prosody-modules: mod_c2s_limit_sessions/mod_c2s_limit

annotate mod_c2s_limit_sessions/mod_c2s_limit_sessions.lua @ 5264:d3ebaef1ea7a

mod_http_oauth2: Correctly verify OAuth client credentials on revocation Makes no sense to validate against username and password here, or using a token to revoke another token, or itself? In fact, upon further discussion, why do you need credentials to revoke a token? If you are not supposed to have the token, revoking it seems the most responsible thing to do with it, so it should be allowed, while if you are supposed to have it, you should be allowed to revoke it.

author	Kim Alvefur <zash@zash.se>
date	Tue, 21 Mar 2023 21:57:18 +0100
parents	f581210093a7
children

rev	line source
1365 ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	1 -- mod_c2s_limit_sessions
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	2
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	3 local next, count = next, require "util.iterators".count;
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	4
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	5 local max_resources = module:get_option_number("max_resources", 10);
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	6
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	7 local sessions = hosts[module.host].sessions;
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	8 module:hook("resource-bind", function(event)
1366 f581210093a7 mod_c2s_limit_sessions: Fix global access Kim Alvefur <zash@zash.se> parents: 1365 diff changeset	9 local session = event.session;
f581210093a7 mod_c2s_limit_sessions: Fix global access Kim Alvefur <zash@zash.se> parents: 1365 diff changeset	10 if count(next, sessions[session.username].sessions) > max_resources then
1365 ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	11 session:close{ condition = "policy-violation", text = "Too many resources" };
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	12 return false
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	13 end
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	14 end, -1);

Mercurial > prosody-modules

annotate mod_c2s_limit_sessions/mod_c2s_limit_sessions.lua @ 5264:d3ebaef1ea7a