Mercurial > prosody-modules
comparison mod_auth_phpbb3/mod_auth_phpbb3.lua @ 421:816d8e3e83a3
mod_auth_phpbb3: A little refactoring.
| author | Waqas Hussain <waqas20@gmail.com> |
|---|---|
| date | Sun, 11 Sep 2011 22:53:35 +0500 |
| parents | eaafb38daa5e |
| children | f19f723571d9 |
comparison
equal
deleted
inserted
replaced
| 420:eaafb38daa5e | 421:816d8e3e83a3 |
|---|---|
| 86 return row.user_password; | 86 return row.user_password; |
| 87 end | 87 end |
| 88 end | 88 end |
| 89 end | 89 end |
| 90 | 90 |
| 91 | |
| 91 local itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; | 92 local itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; |
| 92 | |
| 93 local function hashEncode64(input, count) | 93 local function hashEncode64(input, count) |
| 94 local output = ""; | 94 local output = ""; |
| 95 local i, value = 0, 0; | 95 local i, value = 0, 0; |
| 96 | 96 |
| 97 while true do | 97 while true do |
| 160 output = output .. itoa64:sub(idx, idx); | 160 output = output .. itoa64:sub(idx, idx); |
| 161 output = output .. hashEncode64(input, 6); | 161 output = output .. hashEncode64(input, 6); |
| 162 return output; | 162 return output; |
| 163 end | 163 end |
| 164 local function phpbbCheckHash(password, hash) | 164 local function phpbbCheckHash(password, hash) |
| 165 if #hash == 32 then return hash == md5(password, true); end -- legacy PHPBB2 hash | |
| 165 return #hash == 34 and hashCryptPrivate(password, hash) == hash; | 166 return #hash == 34 and hashCryptPrivate(password, hash) == hash; |
| 166 end | 167 end |
| 167 local function phpbbHash(password) | 168 local function phpbbCreateHash(password) |
| 168 local random = uuid_gen():sub(-6); | 169 local random = uuid_gen():sub(-6); |
| 169 local salt = hashGensaltPrivate(random); | 170 local salt = hashGensaltPrivate(random); |
| 170 local hash = hashCryptPrivate(password, salt); | 171 local hash = hashCryptPrivate(password, salt); |
| 171 if #hash == 34 then return hash; end | 172 if #hash == 34 then return hash; end |
| 172 return md5(password, true); | 173 return md5(password, true); |
| 174 | 175 |
| 175 | 176 |
| 176 provider = { name = "phpbb3" }; | 177 provider = { name = "phpbb3" }; |
| 177 | 178 |
| 178 function provider.test_password(username, password) | 179 function provider.test_password(username, password) |
| 179 --module:log("debug", "test_password '%s' for user %s", tostring(password), tostring(username)); | |
| 180 local hash = get_password(username); | 180 local hash = get_password(username); |
| 181 if hash and #hash == 32 then return hash == md5(password, true); end -- legacy PHPBB2 hash | |
| 182 return hash and phpbbCheckHash(password, hash); | 181 return hash and phpbbCheckHash(password, hash); |
| 183 end | 182 end |
| 184 function provider.user_exists(username) | 183 function provider.user_exists(username) |
| 185 module:log("debug", "test user %s existence", username); | 184 module:log("debug", "test user %s existence", username); |
| 186 return get_password(username) and true; | 185 return get_password(username) and true; |
| 188 | 187 |
| 189 function provider.get_password(username) | 188 function provider.get_password(username) |
| 190 return nil, "Getting password is not supported."; | 189 return nil, "Getting password is not supported."; |
| 191 end | 190 end |
| 192 function provider.set_password(username, password) | 191 function provider.set_password(username, password) |
| 193 local hash = phpbbHash(password); | 192 local hash = phpbbCreateHash(password); |
| 194 local stmt, err = setsql("UPDATE `phpbb_users` SET `user_password`=? WHERE `username`=?", hash, username); | 193 local stmt, err = setsql("UPDATE `phpbb_users` SET `user_password`=? WHERE `username`=?", hash, username); |
| 195 return stmt and true, err; | 194 return stmt and true, err; |
| 196 end | 195 end |
| 197 function provider.create_user(username, password) | 196 function provider.create_user(username, password) |
| 198 return nil, "Account creation/modification not supported."; | 197 return nil, "Account creation/modification not supported."; |
