view plugins/mod_auth_anonymous.lua @ 13903:4af7d00a2966

MUC: occupant: refactor to allow storing more than just presence for a session Previously a "session" (i.e. a full JID joined to a MUC) was stored as simply a mapping of full JIDs->presence, contained within occupant objects (an occupant object groups all sessions behind a certain nick in the MUC). To enable developing GC3 and other features, it would be helpful if we can store additional metadata when a client joins a room, for example, whether it has opted out of receiving presence stanzas (a GC3 feature). This changes the internal data structure, which shouldn't be used outside this module, it adds a new :get_session() method, and modifies the :each_session() iterator to return the session as an additional result (which should be backwards compatible with code that just consumes the existing two results).
author Matthew Wild <mwild1@gmail.com>
date Mon, 11 Nov 2024 12:47:01 +0000
parents 74b9e05af71e
children
line wrap: on
line source

-- Prosody IM
-- Copyright (C) 2008-2010 Matthew Wild
-- Copyright (C) 2008-2010 Waqas Hussain
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
-- luacheck: ignore 212

local new_sasl = require "prosody.util.sasl".new;
local datamanager = require "prosody.util.datamanager";
local hosts = prosody.hosts;

local allow_storage = module:get_option_boolean("allow_anonymous_storage", false);

-- define auth provider
local provider = {};

function provider.test_password(username, password)
	return nil, "Password based auth not supported.";
end

function provider.get_password(username)
	return nil, "Password not available.";
end

function provider.set_password(username, password)
	return nil, "Password based auth not supported.";
end

function provider.user_exists(username)
	return nil, "Only anonymous users are supported."; -- FIXME check if anonymous user is connected?
end

function provider.create_user(username, password)
	return nil, "Account creation/modification not supported.";
end

function provider.get_sasl_handler()
	local anonymous_authentication_profile = {
		anonymous = function(sasl, username, realm)
			return true; -- for normal usage you should always return true here
		end
	};
	return new_sasl(module.host, anonymous_authentication_profile);
end

function provider.users()
	return next, hosts[module.host].sessions, nil;
end

-- datamanager callback to disable writes
local function dm_callback(username, host, datastore, data)
	if host == module.host then
		return false;
	end
	return username, host, datastore, data;
end

if not module:get_option_boolean("allow_anonymous_s2s", false) then
	module:hook("route/remote", function (event)
		return false; -- Block outgoing s2s from anonymous users
	end, 300);
end

function module.load()
	if not allow_storage then
		datamanager.add_callback(dm_callback);
	end
end
function module.unload()
	if not allow_storage then
		datamanager.remove_callback(dm_callback);
	end
end

module:provides("auth", provider);