success, err = sessionmanager.make_authenticated(session, username); |
| 57 local err_type, err_msg; | 57 if success then |
| 58 success, err_type, err, err_msg = sessionmanager.bind_resource(session, resource); | 58 local err_type, err_msg; |
| 59 if not success then | 59 success, err_type, err, err_msg = sessionmanager.bind_resource(session, resource); |
| 60 session.send(st.error_reply(stanza, err_type, err, err_msg)); | 60 if not success then |
| 61 session.username, session.type = nil, "c2s_unauthed"; -- FIXME should this be placed in sessionmanager? | 61 session.send(st.error_reply(stanza, err_type, err, err_msg)); |
| 62 return true; | 62 session.username, session.type = nil, "c2s_unauthed"; -- FIXME should this be placed in sessionmanager? |
| 63 elseif resource ~= session.resource then -- server changed resource, not supported by legacy auth | 63 return true; |
| 64 session.send(st.error_reply(stanza, "cancel", "conflict", "The requested resource could not be assigned to this session.")); | 64 elseif resource ~= session.resource then -- server changed resource, not supported by legacy auth |
| 65 session:close(); -- FIXME undo resource bind and auth instead of closing the session? | 65 session.send(st.error_reply(stanza, "cancel", "conflict", "The requested resource could not be assigned to this session.")); |
| 66 return true; | 66 session:close(); -- FIXME undo resource bind and auth instead of closing the session? |
| 67 end | 67 return true; |
| 68 end | |
| 69 session.send(st.reply(stanza)); | |
| 70 else | |
| 71 session.send(st.error_reply(stanza, "auth", "not-authorized")); | |
| 72 end | 68 end |
| 73 end | 69 end |
| 74 return true; | 70 session.send(st.reply(stanza)); |
| 75 end); | 71 else |
| 72 session.send(st.error_reply(stanza, "auth", "not-authorized")); | |
| 73 end | |
| 74 end | |
| 75 return true; | |
| 76 end); |
