Mercurial > prosody-modules
annotate mod_c2s_limit_sessions/mod_c2s_limit_sessions.lua @ 5416:2393dbae51ed
mod_http_oauth2: Add option for specifying TTL of registered clients
Meant to simplify configuration, since TTL vs ignoring expiration is
expected to be the main thing one would want to configure.
Unsure what the implications of having unlimited lifetime of clients
are, given no way to revoke them currently, short of rotating the
signing secret.
On one hand, it would be annoying to have the client expire.
On the other hand, it is trivial to re-register it.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 04 May 2023 18:41:33 +0200 |
| parents | f581210093a7 |
| children |
| rev | line source |
|---|---|
|
1365
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 -- mod_c2s_limit_sessions |
|
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 |
|
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 local next, count = next, require "util.iterators".count; |
|
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
|
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 local max_resources = module:get_option_number("max_resources", 10); |
|
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 |
|
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 local sessions = hosts[module.host].sessions; |
|
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 module:hook("resource-bind", function(event) |
|
1366
f581210093a7
mod_c2s_limit_sessions: Fix global access
Kim Alvefur <zash@zash.se>
parents:
1365
diff
changeset
|
9 local session = event.session; |
|
f581210093a7
mod_c2s_limit_sessions: Fix global access
Kim Alvefur <zash@zash.se>
parents:
1365
diff
changeset
|
10 if count(next, sessions[session.username].sessions) > max_resources then |
|
1365
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 session:close{ condition = "policy-violation", text = "Too many resources" }; |
|
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 return false |
|
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 end |
|
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 end, -1); |