libervia-web: src/server/server.py comparison

comparison src/server/server.py @ 801:68eadda8a59a

server_side: fixed confusion between jid user and host when there's not arobase

author	souliane <souliane@mailoo.org>
date	Wed, 09 Dec 2015 11:19:41 +0100
parents	fad9c9f82ae3
children	3905bc24eb17

comparison

equal deleted inserted replaced

-:4caf2caa898a
+:68eadda8a59a
 except (RuntimeError, jid.InvalidFormat, AttributeError):
 request.write(C.PROFILE_AUTH_ERROR)
 request.finish()
 return
-# redirect "user@libervia.org" to the "user" profile
+# XXX: if there's no arobase in the JID, its host part is filled and the SàT profile name
-if login_jid.host == new_account_domain:
+# is there ; we need to look in the JID's user part to know if there's an arobase or not.
-login = login_jid.user
+if login_jid.user and login_jid.host == new_account_domain:
+# redirect "user@libervia.org" to the "user" profile
+login_jid = jid.JID(login_jid.user)
 try:
-profile = self.sat_host.bridge.getProfileName(login)
+profile = self.sat_host.bridge.getProfileName(login_jid.full())
 except Exception:  # XXX: ProfileUnknownError wouldn't work, it's encapsulated
-# try to create a new sat profile using the XMPP credentials
+if login_jid.user:  # try to create a new sat profile using the XMPP credentials
-profile = login
+profile = login_jid.full()
 connect_method = "asyncConnectWithXMPPCredentials"
 register_with_ext_jid = True
+else: # non existing username
+request.write(C.PROFILE_AUTH_ERROR)
+request.finish()
+return
 else:
-if profile != login or (not password and profile not in self.sat_host.empty_password_allowed_warning_dangerous_list):
+if profile != login_jid.full() or (not password and profile not in self.sat_host.empty_password_allowed_warning_dangerous_list):
 # profiles with empty passwords are restricted to local frontends
 request.write(C.PROFILE_AUTH_ERROR)
 request.finish()
 return
 register_with_ext_jid = False

Mercurial > libervia-web

comparison src/server/server.py @ 801:68eadda8a59a