Mercurial > prosody-hg
comparison core/usermanager.lua @ 3160:9064dd006b21
First bit of work
| author | Jeff Mitchell <jeff@jefferai.org> |
|---|---|
| date | Thu, 20 May 2010 11:51:24 -0400 |
| parents | b01a699ddf64 |
| children | 73e93a48c0c1 |
comparison
equal
deleted
inserted
replaced
| 3159:b01a699ddf64 | 3160:9064dd006b21 |
|---|---|
| 20 | 20 |
| 21 local prosody = _G.prosody; | 21 local prosody = _G.prosody; |
| 22 | 22 |
| 23 module "usermanager" | 23 module "usermanager" |
| 24 | 24 |
| 25 local new_default_provider; | |
| 26 | |
| 27 local function host_handler(host) | 25 local function host_handler(host) |
| 28 local host_session = hosts[host]; | 26 local host_session = hosts[host]; |
| 29 host_session.events.add_handler("item-added/auth-provider", function (provider) | 27 host_session.events.add_handler("item-added/auth-provider", function (provider) |
| 28 log("debug", "authentication provider = '%s'", config.get(host, "core", "authentication")); | |
| 30 if config.get(host, "core", "authentication") == provider.name then | 29 if config.get(host, "core", "authentication") == provider.name then |
| 31 host_session.users = provider; | 30 host_session.users = provider; |
| 32 end | 31 end |
| 33 end); | 32 end); |
| 34 host_session.events.add_handler("item-removed/auth-provider", function (provider) | 33 host_session.events.add_handler("item-removed/auth-provider", function (provider) |
| 35 if host_session.users == provider then | 34 if host_session.users == provider then |
| 36 host_session.users = new_default_provider(host); | 35 userplugins.new_default_provider(host); |
| 37 end | 36 end |
| 38 end); | 37 end); |
| 39 host_session.users = new_default_provider(host); -- Start with the default usermanager provider | 38 if host_session.users ~= nil then |
| 39 log("debug", "using non-default authentication provider"); | |
| 40 else | |
| 41 log("debug", "using default authentication provider"); | |
| 42 host_session.users = new_default_provider(host); -- Start with the default usermanager provider | |
| 43 end | |
| 40 end | 44 end |
| 41 prosody.events.add_handler("host-activated", host_handler); | 45 prosody.events.add_handler("host-activated", host_handler); |
| 42 prosody.events.add_handler("component-activated", host_handler); | 46 prosody.events.add_handler("component-activated", host_handler); |
| 43 | 47 |
| 44 local function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end | 48 local function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end |
| 45 | |
| 46 function new_default_provider(host) | |
| 47 local provider = { name = "default" }; | |
| 48 | |
| 49 function provider.test_password(username, password) | |
| 50 if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end | |
| 51 local credentials = datamanager.load(username, host, "accounts") or {}; | |
| 52 | |
| 53 if password == credentials.password then | |
| 54 return true; | |
| 55 else | |
| 56 return nil, "Auth failed. Invalid username or password."; | |
| 57 end | |
| 58 end | |
| 59 | |
| 60 function provider.get_password(username) | |
| 61 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end | |
| 62 return (datamanager.load(username, host, "accounts") or {}).password; | |
| 63 end | |
| 64 | |
| 65 function provider.set_password(username, password) | |
| 66 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end | |
| 67 local account = datamanager.load(username, host, "accounts"); | |
| 68 if account then | |
| 69 account.password = password; | |
| 70 return datamanager.store(username, host, "accounts", account); | |
| 71 end | |
| 72 return nil, "Account not available."; | |
| 73 end | |
| 74 | |
| 75 function provider.user_exists(username) | |
| 76 if not(require_provisioning) and is_cyrus(host) then return true; end | |
| 77 local account, err = datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials | |
| 78 return (account or err) ~= nil; -- FIXME also check for empty credentials | |
| 79 end | |
| 80 | |
| 81 function provider.create_user(username, password) | |
| 82 if not(require_provisioning) and is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end | |
| 83 return datamanager.store(username, host, "accounts", {password = password}); | |
| 84 end | |
| 85 | |
| 86 function provider.get_supported_methods() | |
| 87 return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config | |
| 88 end | |
| 89 | |
| 90 function provider.is_admin(jid) | |
| 91 local admins = config.get(host, "core", "admins"); | |
| 92 if admins ~= config.get("*", "core", "admins") then | |
| 93 if type(admins) == "table" then | |
| 94 jid = jid_bare(jid); | |
| 95 for _,admin in ipairs(admins) do | |
| 96 if admin == jid then return true; end | |
| 97 end | |
| 98 elseif admins then | |
| 99 log("error", "Option 'admins' for host '%s' is not a table", host); | |
| 100 end | |
| 101 end | |
| 102 return is_admin(jid); -- Test whether it's a global admin instead | |
| 103 end | |
| 104 return provider; | |
| 105 end | |
| 106 | 49 |
| 107 function validate_credentials(host, username, password, method) | 50 function validate_credentials(host, username, password, method) |
| 108 return hosts[host].users.test_password(username, password); | 51 return hosts[host].users.test_password(username, password); |
| 109 end | 52 end |
| 110 | 53 |
