view mod_auth_sql/README.md @ 6165:e977174082ee

mod_invites_register_api: Use set_password() for password resets Previously the code relied on the (weird) behaviour of create_user(), which would update the password for a user account if it already existed. This has several issues, and we plan to deprecate this behaviour of create_user(). The larger issue is that this route does not trigger the user-password-changed event, which can be a security problem. For example, it did not disconnect existing user sessions (this occurs in mod_c2s in response to the event). Switching to set_password() is the right thing to do
author Matthew Wild <mwild1@gmail.com>
date Thu, 06 Feb 2025 10:24:30 +0000
parents fe081789f7b5
children f1743e2c23ba
line wrap: on
line source

---
labels:
- 'Type-Auth'
- 'Stage-Stable'
summary: SQL Database authentication module
...

Introduction
============

Allow client authentication to be handled by an SQL database query.

Unlike mod\_storage\_sql (which is supplied with Prosody) this module
allows for custom schemas (though currently it is required to edit the
source).

Configuration
=============

As with all auth modules, there is no need to add this to
modules\_enabled. Simply add in the global section, or for the relevant
hosts:

        authentication = "sql"

This module reuses the database configuration of
[mod\_storage\_sql](http://prosody.im/doc/modules/mod_storage_sql) (the
'sql' option), which you can set even if you are not using SQL as
Prosody's primary storage backend.

The query is currently hardcoded in the module, so you will need to edit
the module to change it. The default query is compatible with jabberd2
DB schema.

Compatibility
=============

  ----- -------
  0.8   Works
  ----- -------