prosody-modules: mod_register_web/mod_register

annotate mod_register_web/mod_register_web.lua @ 3568:6b3181fe5617

mod_auth_token: Timezone fix for TOTP checking luatz.time() returns milliseconds since epoch which is in UTC time, so we don't need to convert to UTC with gmtime. By calling gmtime, TOTP validation was failing when this module wasn't running on machine set to UTC time.

author	JC Brand <jc@opkode.com>
date	Thu, 02 May 2019 11:07:27 +0200
parents	866167118d23
children	f9a93d7b6c50

rev	line source
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	1 local captcha_options = module:get_option("captcha_options", {});
746 03595194075a mod_register_web: nodeprep username before creating user (thanks IRON) Matthew Wild <mwild1@gmail.com> parents: 653 diff changeset	2 local nodeprep = require "util.encodings".stringprep.nodeprep;
1225 a3766d3baacb mod_register_web: Import usermanager and util.http into locals Kim Alvefur <zash@zash.se> parents: 1223 diff changeset	3 local usermanager = require "core.usermanager";
2739 7d864a03b509 mod_register_web: Import missing datamanager Michel Le Bihan <michel@lebihan.pl> parents: 2733 diff changeset	4 local datamanager = require "util.datamanager";
1247 34fbe58d19da mod_register_web: Use net.http instead of util.http, as we need to make requests (thanks dustin) Matthew Wild <mwild1@gmail.com> parents: 1239 diff changeset	5 local http = require "net.http";
1459 742f3dc601b5 mod_register_web: Use path separator from package.config Kim Alvefur <zash@zash.se> parents: 1320 diff changeset	6 local path_sep = package.config:sub(1,1);
1778 32604bf33a4c mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google. Thijs Alkemade <me@thijsalkema.de> parents: 1618 diff changeset	7 local json = require "util.json".decode;
32604bf33a4c mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google. Thijs Alkemade <me@thijsalkema.de> parents: 1618 diff changeset	8 local t_concat = table.concat;
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	9
3372 866167118d23 mod_register_web: Add soft dependency on mod_register_limits (0.11+) Kim Alvefur <zash@zash.se> parents: 2999 diff changeset	10 pcall(function ()
866167118d23 mod_register_web: Add soft dependency on mod_register_limits (0.11+) Kim Alvefur <zash@zash.se> parents: 2999 diff changeset	11 module:depends("register_limits");
866167118d23 mod_register_web: Add soft dependency on mod_register_limits (0.11+) Kim Alvefur <zash@zash.se> parents: 2999 diff changeset	12 end);
866167118d23 mod_register_web: Add soft dependency on mod_register_limits (0.11+) Kim Alvefur <zash@zash.se> parents: 2999 diff changeset	13
1460 5e1f7af23cf0 mod_register_web: Add dependency on mod_http Kim Alvefur <zash@zash.se> parents: 1459 diff changeset	14 module:depends"http";
5e1f7af23cf0 mod_register_web: Add dependency on mod_http Kim Alvefur <zash@zash.se> parents: 1459 diff changeset	15
1235 9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	16 local extra_fields = {
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	17 nick = true; name = true; first = true; last = true; email = true;
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	18 address = true; city = true; state = true; zip = true;
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	19 phone = true; url = true; date = true;
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	20 }
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	21
1572 1aa894db3585 mod_register_web: Add option for specifying path to templates Kim Alvefur <zash@zash.se> parents: 1460 diff changeset	22 local template_path = module:get_option_string("register_web_template", "templates");
1227 6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	23 function template(data)
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	24 -- Like util.template, but deals with plain text
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	25 return { apply = function(values) return (data:gsub("{([^}]+)}", values)); end }
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	26 end
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	27
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	28 local function get_template(name)
1572 1aa894db3585 mod_register_web: Add option for specifying path to templates Kim Alvefur <zash@zash.se> parents: 1460 diff changeset	29 local fh = assert(module:load_resource(template_path..path_sep..name..".html"));
1227 6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	30 local data = assert(fh:read("*a"));
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	31 fh:close();
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	32 return template(data);
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	33 end
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	34
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	35 local function render(template, data)
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	36 return tostring(template.apply(data));
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	37 end
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	38
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	39 local register_tpl = get_template "register";
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	40 local success_tpl = get_template "success";
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	41
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	42 if next(captcha_options) ~= nil then
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	43 local recaptcha_tpl = get_template "recaptcha";
1227 6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	44
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	45 function generate_captcha(display_options)
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	46 return recaptcha_tpl.apply(setmetatable({
2740 57d4680b86a4 mod_register_web: Normalize indentation [luacheck] Kim Alvefur <zash@zash.se> parents: 2739 diff changeset	47 recaptcha_display_error = display_options and display_options.recaptcha_error
57d4680b86a4 mod_register_web: Normalize indentation [luacheck] Kim Alvefur <zash@zash.se> parents: 2739 diff changeset	48 and ("&error="..display_options.recaptcha_error) or "";
57d4680b86a4 mod_register_web: Normalize indentation [luacheck] Kim Alvefur <zash@zash.se> parents: 2739 diff changeset	49 }, {
2925 049975800d1c mod_register_web: Remove unused variables [luacheck] Kim Alvefur <zash@zash.se> parents: 2924 diff changeset	50 __index = function (_, k)
2740 57d4680b86a4 mod_register_web: Normalize indentation [luacheck] Kim Alvefur <zash@zash.se> parents: 2739 diff changeset	51 if captcha_options[k] then return captcha_options[k]; end
57d4680b86a4 mod_register_web: Normalize indentation [luacheck] Kim Alvefur <zash@zash.se> parents: 2739 diff changeset	52 module:log("error", "Missing parameter from captcha_options: %s", k);
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	53 end
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	54 }));
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	55 end
1234 da39ba4047a7 mod_register_web: Pass request to captcha handler Kim Alvefur <zash@zash.se> parents: 1233 diff changeset	56 function verify_captcha(request, form, callback)
1778 32604bf33a4c mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google. Thijs Alkemade <me@thijsalkema.de> parents: 1618 diff changeset	57 http.request("https://www.google.com/recaptcha/api/siteverify", {
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	58 body = http.formencode {
1778 32604bf33a4c mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google. Thijs Alkemade <me@thijsalkema.de> parents: 1618 diff changeset	59 secret = captcha_options.recaptcha_private_key;
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	60 remoteip = request.conn:ip();
1778 32604bf33a4c mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google. Thijs Alkemade <me@thijsalkema.de> parents: 1618 diff changeset	61 response = form["g-recaptcha-response"];
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	62 };
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	63 }, function (verify_result, code)
1778 32604bf33a4c mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google. Thijs Alkemade <me@thijsalkema.de> parents: 1618 diff changeset	64 local result = json(verify_result);
2999 d631fd9a3300 mod_register_web: Handle errors contacting upstream API Matthew Wild <mwild1@gmail.com> parents: 2929 diff changeset	65 if not result then
d631fd9a3300 mod_register_web: Handle errors contacting upstream API Matthew Wild <mwild1@gmail.com> parents: 2929 diff changeset	66 module:log("warn", "Unable to decode response from recaptcha: [%d] %s", code, verify_result);
d631fd9a3300 mod_register_web: Handle errors contacting upstream API Matthew Wild <mwild1@gmail.com> parents: 2929 diff changeset	67 callback(false, "Captcha API error");
d631fd9a3300 mod_register_web: Handle errors contacting upstream API Matthew Wild <mwild1@gmail.com> parents: 2929 diff changeset	68 elseif result.success == true then
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	69 callback(true);
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	70 else
1778 32604bf33a4c mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google. Thijs Alkemade <me@thijsalkema.de> parents: 1618 diff changeset	71 callback(false, t_concat(result["error-codes"]));
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	72 end
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	73 end);
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	74 end
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	75 else
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	76 module:log("debug", "No Recaptcha options set, using fallback captcha")
1231 502ce9672eae mod_register_web: Use local Kim Alvefur <zash@zash.se> parents: 1230 diff changeset	77 local random = math.random;
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	78 local hmac_sha1 = require "util.hashes".hmac_sha1;
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	79 local secret = require "util.uuid".generate()
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	80 local ops = { '+', '-' };
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	81 local captcha_tpl = get_template "simplecaptcha";
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	82 function generate_captcha()
1231 502ce9672eae mod_register_web: Use local Kim Alvefur <zash@zash.se> parents: 1230 diff changeset	83 local op = ops[random(1, #ops)];
502ce9672eae mod_register_web: Use local Kim Alvefur <zash@zash.se> parents: 1230 diff changeset	84 local x, y = random(1, 9)
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	85 repeat
1231 502ce9672eae mod_register_web: Use local Kim Alvefur <zash@zash.se> parents: 1230 diff changeset	86 y = random(1, 9);
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	87 until x ~= y;
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	88 local answer;
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	89 if op == '+' then
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	90 answer = x + y;
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	91 elseif op == '-' then
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	92 if x < y then
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	93 -- Avoid negative numbers
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	94 x, y = y, x;
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	95 end
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	96 answer = x - y;
1227 6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	97 end
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	98 local challenge = hmac_sha1(secret, answer, true);
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	99 return captcha_tpl.apply {
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	100 op = op, x = x, y = y, challenge = challenge;
1226 0667624637da mod_register_web: Split out recaptcha verification to a separate function Kim Alvefur <zash@zash.se> parents: 1225 diff changeset	101 };
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	102 end
1234 da39ba4047a7 mod_register_web: Pass request to captcha handler Kim Alvefur <zash@zash.se> parents: 1233 diff changeset	103 function verify_captcha(request, form, callback)
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	104 if hmac_sha1(secret, form.captcha_reply, true) == form.captcha_challenge then
1226 0667624637da mod_register_web: Split out recaptcha verification to a separate function Kim Alvefur <zash@zash.se> parents: 1225 diff changeset	105 callback(true);
0667624637da mod_register_web: Split out recaptcha verification to a separate function Kim Alvefur <zash@zash.se> parents: 1225 diff changeset	106 else
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	107 callback(false, "Captcha verification failed");
1226 0667624637da mod_register_web: Split out recaptcha verification to a separate function Kim Alvefur <zash@zash.se> parents: 1225 diff changeset	108 end
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	109 end
1226 0667624637da mod_register_web: Split out recaptcha verification to a separate function Kim Alvefur <zash@zash.se> parents: 1225 diff changeset	110 end
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	111
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	112 function generate_page(event, display_options)
1618 c56baec031e8 mod_register_web: Send Content-Type headers Kim Alvefur <zash@zash.se> parents: 1572 diff changeset	113 local request, response = event.request, event.response;
1227 6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	114
1618 c56baec031e8 mod_register_web: Send Content-Type headers Kim Alvefur <zash@zash.se> parents: 1572 diff changeset	115 response.headers.content_type = "text/html; charset=utf-8";
1227 6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	116 return render(register_tpl, {
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	117 path = request.path; hostname = module.host;
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	118 notice = display_options and display_options.register_error or "";
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	119 captcha = generate_captcha(display_options);
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	120 })
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	121 end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	122
1320 e670d4cc5027 mod_register_web: Pass request around so IP address can be reported Kim Alvefur <zash@zash.se> parents: 1247 diff changeset	123 function register_user(form, origin)
2924 edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	124 local username = form.username;
edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	125 local password = form.password;
edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	126 local confirm_password = form.confirm_password;
2929 3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	127 local jid = nil;
2924 edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	128 form.username, form.password, form.confirm_password = nil, nil, nil;
edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	129
edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	130 local prepped_username = nodeprep(username);
1230 f7c561fbd5a6 mod_register_web: Friendly error messages if the username is taken or failed nodeprep Kim Alvefur <zash@zash.se> parents: 1229 diff changeset	131 if not prepped_username then
f7c561fbd5a6 mod_register_web: Friendly error messages if the username is taken or failed nodeprep Kim Alvefur <zash@zash.se> parents: 1229 diff changeset	132 return nil, "Username contains forbidden characters";
f7c561fbd5a6 mod_register_web: Friendly error messages if the username is taken or failed nodeprep Kim Alvefur <zash@zash.se> parents: 1229 diff changeset	133 end
1236 59332e0bfbdc mod_register_web: Check for empty username Kim Alvefur <zash@zash.se> parents: 1235 diff changeset	134 if #prepped_username == 0 then
59332e0bfbdc mod_register_web: Check for empty username Kim Alvefur <zash@zash.se> parents: 1235 diff changeset	135 return nil, "The username field was empty";
59332e0bfbdc mod_register_web: Check for empty username Kim Alvefur <zash@zash.se> parents: 1235 diff changeset	136 end
1229 12e3bc0fd6ed mod_register_web: Indentation fix Kim Alvefur <zash@zash.se> parents: 1228 diff changeset	137 if usermanager.user_exists(prepped_username, module.host) then
1230 f7c561fbd5a6 mod_register_web: Friendly error messages if the username is taken or failed nodeprep Kim Alvefur <zash@zash.se> parents: 1229 diff changeset	138 return nil, "Username already taken";
1229 12e3bc0fd6ed mod_register_web: Indentation fix Kim Alvefur <zash@zash.se> parents: 1228 diff changeset	139 end
2924 edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	140 local registering = { username = prepped_username , host = module.host, additional = form, ip = origin.conn:ip(), allowed = true }
1237 c669cb78b293 mod_register_web: Fire user-registering event like mod_register Kim Alvefur <zash@zash.se> parents: 1236 diff changeset	141 module:fire_event("user-registering", registering);
c669cb78b293 mod_register_web: Fire user-registering event like mod_register Kim Alvefur <zash@zash.se> parents: 1236 diff changeset	142 if not registering.allowed then
2923 9d53134a0b29 mod_register_web: Return reason for rejection if one was provided by another plugin during pre-registration checks Kim Alvefur <zash@zash.se> parents: 2922 diff changeset	143 return nil, registering.reason or "Registration not allowed";
1237 c669cb78b293 mod_register_web: Fire user-registering event like mod_register Kim Alvefur <zash@zash.se> parents: 1236 diff changeset	144 end
2924 edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	145 if confirm_password ~= password then
2733 c8161146c698 mod_register_web: Add password confirmation field Michel Le Bihan <michel@lebihan.pl> parents: 1778 diff changeset	146 return nil, "Passwords don't match";
c8161146c698 mod_register_web: Add password confirmation field Michel Le Bihan <michel@lebihan.pl> parents: 1778 diff changeset	147 end
2924 edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	148 local ok, err = usermanager.create_user(prepped_username, password, module.host);
1232 12f59489ef6e mod_register_web: Fire user-registered event Kim Alvefur <zash@zash.se> parents: 1231 diff changeset	149 if ok then
2929 3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	150 jid = prepped_username.."@"..module.host
1235 9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	151 local extra_data = {};
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	152 for field in pairs(extra_fields) do
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	153 local field_value = form[field];
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	154 if field_value and #field_value > 0 then
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	155 extra_data[field] = field_value;
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	156 end
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	157 end
1238 752285859607 mod_register_web: Use correct variables Kim Alvefur <zash@zash.se> parents: 1237 diff changeset	158 if next(extra_data) ~= nil then
1235 9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	159 datamanager.store(prepped_username, module.host, "account_details", extra_data);
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	160 end
1232 12f59489ef6e mod_register_web: Fire user-registered event Kim Alvefur <zash@zash.se> parents: 1231 diff changeset	161 module:fire_event("user-registered", {
12f59489ef6e mod_register_web: Fire user-registered event Kim Alvefur <zash@zash.se> parents: 1231 diff changeset	162 username = prepped_username,
12f59489ef6e mod_register_web: Fire user-registered event Kim Alvefur <zash@zash.se> parents: 1231 diff changeset	163 host = module.host,
1320 e670d4cc5027 mod_register_web: Pass request around so IP address can be reported Kim Alvefur <zash@zash.se> parents: 1247 diff changeset	164 source = module.name,
e670d4cc5027 mod_register_web: Pass request around so IP address can be reported Kim Alvefur <zash@zash.se> parents: 1247 diff changeset	165 ip = origin.conn:ip(),
1232 12f59489ef6e mod_register_web: Fire user-registered event Kim Alvefur <zash@zash.se> parents: 1231 diff changeset	166 });
12f59489ef6e mod_register_web: Fire user-registered event Kim Alvefur <zash@zash.se> parents: 1231 diff changeset	167 end
2929 3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	168 return jid, err;
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	169 end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	170
2929 3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	171 function generate_success(event, jid)
3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	172 return render(success_tpl, { jid = jid });
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	173 end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	174
2929 3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	175 function generate_register_response(event, jid, err)
1618 c56baec031e8 mod_register_web: Send Content-Type headers Kim Alvefur <zash@zash.se> parents: 1572 diff changeset	176 event.response.headers.content_type = "text/html; charset=utf-8";
2929 3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	177 if jid then
3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	178 return generate_success(event, jid);
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	179 else
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	180 return generate_page(event, { register_error = err });
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	181 end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	182 end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	183
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	184 function handle_form(event)
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	185 local request, response = event.request, event.response;
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	186 local form = http.formdecode(request.body);
1234 da39ba4047a7 mod_register_web: Pass request to captcha handler Kim Alvefur <zash@zash.se> parents: 1233 diff changeset	187 verify_captcha(request, form, function (ok, err)
1226 0667624637da mod_register_web: Split out recaptcha verification to a separate function Kim Alvefur <zash@zash.se> parents: 1225 diff changeset	188 if ok then
2929 3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	189 local jid, register_err = register_user(form, request);
3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	190 response:send(generate_register_response(event, jid, register_err));
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	191 else
1226 0667624637da mod_register_web: Split out recaptcha verification to a separate function Kim Alvefur <zash@zash.se> parents: 1225 diff changeset	192 response:send(generate_page(event, { register_error = err }));
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	193 end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	194 end);
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	195 return true; -- Leave connection open until we respond above
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	196 end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	197
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	198 module:provides("http", {
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	199 route = {
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	200 GET = generate_page;
1239 cc5cbeeb9fc7 mod_register_web: Handle URLs with a trailing slash Kim Alvefur <zash@zash.se> parents: 1238 diff changeset	201 ["GET /"] = generate_page;
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	202 POST = handle_form;
1239 cc5cbeeb9fc7 mod_register_web: Handle URLs with a trailing slash Kim Alvefur <zash@zash.se> parents: 1238 diff changeset	203 ["POST /"] = handle_form;
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	204 };
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	205 });

Mercurial > prosody-modules

annotate mod_register_web/mod_register_web.lua @ 3568:6b3181fe5617