Mercurial > prosody-modules
annotate mod_adhoc_account_management/mod_adhoc_account_management.lua @ 3195:66b3085ecc49
mod_lib_ldap: assert() connection for hopefully better error reporting (thanks adac)
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Thu, 26 Jul 2018 10:35:30 +0100 |
parents | 1aa48916eb8b |
children | c6dd65354db0 |
rev | line source |
---|---|
1090
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 local dataforms_new = require "util.dataforms".new; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 local usermanager_set_password = require "core.usermanager".set_password; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 local usermanager_test_password = require "core.usermanager".test_password; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 local jid_split = require"util.jid".split; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 local close_others = module:get_option_boolean("close_sessions_on_password_change", true) |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 local require_confirm = module:get_option_boolean("require_confirm_password", true) |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 local require_current = module:get_option_boolean("require_current_password", true) |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 local change_password_layout = { |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 title = "Changing Your Password"; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 instructions = "Fill out this form to change a your password."; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 { |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 -- This is meta |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 name = "FORM_TYPE", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 type = "hidden", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 -- Reuses form type from XEP 77 |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 value = "jabber:iq:register:changepassword", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 }; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 { |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 name = "password", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 type = "text-private", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 required = true, |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 label = "New Password", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 }; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 }; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 if require_confirm then |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 table.insert(change_password_layout, { |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 name = "password-confirm", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 type = "text-private", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 required = true, |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 label = "Confirm new password", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 }); |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 end |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 if require_current then |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 table.insert(change_password_layout, 2, { |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 name = "password-current", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 type = "text-private", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 required = true, |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 label = "Current password", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 }); |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 end |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 change_password_layout = dataforms_new(change_password_layout); |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 function change_password_command_handler(self, data, state) |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 if not state then -- New session, send the form |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 return { status = "executing", actions = { "complete" }, form = change_password_layout }, true; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 else |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 if data.action == "cancel" then |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 return { status = "canceled" }; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 end |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 -- Who are we talking to? |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 local username, hostname = jid_split(data.from); |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
55 if not username or hostname ~= module.host then |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
56 return { status = "error", error = { type = "cancel", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
57 condition = "forbidden", message = "Invalid user or hostname." } }; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
58 end |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
59 |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
60 -- Extract data from the form |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
61 local fields = change_password_layout:data(data.form); |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
62 |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
63 -- Validate |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
64 if require_current then |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
65 if not fields["password-current"] or #fields["password-current"] == 0 then |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
66 return { status = "error", error = { type = "modify", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
67 condition = "bad-request", message = "Please enter your current password" } }; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
68 elseif not usermanager_test_password(username, hostname, fields["password-current"]) then |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
69 return { status = "error", error = { type = "modify", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
70 condition = "bad-request", message = "Your current password was incorrect" } }; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
71 end |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
72 end |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
73 |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
74 if require_confirm and fields["password-confirm"] ~= fields["password"] then |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
75 return { status = "error", error = { type = "modify", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
76 condition = "bad-request", message = "New password didn't match the confirmation" } }; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
77 end |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
78 |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
79 if not fields.password or #fields.password == 0 then |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
80 return { status = "error", error = { type = "modify", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
81 condition = "bad-request", message = "Please enter a new password" } }; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
82 end |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
83 |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
84 -- All is good, so change password. |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
85 module:log("debug", "About to usermanager.set_password(%q, password, %q)", username, hostname); |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
86 local ok, err = usermanager_set_password(username, fields.password, hostname); |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
87 if ok then |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
88 if close_others then |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
89 for _, sess in pairs(hosts[hostname].sessions[username].sessions) do |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
90 if sess.full_jid ~= data.from then |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
91 sess:close{ condition = "reset", text = "Password changed" } |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
92 end |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
93 end |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
94 end |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
95 return { status = "completed", info = "Password successfully changed" }; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
96 else |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
97 module:log("warn", "%s@%s could not change password: %s", username, hostname, tostring(err)); |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
98 return { status = "error", error = { type = "cancel", |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
99 condition = "internal-server-error", message = "Could not save new password: "..tostring(err) } }; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
100 end |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
101 end |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
102 end |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
103 |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
104 -- Feature requests? What could fit under account management? |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
105 |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
106 |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
107 local adhoc_new = module:require "adhoc".new; |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
108 local adhoc_passwd = adhoc_new("Change Password", "passwd", change_password_command_handler, "user"); |
1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
109 module:add_item ("adhoc", adhoc_passwd); |