Mercurial > prosody-modules
view mod_invites_tracking/mod_invites_tracking.lua @ 5550:4fda06be6b08
mod_http_oauth2: Make note about handling repeated
RFC 6749 states
> If an authorization code is used more than once, the authorization
> server MUST deny the request and SHOULD revoke (when possible) all
> tokens previously issued based on that authorization code.
We should follow the SHOULD.
The MUST is already covered by removing the code state from the cache.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 16 Jun 2023 00:10:46 +0200 |
| parents | 32f1f18f4874 |
| children | cb3b2fbf57e7 |
line wrap: on
line source
local tracking_store = module:open_store("invites_tracking"); module:hook("user-registered", function(event) local validated_invite = event.validated_invite or (event.session and event.session.validated_invite); local new_username = event.username; local invite_id = nil; local invite_source = nil; if validated_invite then invite_source = validated_invite.additional_data and validated_invite.additional_data.source; invite_id = validated_invite.token; end tracking_store:set(new_username, {invite_id = validated_invite.token, invite_source = invite_source}); module:log("debug", "recorded that invite from %s was used to create %s", invite_source, new_username) end); -- " " is an invalid localpart -> we can safely use it for store metadata tracking_store:set(" ", {version="1"});
