Mercurial > prosody-modules
annotate mod_statistics_auth/mod_statistics_auth.lua @ 5616:59d5fc50f602
mod_http_oauth2: Implement refresh token rotation
Makes refresh tokens one-time-use, handing out a new refresh token with
each access token. Thus if a refresh token is stolen and used by an
attacker, the next time the legitimate client tries to use the previous
refresh token, it will not work and the attack will be noticed. If the
attacker does not use the refresh token, it becomes invalid after the
legitimate client uses it.
This behavior is recommended by draft-ietf-oauth-security-topics
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 23 Jul 2023 02:56:08 +0200 |
| parents | 78133eb11e7d |
| children |
| rev | line source |
|---|---|
|
1439
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 -- mod_statistics_auth |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 module:set_global(); |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 local auth_ok, auth_fail = 0, 0 |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 function module.add_host(module) |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 module:hook("authentication-success", function(event) |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 auth_ok = auth_ok + 1 |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 end); |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 module:hook("authentication-failure", function(event) |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 auth_fail = auth_fail + 1 |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 end); |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 end |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 module:provides("statistics", { |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 statistics = { |
|
1440
78133eb11e7d
mod_statistics_auth: Remove comments left from module this was based on
Kim Alvefur <zash@zash.se>
parents:
1439
diff
changeset
|
17 c2s_auth = { |
|
1439
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 get = function () |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 return auth_ok; |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 end; |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 tostring = tostring; |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 }; |
|
1440
78133eb11e7d
mod_statistics_auth: Remove comments left from module this was based on
Kim Alvefur <zash@zash.se>
parents:
1439
diff
changeset
|
23 c2s_authfail = { |
|
1439
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 get = function () |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 return auth_fail; |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 end; |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 tostring = tostring; |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 }; |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 } |
|
86ceb94e3db4
mod_statistics_auth: Collects statistics on number of successful or failed authentication attempts
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 }); |