annotate mod_invites/mod_invites.lua @ 4078:2f0c8670d2fa

mod_invites: Add API to create account reset invites (from Snikket)
author Matthew Wild <mwild1@gmail.com>
date Mon, 07 Sep 2020 13:00:43 +0100
parents f85ea76447dd
children b68b917e568f
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3776
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 local id = require "util.id";
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 local url = require "socket.url";
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 local jid_node = require "util.jid".node;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 local invite_ttl = module:get_option_number("invite_expiry", 86400 * 7);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 local token_storage = module:open_store("invite_token", "map");
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9 local function get_uri(action, jid, token, params) --> string
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10 return url.build({
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11 scheme = "xmpp",
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 path = jid,
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13 query = action..";preauth="..token..(params and (";"..params) or ""),
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14 });
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16
4077
f85ea76447dd mod_invites: Allow inclusion of 'additional data' in invites (from Snikket)
Matthew Wild <mwild1@gmail.com>
parents: 3776
diff changeset
17 local function create_invite(invite_action, invite_jid, allow_registration, additional_data)
3776
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 local token = id.medium();
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20 local created_at = os.time();
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 local expires = created_at + invite_ttl;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 local invite_params = (invite_action == "roster" and allow_registration) and "ibr=y" or nil;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 local invite = {
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
26 type = invite_action;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
27 jid = invite_jid;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29 token = token;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
30 allow_registration = allow_registration;
4077
f85ea76447dd mod_invites: Allow inclusion of 'additional data' in invites (from Snikket)
Matthew Wild <mwild1@gmail.com>
parents: 3776
diff changeset
31 additional_data = additional_data;
3776
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
32
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 uri = get_uri(invite_action, invite_jid, token, invite_params);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 created_at = created_at;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36 expires = expires;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 };
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 module:fire_event("invite-created", invite);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41 if allow_registration then
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 local ok, err = token_storage:set(nil, token, invite);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43 if not ok then
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 module:log("warn", "Failed to store account invite: %s", err);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
45 return nil, "internal-server-error";
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49 if invite_action == "roster" then
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
50 local username = jid_node(invite_jid);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
51 local ok, err = token_storage:set(username, token, expires);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52 if not ok then
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53 module:log("warn", "Failed to store subscription invite: %s", err);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 return nil, "internal-server-error";
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
57
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
58 return invite;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
59 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
61 -- Create invitation to register an account (optionally restricted to the specified username)
4077
f85ea76447dd mod_invites: Allow inclusion of 'additional data' in invites (from Snikket)
Matthew Wild <mwild1@gmail.com>
parents: 3776
diff changeset
62 function create_account(account_username, additional_data) --luacheck: ignore 131/create_account
3776
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
63 local jid = account_username and (account_username.."@"..module.host) or module.host;
4077
f85ea76447dd mod_invites: Allow inclusion of 'additional data' in invites (from Snikket)
Matthew Wild <mwild1@gmail.com>
parents: 3776
diff changeset
64 return create_invite("register", jid, true, additional_data);
3776
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
65 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
66
4078
2f0c8670d2fa mod_invites: Add API to create account reset invites (from Snikket)
Matthew Wild <mwild1@gmail.com>
parents: 4077
diff changeset
67 -- Create invitation to reset the password for an account
2f0c8670d2fa mod_invites: Add API to create account reset invites (from Snikket)
Matthew Wild <mwild1@gmail.com>
parents: 4077
diff changeset
68 function create_account_reset(account_username) --luacheck: ignore 131/create_account_reset
2f0c8670d2fa mod_invites: Add API to create account reset invites (from Snikket)
Matthew Wild <mwild1@gmail.com>
parents: 4077
diff changeset
69 return create_account(account_username, { allow_reset = account_username });
2f0c8670d2fa mod_invites: Add API to create account reset invites (from Snikket)
Matthew Wild <mwild1@gmail.com>
parents: 4077
diff changeset
70 end
2f0c8670d2fa mod_invites: Add API to create account reset invites (from Snikket)
Matthew Wild <mwild1@gmail.com>
parents: 4077
diff changeset
71
3776
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
72 -- Create invitation to become a contact of a local user
4077
f85ea76447dd mod_invites: Allow inclusion of 'additional data' in invites (from Snikket)
Matthew Wild <mwild1@gmail.com>
parents: 3776
diff changeset
73 function create_contact(username, allow_registration, additional_data) --luacheck: ignore 131/create_contact
f85ea76447dd mod_invites: Allow inclusion of 'additional data' in invites (from Snikket)
Matthew Wild <mwild1@gmail.com>
parents: 3776
diff changeset
74 return create_invite("roster", username.."@"..module.host, allow_registration, additional_data);
3776
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
75 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
76
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
77 local valid_invite_methods = {};
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
78 local valid_invite_mt = { __index = valid_invite_methods };
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
79
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
80 function valid_invite_methods:use()
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
81 if self.username then
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
82 -- Also remove the contact invite if present, on the
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
83 -- assumption that they now have a mutual subscription
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
84 token_storage:set(self.username, self.token, nil);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
85 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
86 token_storage:set(nil, self.token, nil);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
87 return true;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
88 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
89
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
90 -- Get a validated invite (or nil, err). Must call :use() on the
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
91 -- returned invite after it is actually successfully used
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
92 -- For "roster" invites, the username of the local user (who issued
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
93 -- the invite) must be passed.
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
94 -- If no username is passed, but the registration is a roster invite
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
95 -- from a local user, the "inviter" field of the returned invite will
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
96 -- be set to their username.
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
97 function get(token, username)
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
98 if not token then
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
99 return nil, "no-token";
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
100 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
101
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
102 local valid_until, inviter;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
103
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
104 if username then -- token being used for subscription
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
105 -- Fetch from user store (subscription invite)
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
106 valid_until = token_storage:get(username, token);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
107 else -- token being used for account creation
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
108 -- Fetch from host store (account invite)
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
109 local token_info = token_storage:get(nil, token);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
110 valid_until = token_info and token_info.expires;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
111 if token_info.type == "roster" then
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
112 username = jid_node(token_info.jid);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
113 inviter = username;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
114 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
115 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
116
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
117 if not valid_until then
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
118 module:log("debug", "Got unknown token: %s", token);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
119 return nil, "token-invalid";
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
120 elseif os.time() > valid_until then
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
121 module:log("debug", "Got expired token: %s", token);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
122 return nil, "token-expired";
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
123 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
124
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
125 return setmetatable({
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
126 token = token;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
127 username = username;
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
128 inviter = inviter;
4077
f85ea76447dd mod_invites: Allow inclusion of 'additional data' in invites (from Snikket)
Matthew Wild <mwild1@gmail.com>
parents: 3776
diff changeset
129 additional_data = token_info and token_info.additional_data or nil;
3776
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
130 }, valid_invite_mt);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
131 end
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
132
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
133 function use(token) --luacheck: ignore 131/use
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
134 local invite = get(token);
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
135 return invite and invite:use();
80830d97da81 mod_invites: New module providing an API to create/manage invite tokens
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
136 end