Mercurial > prosody-modules
annotate mod_c2s_limit_sessions/mod_c2s_limit_sessions.lua @ 5550:4fda06be6b08
mod_http_oauth2: Make note about handling repeated
RFC 6749 states
> If an authorization code is used more than once, the authorization
> server MUST deny the request and SHOULD revoke (when possible) all
> tokens previously issued based on that authorization code.
We should follow the SHOULD.
The MUST is already covered by removing the code state from the cache.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 16 Jun 2023 00:10:46 +0200 |
parents | f581210093a7 |
children |
rev | line source |
---|---|
1365
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 -- mod_c2s_limit_sessions |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 local next, count = next, require "util.iterators".count; |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 local max_resources = module:get_option_number("max_resources", 10); |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 local sessions = hosts[module.host].sessions; |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 module:hook("resource-bind", function(event) |
1366
f581210093a7
mod_c2s_limit_sessions: Fix global access
Kim Alvefur <zash@zash.se>
parents:
1365
diff
changeset
|
9 local session = event.session; |
f581210093a7
mod_c2s_limit_sessions: Fix global access
Kim Alvefur <zash@zash.se>
parents:
1365
diff
changeset
|
10 if count(next, sessions[session.username].sessions) > max_resources then |
1365
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 session:close{ condition = "policy-violation", text = "Too many resources" }; |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 return false |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 end |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 end, -1); |