view mod_invites_register_api/mod_invites_register_api.lua @ 6261:1c62edeb9147

mod_pastebin: Update Readme diff --git a/mod_pastebin/README.md b/mod_pastebin/README.md --- a/mod_pastebin/README.md +++ b/mod_pastebin/README.md @@ -37,12 +37,14 @@ For example: Pastes will be available by default at `http://<your-prosody>:5280/pastebin/` by default. -In Prosody 0.9 and later this can be changed with [HTTP -settings](https://prosody.im/doc/http). +Ports and path can be changed with [HTTP +settings](https://prosody.im/doc/http), for example like: -In 0.8 and older this can be changed with `pastebin_ports` (see below), -or you can forward another external URL from your web server to Prosody, -use `pastebin_url` to set that URL. +``` {.lua} + http_paths = { + pastebin = "/$host-paste"; + } +``` # Discovery @@ -82,27 +84,16 @@ The line and character tresholds are adv pastebin_line_threshold The maximum number of lines a message may have before it is sent to the pastebin. (default 4 lines) pastebin_trigger A string of characters (e.g. "!paste ") which if detected at the start of a message, always sends the message to the pastebin, regardless of length. (default: not set) pastebin_expire_after Number of hours after which to expire (remove) a paste, defaults to 24. Set to 0 to store pastes permanently on disk. - pastebin_ports List of ports to run the HTTP server on, same format as mod_httpserver's http_ports[^1] - pastebin_url Base URL to display for pastebin links, must end with / and redirect to Prosody's built-in HTTP server[^2] # Compatibility - ------ ------- - trunk Works + ------ --------------------- + trunk Works as of 25-06-13 + 13 Works 0.12 Works - 0.11 Works - 0.10 Works - 0.9 Works - 0.8 Works - ------ ------- + ------ --------------------- # Todo - Maximum paste length - Web interface to submit pastes? - -[^1]: As of Prosody 0.9, `pastebin_ports` is replaced by `http_ports`, - see [Prosody HTTP server documentation](https://prosody.im/doc/http) - -[^2]: See also - [http_external_url](https://prosody.im/doc/http#external_url)
author Menel <menel@snikket.de>
date Fri, 13 Jun 2025 11:39:58 +0200
parents e977174082ee
children
line wrap: on
line source

local id = require "util.id";
local json = require "util.json";
local usermanager = require "core.usermanager";
local nodeprep = require "util.encodings".stringprep.nodeprep;

local site_name = module:get_option_string("site_name", module.host);

local json_content_type = "application/json";

module:depends("http");

local invites = module:depends("invites");

function get_invite_info(event, invite_token)
	if not invite_token or #invite_token == 0 then
		return 404;
	end
	local invite = invites.get(invite_token);
	if not invite then
		return 404;
	end

	event.response.headers["Content-Type"] = json_content_type;
	return json.encode({
		site_name = site_name;
		token = invite.token;
		domain = module.host;
		uri = invite.uri;
		type = invite.type;
		jid = invite.jid;
		inviter = invite.inviter;
		reset = invite.additional_data and invite.additional_data.allow_reset or nil;
	});
end

function register_with_invite(event)
	local request, response = event.request, event.response;

	if not request.body or #request.body == 0
	or request.headers.content_type ~= json_content_type then
		module:log("warn", "Invalid payload");
		return 400;
	end

	local register_data = json.decode(event.request.body);
	if not register_data then
		module:log("warn", "Invalid JSON");
		return 400;
	end

	local user, password, token = register_data.username, register_data.password, register_data.token;

	local invite = invites.get(token);
	if not invite then
		return 404;
	end

	response.headers["Content-Type"] = json_content_type;

	if not user or #user == 0 or not password or #password == 0 or not token then
		module:log("warn", "Invalid data");
		return 400;
	end

	-- Shamelessly copied from mod_register_web.
	local prepped_username = nodeprep(user);

	if not prepped_username or #prepped_username == 0 then
		return 400;
	end

	local reset_for = invite.additional_data and invite.additional_data.allow_reset or nil;
	if reset_for ~= nil then
		module:log("debug", "handling password reset invite for %s", reset_for)
		if reset_for ~= prepped_username then
			return 403; -- Attempt to use reset invite for incorrect user
		end
		local ok, err = usermanager.set_password(prepped_username, password, module.host);
		if not ok then
			module:log("error", "Unable to reset password for %s@%s: %s", prepped_username, module.host, err);
			return 500;
		end
		module:fire_event("user-password-reset", user);
	elseif usermanager.user_exists(prepped_username, module.host) then
		return 409; -- Conflict
	else
		local registering = {
			validated_invite = invite;
			username = prepped_username;
			host = module.host;
			ip = request.ip;
			allowed = true;
		};

		module:fire_event("user-registering", registering);

		if not registering.allowed then
			return 403;
		end

		local ok, err = usermanager.create_user(prepped_username, password, module.host);

		if not ok then
			local err_id = id.short();
			module:log("warn", "Registration failed (%s): %s", err_id, tostring(err));
			return 500;
		end

		module:fire_event("user-registered", {
			username = prepped_username;
			host = module.host;
			source = "mod_"..module.name;
			validated_invite = invite;
			ip = request.ip;
		});
	end

	return json.encode({
		jid = prepped_username .. "@" .. module.host;
	});
end

module:provides("http", {
	default_path = "register_api";
	route = {
		["GET /invite/*"] = get_invite_info;
		["POST /register"] = register_with_invite;
	};
});