annotate mod_c2s_limit_sessions/mod_c2s_limit_sessions.lua @ 5694:8afa0fb8a73e

mod_client_management: Report on longest lived token when grant does not expire E.g. for mod_http_oauth2 where by default the grant itself is unlimited, while refresh tokens are issued with one week lifetime, but are renewed with each use.
author Kim Alvefur <zash@zash.se>
date Fri, 10 Nov 2023 00:26:17 +0100
parents f581210093a7
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1365
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 -- mod_c2s_limit_sessions
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 local next, count = next, require "util.iterators".count;
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 local max_resources = module:get_option_number("max_resources", 10);
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 local sessions = hosts[module.host].sessions;
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 module:hook("resource-bind", function(event)
1366
f581210093a7 mod_c2s_limit_sessions: Fix global access
Kim Alvefur <zash@zash.se>
parents: 1365
diff changeset
9 local session = event.session;
f581210093a7 mod_c2s_limit_sessions: Fix global access
Kim Alvefur <zash@zash.se>
parents: 1365
diff changeset
10 if count(next, sessions[session.username].sessions) > max_resources then
1365
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 session:close{ condition = "policy-violation", text = "Too many resources" };
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 return false
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 end
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 end, -1);