Mercurial > prosody-modules
annotate mod_register_web/mod_register_web.lua @ 5289:308024be6d6f
mod_authz_delegate: introduce module to "link" authorization of hosts
See the readme :-).
Motivation is allowing Snikket admins to change circle avatars via
the web portal without bypassing Prosody access checks.
author | Jonas Schäfer <jonas@wielicki.name> |
---|---|
date | Wed, 29 Mar 2023 17:21:45 +0200 |
parents | 95262bd1bcb2 |
children |
rev | line source |
---|---|
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 local captcha_options = module:get_option("captcha_options", {}); |
746
03595194075a
mod_register_web: nodeprep username before creating user (thanks IRON)
Matthew Wild <mwild1@gmail.com>
parents:
653
diff
changeset
|
2 local nodeprep = require "util.encodings".stringprep.nodeprep; |
1225
a3766d3baacb
mod_register_web: Import usermanager and util.http into locals
Kim Alvefur <zash@zash.se>
parents:
1223
diff
changeset
|
3 local usermanager = require "core.usermanager"; |
2739
7d864a03b509
mod_register_web: Import missing datamanager
Michel Le Bihan <michel@lebihan.pl>
parents:
2733
diff
changeset
|
4 local datamanager = require "util.datamanager"; |
1247
34fbe58d19da
mod_register_web: Use net.http instead of util.http, as we need to make requests (thanks dustin)
Matthew Wild <mwild1@gmail.com>
parents:
1239
diff
changeset
|
5 local http = require "net.http"; |
1459
742f3dc601b5
mod_register_web: Use path separator from package.config
Kim Alvefur <zash@zash.se>
parents:
1320
diff
changeset
|
6 local path_sep = package.config:sub(1,1); |
1778
32604bf33a4c
mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google.
Thijs Alkemade <me@thijsalkema.de>
parents:
1618
diff
changeset
|
7 local json = require "util.json".decode; |
32604bf33a4c
mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google.
Thijs Alkemade <me@thijsalkema.de>
parents:
1618
diff
changeset
|
8 local t_concat = table.concat; |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
3372
866167118d23
mod_register_web: Add soft dependency on mod_register_limits (0.11+)
Kim Alvefur <zash@zash.se>
parents:
2999
diff
changeset
|
10 pcall(function () |
866167118d23
mod_register_web: Add soft dependency on mod_register_limits (0.11+)
Kim Alvefur <zash@zash.se>
parents:
2999
diff
changeset
|
11 module:depends("register_limits"); |
866167118d23
mod_register_web: Add soft dependency on mod_register_limits (0.11+)
Kim Alvefur <zash@zash.se>
parents:
2999
diff
changeset
|
12 end); |
866167118d23
mod_register_web: Add soft dependency on mod_register_limits (0.11+)
Kim Alvefur <zash@zash.se>
parents:
2999
diff
changeset
|
13 |
1460
5e1f7af23cf0
mod_register_web: Add dependency on mod_http
Kim Alvefur <zash@zash.se>
parents:
1459
diff
changeset
|
14 module:depends"http"; |
5e1f7af23cf0
mod_register_web: Add dependency on mod_http
Kim Alvefur <zash@zash.se>
parents:
1459
diff
changeset
|
15 |
1235
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
16 local extra_fields = { |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
17 nick = true; name = true; first = true; last = true; email = true; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
18 address = true; city = true; state = true; zip = true; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
19 phone = true; url = true; date = true; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
20 } |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
21 |
1572
1aa894db3585
mod_register_web: Add option for specifying path to templates
Kim Alvefur <zash@zash.se>
parents:
1460
diff
changeset
|
22 local template_path = module:get_option_string("register_web_template", "templates"); |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
23 function template(data) |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
24 -- Like util.template, but deals with plain text |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
25 return { apply = function(values) return (data:gsub("{([^}]+)}", values)); end } |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
26 end |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
27 |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
28 local function get_template(name) |
1572
1aa894db3585
mod_register_web: Add option for specifying path to templates
Kim Alvefur <zash@zash.se>
parents:
1460
diff
changeset
|
29 local fh = assert(module:load_resource(template_path..path_sep..name..".html")); |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
30 local data = assert(fh:read("*a")); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
31 fh:close(); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
32 return template(data); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
33 end |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
34 |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
35 local function render(template, data) |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
36 return tostring(template.apply(data)); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
37 end |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
38 |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
39 local register_tpl = get_template "register"; |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
40 local success_tpl = get_template "success"; |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
41 |
3724
1c3c7d73c5a6
mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian)
Kim Alvefur <zash@zash.se>
parents:
3679
diff
changeset
|
42 -- COMPAT `or request.conn:ip()` |
1c3c7d73c5a6
mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian)
Kim Alvefur <zash@zash.se>
parents:
3679
diff
changeset
|
43 |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
44 if next(captcha_options) ~= nil then |
4440
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
45 local provider = captcha_options.provider; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
46 if provider == nil or provider == "recaptcha" then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
47 local recaptcha_tpl = get_template "recaptcha"; |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
48 |
4440
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
49 function generate_captcha(display_options) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
50 return recaptcha_tpl.apply(setmetatable({ |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
51 recaptcha_display_error = display_options and display_options.recaptcha_error |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
52 and ("&error="..display_options.recaptcha_error) or ""; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
53 }, { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
54 __index = function (_, k) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
55 if captcha_options[k] then return captcha_options[k]; end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
56 module:log("error", "Missing parameter from captcha_options: %s", k); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
57 end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
58 })); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
59 end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
60 function verify_captcha(request, form, callback) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
61 http.request("https://www.google.com/recaptcha/api/siteverify", { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
62 body = http.formencode { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
63 secret = captcha_options.recaptcha_private_key; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
64 remoteip = request.ip or request.conn:ip(); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
65 response = form["g-recaptcha-response"]; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
66 }; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
67 }, function (verify_result, code) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
68 local result = json(verify_result); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
69 if not result then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
70 module:log("warn", "Unable to decode response from recaptcha: [%d] %s", code, verify_result); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
71 callback(false, "Captcha API error"); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
72 elseif result.success == true then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
73 callback(true); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
74 else |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
75 callback(false, t_concat(result["error-codes"])); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
76 end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
77 end); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
78 end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
79 elseif provider == "hcaptcha" then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
80 local captcha_tpl = get_template "hcaptcha"; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
81 |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
82 function generate_captcha(display_options) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
83 return captcha_tpl.apply(setmetatable({ |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
84 captcha_display_error = display_options and display_options.captcha_error |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
85 and ("&error="..display_options.captcha_error) or ""; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
86 }, { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
87 __index = function (_, k) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
88 if captcha_options[k] then return captcha_options[k]; end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
89 module:log("error", "Missing parameter from captcha_options: %s", k); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
90 end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
91 })); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
92 end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
93 function verify_captcha(request, form, callback) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
94 http.request("https://hcaptcha.com/siteverify", { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
95 body = http.formencode { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
96 secret = captcha_options.captcha_private_key; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
97 remoteip = request.ip or request.conn:ip(); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
98 response = form["h-captcha-response"]; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
99 }; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
100 }, function (verify_result, code) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
101 local result = json(verify_result); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
102 if not result then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
103 module:log("warn", "Unable to decode response from hcaptcha: [%d] %s", code, verify_result); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
104 callback(false, "Captcha API error"); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
105 elseif result.success == true then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
106 callback(true); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
107 else |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
108 callback(false, t_concat(result["error-codes"])); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
109 end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
110 end); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
111 end |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
112 end |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
113 else |
4440
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
114 module:log("debug", "No captcha options set, using fallback captcha") |
1231 | 115 local random = math.random; |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
116 local hmac_sha1 = require "util.hashes".hmac_sha1; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
117 local secret = require "util.uuid".generate() |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
118 local ops = { '+', '-' }; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
119 local captcha_tpl = get_template "simplecaptcha"; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
120 function generate_captcha() |
1231 | 121 local op = ops[random(1, #ops)]; |
122 local x, y = random(1, 9) | |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
123 repeat |
1231 | 124 y = random(1, 9); |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
125 until x ~= y; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
126 local answer; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
127 if op == '+' then |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
128 answer = x + y; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
129 elseif op == '-' then |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
130 if x < y then |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
131 -- Avoid negative numbers |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
132 x, y = y, x; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
133 end |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
134 answer = x - y; |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
135 end |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
136 local challenge = hmac_sha1(secret, answer, true); |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
137 return captcha_tpl.apply { |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
138 op = op, x = x, y = y, challenge = challenge; |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
139 }; |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
140 end |
1234
da39ba4047a7
mod_register_web: Pass request to captcha handler
Kim Alvefur <zash@zash.se>
parents:
1233
diff
changeset
|
141 function verify_captcha(request, form, callback) |
3679
f9a93d7b6c50
mod_register_web: Fix traceback if captcha_reply is left out of the form (thanks woffs)
Kim Alvefur <zash@zash.se>
parents:
3372
diff
changeset
|
142 if hmac_sha1(secret, form.captcha_reply or "", true) == form.captcha_challenge then |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
143 callback(true); |
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
144 else |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
145 callback(false, "Captcha verification failed"); |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
146 end |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
147 end |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
148 end |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
149 |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
150 function generate_page(event, display_options) |
1618
c56baec031e8
mod_register_web: Send Content-Type headers
Kim Alvefur <zash@zash.se>
parents:
1572
diff
changeset
|
151 local request, response = event.request, event.response; |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
152 |
1618
c56baec031e8
mod_register_web: Send Content-Type headers
Kim Alvefur <zash@zash.se>
parents:
1572
diff
changeset
|
153 response.headers.content_type = "text/html; charset=utf-8"; |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
154 return render(register_tpl, { |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
155 path = request.path; hostname = module.host; |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
156 notice = display_options and display_options.register_error or ""; |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
157 captcha = generate_captcha(display_options); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
158 }) |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
159 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
160 |
1320
e670d4cc5027
mod_register_web: Pass request around so IP address can be reported
Kim Alvefur <zash@zash.se>
parents:
1247
diff
changeset
|
161 function register_user(form, origin) |
2924
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2923
diff
changeset
|
162 local username = form.username; |
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2923
diff
changeset
|
163 local password = form.password; |
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2923
diff
changeset
|
164 local confirm_password = form.confirm_password; |
2929
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
165 local jid = nil; |
2924
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2923
diff
changeset
|
166 form.username, form.password, form.confirm_password = nil, nil, nil; |
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2923
diff
changeset
|
167 |
3725
19e43b7a969d
mod_register_web: Enforce strict username validation (on trunk, ignored otherwise)
Kim Alvefur <zash@zash.se>
parents:
3724
diff
changeset
|
168 local prepped_username = nodeprep(username, true); |
1230
f7c561fbd5a6
mod_register_web: Friendly error messages if the username is taken or failed nodeprep
Kim Alvefur <zash@zash.se>
parents:
1229
diff
changeset
|
169 if not prepped_username then |
f7c561fbd5a6
mod_register_web: Friendly error messages if the username is taken or failed nodeprep
Kim Alvefur <zash@zash.se>
parents:
1229
diff
changeset
|
170 return nil, "Username contains forbidden characters"; |
f7c561fbd5a6
mod_register_web: Friendly error messages if the username is taken or failed nodeprep
Kim Alvefur <zash@zash.se>
parents:
1229
diff
changeset
|
171 end |
1236
59332e0bfbdc
mod_register_web: Check for empty username
Kim Alvefur <zash@zash.se>
parents:
1235
diff
changeset
|
172 if #prepped_username == 0 then |
59332e0bfbdc
mod_register_web: Check for empty username
Kim Alvefur <zash@zash.se>
parents:
1235
diff
changeset
|
173 return nil, "The username field was empty"; |
59332e0bfbdc
mod_register_web: Check for empty username
Kim Alvefur <zash@zash.se>
parents:
1235
diff
changeset
|
174 end |
1229
12e3bc0fd6ed
mod_register_web: Indentation fix
Kim Alvefur <zash@zash.se>
parents:
1228
diff
changeset
|
175 if usermanager.user_exists(prepped_username, module.host) then |
1230
f7c561fbd5a6
mod_register_web: Friendly error messages if the username is taken or failed nodeprep
Kim Alvefur <zash@zash.se>
parents:
1229
diff
changeset
|
176 return nil, "Username already taken"; |
1229
12e3bc0fd6ed
mod_register_web: Indentation fix
Kim Alvefur <zash@zash.se>
parents:
1228
diff
changeset
|
177 end |
3724
1c3c7d73c5a6
mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian)
Kim Alvefur <zash@zash.se>
parents:
3679
diff
changeset
|
178 local registering = { username = prepped_username , host = module.host, additional = form, ip = origin.ip or origin.conn:ip(), allowed = true } |
1237
c669cb78b293
mod_register_web: Fire user-registering event like mod_register
Kim Alvefur <zash@zash.se>
parents:
1236
diff
changeset
|
179 module:fire_event("user-registering", registering); |
c669cb78b293
mod_register_web: Fire user-registering event like mod_register
Kim Alvefur <zash@zash.se>
parents:
1236
diff
changeset
|
180 if not registering.allowed then |
2923
9d53134a0b29
mod_register_web: Return reason for rejection if one was provided by another plugin during pre-registration checks
Kim Alvefur <zash@zash.se>
parents:
2922
diff
changeset
|
181 return nil, registering.reason or "Registration not allowed"; |
1237
c669cb78b293
mod_register_web: Fire user-registering event like mod_register
Kim Alvefur <zash@zash.se>
parents:
1236
diff
changeset
|
182 end |
2924
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2923
diff
changeset
|
183 if confirm_password ~= password then |
2733
c8161146c698
mod_register_web: Add password confirmation field
Michel Le Bihan <michel@lebihan.pl>
parents:
1778
diff
changeset
|
184 return nil, "Passwords don't match"; |
c8161146c698
mod_register_web: Add password confirmation field
Michel Le Bihan <michel@lebihan.pl>
parents:
1778
diff
changeset
|
185 end |
2924
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2923
diff
changeset
|
186 local ok, err = usermanager.create_user(prepped_username, password, module.host); |
1232
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
187 if ok then |
2929
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
188 jid = prepped_username.."@"..module.host |
1235
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
189 local extra_data = {}; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
190 for field in pairs(extra_fields) do |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
191 local field_value = form[field]; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
192 if field_value and #field_value > 0 then |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
193 extra_data[field] = field_value; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
194 end |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
195 end |
1238
752285859607
mod_register_web: Use correct variables
Kim Alvefur <zash@zash.se>
parents:
1237
diff
changeset
|
196 if next(extra_data) ~= nil then |
1235
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
197 datamanager.store(prepped_username, module.host, "account_details", extra_data); |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
198 end |
1232
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
199 module:fire_event("user-registered", { |
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
200 username = prepped_username, |
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
201 host = module.host, |
1320
e670d4cc5027
mod_register_web: Pass request around so IP address can be reported
Kim Alvefur <zash@zash.se>
parents:
1247
diff
changeset
|
202 source = module.name, |
3724
1c3c7d73c5a6
mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian)
Kim Alvefur <zash@zash.se>
parents:
3679
diff
changeset
|
203 ip = origin.ip or origin.conn:ip(), |
1232
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
204 }); |
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
205 end |
2929
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
206 return jid, err; |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
207 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
208 |
2929
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
209 function generate_success(event, jid) |
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
210 return render(success_tpl, { jid = jid }); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
211 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
212 |
2929
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
213 function generate_register_response(event, jid, err) |
1618
c56baec031e8
mod_register_web: Send Content-Type headers
Kim Alvefur <zash@zash.se>
parents:
1572
diff
changeset
|
214 event.response.headers.content_type = "text/html; charset=utf-8"; |
2929
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
215 if jid then |
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
216 return generate_success(event, jid); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
217 else |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
218 return generate_page(event, { register_error = err }); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
219 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
220 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
221 |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
222 function handle_form(event) |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
223 local request, response = event.request, event.response; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
224 local form = http.formdecode(request.body); |
1234
da39ba4047a7
mod_register_web: Pass request to captcha handler
Kim Alvefur <zash@zash.se>
parents:
1233
diff
changeset
|
225 verify_captcha(request, form, function (ok, err) |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
226 if ok then |
2929
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
227 local jid, register_err = register_user(form, request); |
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
228 response:send(generate_register_response(event, jid, register_err)); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
229 else |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
230 response:send(generate_page(event, { register_error = err })); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
231 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
232 end); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
233 return true; -- Leave connection open until we respond above |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
234 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
235 |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
236 module:provides("http", { |
3753
cf3247ec5e01
mod_register_web: Set a (configurable) HTTP app title
Kim Alvefur <zash@zash.se>
parents:
3725
diff
changeset
|
237 title = module:get_option_string("register_web_title", "Account Registration"); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
238 route = { |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
239 GET = generate_page; |
1239
cc5cbeeb9fc7
mod_register_web: Handle URLs with a trailing slash
Kim Alvefur <zash@zash.se>
parents:
1238
diff
changeset
|
240 ["GET /"] = generate_page; |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
241 POST = handle_form; |
1239
cc5cbeeb9fc7
mod_register_web: Handle URLs with a trailing slash
Kim Alvefur <zash@zash.se>
parents:
1238
diff
changeset
|
242 ["POST /"] = handle_form; |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
243 }; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
244 }); |