prosody-modules: mod_register_web/mod_register

annotate mod_register_web/mod_register_web.lua @ 4203:c4002aae4ad3

mod_s2s_keepalive: Use timestamp as iq @id RFC 6120 implies that the id attribute must be unique within a stream. This should fix problems with remote servers that enforce uniqueness and don't answer duplicated ids. If it doesn't do that, then at least you can get a guesstimate at round-trip time from the difference between the result iq stanza and the timestamp it was logged without having to go look for when it was sent, or needing to keep state.

author	Kim Alvefur <zash@zash.se>
date	Wed, 14 Oct 2020 18:02:10 +0200
parents	cf3247ec5e01
children	95262bd1bcb2

rev	line source
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	1 local captcha_options = module:get_option("captcha_options", {});
746 03595194075a mod_register_web: nodeprep username before creating user (thanks IRON) Matthew Wild <mwild1@gmail.com> parents: 653 diff changeset	2 local nodeprep = require "util.encodings".stringprep.nodeprep;
1225 a3766d3baacb mod_register_web: Import usermanager and util.http into locals Kim Alvefur <zash@zash.se> parents: 1223 diff changeset	3 local usermanager = require "core.usermanager";
2739 7d864a03b509 mod_register_web: Import missing datamanager Michel Le Bihan <michel@lebihan.pl> parents: 2733 diff changeset	4 local datamanager = require "util.datamanager";
1247 34fbe58d19da mod_register_web: Use net.http instead of util.http, as we need to make requests (thanks dustin) Matthew Wild <mwild1@gmail.com> parents: 1239 diff changeset	5 local http = require "net.http";
1459 742f3dc601b5 mod_register_web: Use path separator from package.config Kim Alvefur <zash@zash.se> parents: 1320 diff changeset	6 local path_sep = package.config:sub(1,1);
1778 32604bf33a4c mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google. Thijs Alkemade <me@thijsalkema.de> parents: 1618 diff changeset	7 local json = require "util.json".decode;
32604bf33a4c mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google. Thijs Alkemade <me@thijsalkema.de> parents: 1618 diff changeset	8 local t_concat = table.concat;
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	9
3372 866167118d23 mod_register_web: Add soft dependency on mod_register_limits (0.11+) Kim Alvefur <zash@zash.se> parents: 2999 diff changeset	10 pcall(function ()
866167118d23 mod_register_web: Add soft dependency on mod_register_limits (0.11+) Kim Alvefur <zash@zash.se> parents: 2999 diff changeset	11 module:depends("register_limits");
866167118d23 mod_register_web: Add soft dependency on mod_register_limits (0.11+) Kim Alvefur <zash@zash.se> parents: 2999 diff changeset	12 end);
866167118d23 mod_register_web: Add soft dependency on mod_register_limits (0.11+) Kim Alvefur <zash@zash.se> parents: 2999 diff changeset	13
1460 5e1f7af23cf0 mod_register_web: Add dependency on mod_http Kim Alvefur <zash@zash.se> parents: 1459 diff changeset	14 module:depends"http";
5e1f7af23cf0 mod_register_web: Add dependency on mod_http Kim Alvefur <zash@zash.se> parents: 1459 diff changeset	15
1235 9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	16 local extra_fields = {
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	17 nick = true; name = true; first = true; last = true; email = true;
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	18 address = true; city = true; state = true; zip = true;
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	19 phone = true; url = true; date = true;
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	20 }
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	21
1572 1aa894db3585 mod_register_web: Add option for specifying path to templates Kim Alvefur <zash@zash.se> parents: 1460 diff changeset	22 local template_path = module:get_option_string("register_web_template", "templates");
1227 6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	23 function template(data)
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	24 -- Like util.template, but deals with plain text
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	25 return { apply = function(values) return (data:gsub("{([^}]+)}", values)); end }
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	26 end
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	27
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	28 local function get_template(name)
1572 1aa894db3585 mod_register_web: Add option for specifying path to templates Kim Alvefur <zash@zash.se> parents: 1460 diff changeset	29 local fh = assert(module:load_resource(template_path..path_sep..name..".html"));
1227 6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	30 local data = assert(fh:read("*a"));
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	31 fh:close();
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	32 return template(data);
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	33 end
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	34
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	35 local function render(template, data)
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	36 return tostring(template.apply(data));
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	37 end
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	38
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	39 local register_tpl = get_template "register";
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	40 local success_tpl = get_template "success";
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	41
3724 1c3c7d73c5a6 mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian) Kim Alvefur <zash@zash.se> parents: 3679 diff changeset	42 -- COMPAT `or request.conn:ip()`
1c3c7d73c5a6 mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian) Kim Alvefur <zash@zash.se> parents: 3679 diff changeset	43
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	44 if next(captcha_options) ~= nil then
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	45 local recaptcha_tpl = get_template "recaptcha";
1227 6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	46
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	47 function generate_captcha(display_options)
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	48 return recaptcha_tpl.apply(setmetatable({
2740 57d4680b86a4 mod_register_web: Normalize indentation [luacheck] Kim Alvefur <zash@zash.se> parents: 2739 diff changeset	49 recaptcha_display_error = display_options and display_options.recaptcha_error
57d4680b86a4 mod_register_web: Normalize indentation [luacheck] Kim Alvefur <zash@zash.se> parents: 2739 diff changeset	50 and ("&error="..display_options.recaptcha_error) or "";
57d4680b86a4 mod_register_web: Normalize indentation [luacheck] Kim Alvefur <zash@zash.se> parents: 2739 diff changeset	51 }, {
2925 049975800d1c mod_register_web: Remove unused variables [luacheck] Kim Alvefur <zash@zash.se> parents: 2924 diff changeset	52 __index = function (_, k)
2740 57d4680b86a4 mod_register_web: Normalize indentation [luacheck] Kim Alvefur <zash@zash.se> parents: 2739 diff changeset	53 if captcha_options[k] then return captcha_options[k]; end
57d4680b86a4 mod_register_web: Normalize indentation [luacheck] Kim Alvefur <zash@zash.se> parents: 2739 diff changeset	54 module:log("error", "Missing parameter from captcha_options: %s", k);
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	55 end
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	56 }));
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	57 end
1234 da39ba4047a7 mod_register_web: Pass request to captcha handler Kim Alvefur <zash@zash.se> parents: 1233 diff changeset	58 function verify_captcha(request, form, callback)
1778 32604bf33a4c mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google. Thijs Alkemade <me@thijsalkema.de> parents: 1618 diff changeset	59 http.request("https://www.google.com/recaptcha/api/siteverify", {
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	60 body = http.formencode {
1778 32604bf33a4c mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google. Thijs Alkemade <me@thijsalkema.de> parents: 1618 diff changeset	61 secret = captcha_options.recaptcha_private_key;
3724 1c3c7d73c5a6 mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian) Kim Alvefur <zash@zash.se> parents: 3679 diff changeset	62 remoteip = request.ip or request.conn:ip();
1778 32604bf33a4c mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google. Thijs Alkemade <me@thijsalkema.de> parents: 1618 diff changeset	63 response = form["g-recaptcha-response"];
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	64 };
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	65 }, function (verify_result, code)
1778 32604bf33a4c mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google. Thijs Alkemade <me@thijsalkema.de> parents: 1618 diff changeset	66 local result = json(verify_result);
2999 d631fd9a3300 mod_register_web: Handle errors contacting upstream API Matthew Wild <mwild1@gmail.com> parents: 2929 diff changeset	67 if not result then
d631fd9a3300 mod_register_web: Handle errors contacting upstream API Matthew Wild <mwild1@gmail.com> parents: 2929 diff changeset	68 module:log("warn", "Unable to decode response from recaptcha: [%d] %s", code, verify_result);
d631fd9a3300 mod_register_web: Handle errors contacting upstream API Matthew Wild <mwild1@gmail.com> parents: 2929 diff changeset	69 callback(false, "Captcha API error");
d631fd9a3300 mod_register_web: Handle errors contacting upstream API Matthew Wild <mwild1@gmail.com> parents: 2929 diff changeset	70 elseif result.success == true then
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	71 callback(true);
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	72 else
1778 32604bf33a4c mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google. Thijs Alkemade <me@thijsalkema.de> parents: 1618 diff changeset	73 callback(false, t_concat(result["error-codes"]));
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	74 end
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	75 end);
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	76 end
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	77 else
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	78 module:log("debug", "No Recaptcha options set, using fallback captcha")
1231 502ce9672eae mod_register_web: Use local Kim Alvefur <zash@zash.se> parents: 1230 diff changeset	79 local random = math.random;
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	80 local hmac_sha1 = require "util.hashes".hmac_sha1;
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	81 local secret = require "util.uuid".generate()
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	82 local ops = { '+', '-' };
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	83 local captcha_tpl = get_template "simplecaptcha";
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	84 function generate_captcha()
1231 502ce9672eae mod_register_web: Use local Kim Alvefur <zash@zash.se> parents: 1230 diff changeset	85 local op = ops[random(1, #ops)];
502ce9672eae mod_register_web: Use local Kim Alvefur <zash@zash.se> parents: 1230 diff changeset	86 local x, y = random(1, 9)
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	87 repeat
1231 502ce9672eae mod_register_web: Use local Kim Alvefur <zash@zash.se> parents: 1230 diff changeset	88 y = random(1, 9);
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	89 until x ~= y;
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	90 local answer;
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	91 if op == '+' then
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	92 answer = x + y;
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	93 elseif op == '-' then
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	94 if x < y then
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	95 -- Avoid negative numbers
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	96 x, y = y, x;
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	97 end
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	98 answer = x - y;
1227 6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	99 end
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	100 local challenge = hmac_sha1(secret, answer, true);
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	101 return captcha_tpl.apply {
db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	102 op = op, x = x, y = y, challenge = challenge;
1226 0667624637da mod_register_web: Split out recaptcha verification to a separate function Kim Alvefur <zash@zash.se> parents: 1225 diff changeset	103 };
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	104 end
1234 da39ba4047a7 mod_register_web: Pass request to captcha handler Kim Alvefur <zash@zash.se> parents: 1233 diff changeset	105 function verify_captcha(request, form, callback)
3679 f9a93d7b6c50 mod_register_web: Fix traceback if captcha_reply is left out of the form (thanks woffs) Kim Alvefur <zash@zash.se> parents: 3372 diff changeset	106 if hmac_sha1(secret, form.captcha_reply or "", true) == form.captcha_challenge then
1226 0667624637da mod_register_web: Split out recaptcha verification to a separate function Kim Alvefur <zash@zash.se> parents: 1225 diff changeset	107 callback(true);
0667624637da mod_register_web: Split out recaptcha verification to a separate function Kim Alvefur <zash@zash.se> parents: 1225 diff changeset	108 else
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	109 callback(false, "Captcha verification failed");
1226 0667624637da mod_register_web: Split out recaptcha verification to a separate function Kim Alvefur <zash@zash.se> parents: 1225 diff changeset	110 end
1228 db85ff22ae97 mod_register_web: Add a simple fallback captcha Kim Alvefur <zash@zash.se> parents: 1227 diff changeset	111 end
1226 0667624637da mod_register_web: Split out recaptcha verification to a separate function Kim Alvefur <zash@zash.se> parents: 1225 diff changeset	112 end
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	113
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	114 function generate_page(event, display_options)
1618 c56baec031e8 mod_register_web: Send Content-Type headers Kim Alvefur <zash@zash.se> parents: 1572 diff changeset	115 local request, response = event.request, event.response;
1227 6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	116
1618 c56baec031e8 mod_register_web: Send Content-Type headers Kim Alvefur <zash@zash.se> parents: 1572 diff changeset	117 response.headers.content_type = "text/html; charset=utf-8";
1227 6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	118 return render(register_tpl, {
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	119 path = request.path; hostname = module.host;
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	120 notice = display_options and display_options.register_error or "";
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	121 captcha = generate_captcha(display_options);
6015434f0e05 mod_register_web: Move HTML into separate template files Kim Alvefur <zash@zash.se> parents: 1226 diff changeset	122 })
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	123 end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	124
1320 e670d4cc5027 mod_register_web: Pass request around so IP address can be reported Kim Alvefur <zash@zash.se> parents: 1247 diff changeset	125 function register_user(form, origin)
2924 edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	126 local username = form.username;
edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	127 local password = form.password;
edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	128 local confirm_password = form.confirm_password;
2929 3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	129 local jid = nil;
2924 edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	130 form.username, form.password, form.confirm_password = nil, nil, nil;
edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	131
3725 19e43b7a969d mod_register_web: Enforce strict username validation (on trunk, ignored otherwise) Kim Alvefur <zash@zash.se> parents: 3724 diff changeset	132 local prepped_username = nodeprep(username, true);
1230 f7c561fbd5a6 mod_register_web: Friendly error messages if the username is taken or failed nodeprep Kim Alvefur <zash@zash.se> parents: 1229 diff changeset	133 if not prepped_username then
f7c561fbd5a6 mod_register_web: Friendly error messages if the username is taken or failed nodeprep Kim Alvefur <zash@zash.se> parents: 1229 diff changeset	134 return nil, "Username contains forbidden characters";
f7c561fbd5a6 mod_register_web: Friendly error messages if the username is taken or failed nodeprep Kim Alvefur <zash@zash.se> parents: 1229 diff changeset	135 end
1236 59332e0bfbdc mod_register_web: Check for empty username Kim Alvefur <zash@zash.se> parents: 1235 diff changeset	136 if #prepped_username == 0 then
59332e0bfbdc mod_register_web: Check for empty username Kim Alvefur <zash@zash.se> parents: 1235 diff changeset	137 return nil, "The username field was empty";
59332e0bfbdc mod_register_web: Check for empty username Kim Alvefur <zash@zash.se> parents: 1235 diff changeset	138 end
1229 12e3bc0fd6ed mod_register_web: Indentation fix Kim Alvefur <zash@zash.se> parents: 1228 diff changeset	139 if usermanager.user_exists(prepped_username, module.host) then
1230 f7c561fbd5a6 mod_register_web: Friendly error messages if the username is taken or failed nodeprep Kim Alvefur <zash@zash.se> parents: 1229 diff changeset	140 return nil, "Username already taken";
1229 12e3bc0fd6ed mod_register_web: Indentation fix Kim Alvefur <zash@zash.se> parents: 1228 diff changeset	141 end
3724 1c3c7d73c5a6 mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian) Kim Alvefur <zash@zash.se> parents: 3679 diff changeset	142 local registering = { username = prepped_username , host = module.host, additional = form, ip = origin.ip or origin.conn:ip(), allowed = true }
1237 c669cb78b293 mod_register_web: Fire user-registering event like mod_register Kim Alvefur <zash@zash.se> parents: 1236 diff changeset	143 module:fire_event("user-registering", registering);
c669cb78b293 mod_register_web: Fire user-registering event like mod_register Kim Alvefur <zash@zash.se> parents: 1236 diff changeset	144 if not registering.allowed then
2923 9d53134a0b29 mod_register_web: Return reason for rejection if one was provided by another plugin during pre-registration checks Kim Alvefur <zash@zash.se> parents: 2922 diff changeset	145 return nil, registering.reason or "Registration not allowed";
1237 c669cb78b293 mod_register_web: Fire user-registering event like mod_register Kim Alvefur <zash@zash.se> parents: 1236 diff changeset	146 end
2924 edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	147 if confirm_password ~= password then
2733 c8161146c698 mod_register_web: Add password confirmation field Michel Le Bihan <michel@lebihan.pl> parents: 1778 diff changeset	148 return nil, "Passwords don't match";
c8161146c698 mod_register_web: Add password confirmation field Michel Le Bihan <michel@lebihan.pl> parents: 1778 diff changeset	149 end
2924 edf5e8a77d0c mod_register_web: Remove username and password from form data and provide the rest in pre-registration event Kim Alvefur <zash@zash.se> parents: 2923 diff changeset	150 local ok, err = usermanager.create_user(prepped_username, password, module.host);
1232 12f59489ef6e mod_register_web: Fire user-registered event Kim Alvefur <zash@zash.se> parents: 1231 diff changeset	151 if ok then
2929 3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	152 jid = prepped_username.."@"..module.host
1235 9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	153 local extra_data = {};
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	154 for field in pairs(extra_fields) do
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	155 local field_value = form[field];
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	156 if field_value and #field_value > 0 then
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	157 extra_data[field] = field_value;
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	158 end
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	159 end
1238 752285859607 mod_register_web: Use correct variables Kim Alvefur <zash@zash.se> parents: 1237 diff changeset	160 if next(extra_data) ~= nil then
1235 9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	161 datamanager.store(prepped_username, module.host, "account_details", extra_data);
9277e0a3922f mod_register_web: Support additional registration fields Kim Alvefur <zash@zash.se> parents: 1234 diff changeset	162 end
1232 12f59489ef6e mod_register_web: Fire user-registered event Kim Alvefur <zash@zash.se> parents: 1231 diff changeset	163 module:fire_event("user-registered", {
12f59489ef6e mod_register_web: Fire user-registered event Kim Alvefur <zash@zash.se> parents: 1231 diff changeset	164 username = prepped_username,
12f59489ef6e mod_register_web: Fire user-registered event Kim Alvefur <zash@zash.se> parents: 1231 diff changeset	165 host = module.host,
1320 e670d4cc5027 mod_register_web: Pass request around so IP address can be reported Kim Alvefur <zash@zash.se> parents: 1247 diff changeset	166 source = module.name,
3724 1c3c7d73c5a6 mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian) Kim Alvefur <zash@zash.se> parents: 3679 diff changeset	167 ip = origin.ip or origin.conn:ip(),
1232 12f59489ef6e mod_register_web: Fire user-registered event Kim Alvefur <zash@zash.se> parents: 1231 diff changeset	168 });
12f59489ef6e mod_register_web: Fire user-registered event Kim Alvefur <zash@zash.se> parents: 1231 diff changeset	169 end
2929 3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	170 return jid, err;
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	171 end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	172
2929 3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	173 function generate_success(event, jid)
3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	174 return render(success_tpl, { jid = jid });
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	175 end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	176
2929 3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	177 function generate_register_response(event, jid, err)
1618 c56baec031e8 mod_register_web: Send Content-Type headers Kim Alvefur <zash@zash.se> parents: 1572 diff changeset	178 event.response.headers.content_type = "text/html; charset=utf-8";
2929 3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	179 if jid then
3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	180 return generate_success(event, jid);
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	181 else
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	182 return generate_page(event, { register_error = err });
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	183 end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	184 end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	185
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	186 function handle_form(event)
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	187 local request, response = event.request, event.response;
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	188 local form = http.formdecode(request.body);
1234 da39ba4047a7 mod_register_web: Pass request to captcha handler Kim Alvefur <zash@zash.se> parents: 1233 diff changeset	189 verify_captcha(request, form, function (ok, err)
1226 0667624637da mod_register_web: Split out recaptcha verification to a separate function Kim Alvefur <zash@zash.se> parents: 1225 diff changeset	190 if ok then
2929 3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	191 local jid, register_err = register_user(form, request);
3a104a900af1 mod_register_web: Pass username to generate_register_response Michel Le Bihan <michel@lebihan.pl> parents: 2925 diff changeset	192 response:send(generate_register_response(event, jid, register_err));
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	193 else
1226 0667624637da mod_register_web: Split out recaptcha verification to a separate function Kim Alvefur <zash@zash.se> parents: 1225 diff changeset	194 response:send(generate_page(event, { register_error = err }));
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	195 end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	196 end);
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	197 return true; -- Leave connection open until we respond above
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	198 end
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	199
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	200 module:provides("http", {
3753 cf3247ec5e01 mod_register_web: Set a (configurable) HTTP app title Kim Alvefur <zash@zash.se> parents: 3725 diff changeset	201 title = module:get_option_string("register_web_title", "Account Registration");
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	202 route = {
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	203 GET = generate_page;
1239 cc5cbeeb9fc7 mod_register_web: Handle URLs with a trailing slash Kim Alvefur <zash@zash.se> parents: 1238 diff changeset	204 ["GET /"] = generate_page;
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	205 POST = handle_form;
1239 cc5cbeeb9fc7 mod_register_web: Handle URLs with a trailing slash Kim Alvefur <zash@zash.se> parents: 1238 diff changeset	206 ["POST /"] = handle_form;
653 c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	207 };
c08b0e4b7b38 mod_register_web: Extremely rough web registration page, with captcha Matthew Wild <mwild1@gmail.com> parents: diff changeset	208 });

Mercurial > prosody-modules

annotate mod_register_web/mod_register_web.lua @ 4203:c4002aae4ad3