Mercurial > prosody-modules
annotate mod_register_web/mod_register_web.lua @ 5243:d5dc8edb2695
mod_http_oauth2: Use more compact IDs
UUIDs are nice but so verbose!
The reduction in entropy for the nonce should be fine since the
timestamp is also counts towards this, and it changes every second
(modulo clock shenanigans), so the chances of someone managing to get
the same client_secret by registering with the same information at the
same time as another entity should be negligible.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 11 Mar 2023 22:46:27 +0100 |
parents | 95262bd1bcb2 |
children |
rev | line source |
---|---|
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 local captcha_options = module:get_option("captcha_options", {}); |
746
03595194075a
mod_register_web: nodeprep username before creating user (thanks IRON)
Matthew Wild <mwild1@gmail.com>
parents:
653
diff
changeset
|
2 local nodeprep = require "util.encodings".stringprep.nodeprep; |
1225
a3766d3baacb
mod_register_web: Import usermanager and util.http into locals
Kim Alvefur <zash@zash.se>
parents:
1223
diff
changeset
|
3 local usermanager = require "core.usermanager"; |
2739
7d864a03b509
mod_register_web: Import missing datamanager
Michel Le Bihan <michel@lebihan.pl>
parents:
2733
diff
changeset
|
4 local datamanager = require "util.datamanager"; |
1247
34fbe58d19da
mod_register_web: Use net.http instead of util.http, as we need to make requests (thanks dustin)
Matthew Wild <mwild1@gmail.com>
parents:
1239
diff
changeset
|
5 local http = require "net.http"; |
1459
742f3dc601b5
mod_register_web: Use path separator from package.config
Kim Alvefur <zash@zash.se>
parents:
1320
diff
changeset
|
6 local path_sep = package.config:sub(1,1); |
1778
32604bf33a4c
mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google.
Thijs Alkemade <me@thijsalkema.de>
parents:
1618
diff
changeset
|
7 local json = require "util.json".decode; |
32604bf33a4c
mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google.
Thijs Alkemade <me@thijsalkema.de>
parents:
1618
diff
changeset
|
8 local t_concat = table.concat; |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
3372
866167118d23
mod_register_web: Add soft dependency on mod_register_limits (0.11+)
Kim Alvefur <zash@zash.se>
parents:
2999
diff
changeset
|
10 pcall(function () |
866167118d23
mod_register_web: Add soft dependency on mod_register_limits (0.11+)
Kim Alvefur <zash@zash.se>
parents:
2999
diff
changeset
|
11 module:depends("register_limits"); |
866167118d23
mod_register_web: Add soft dependency on mod_register_limits (0.11+)
Kim Alvefur <zash@zash.se>
parents:
2999
diff
changeset
|
12 end); |
866167118d23
mod_register_web: Add soft dependency on mod_register_limits (0.11+)
Kim Alvefur <zash@zash.se>
parents:
2999
diff
changeset
|
13 |
1460
5e1f7af23cf0
mod_register_web: Add dependency on mod_http
Kim Alvefur <zash@zash.se>
parents:
1459
diff
changeset
|
14 module:depends"http"; |
5e1f7af23cf0
mod_register_web: Add dependency on mod_http
Kim Alvefur <zash@zash.se>
parents:
1459
diff
changeset
|
15 |
1235
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
16 local extra_fields = { |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
17 nick = true; name = true; first = true; last = true; email = true; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
18 address = true; city = true; state = true; zip = true; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
19 phone = true; url = true; date = true; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
20 } |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
21 |
1572
1aa894db3585
mod_register_web: Add option for specifying path to templates
Kim Alvefur <zash@zash.se>
parents:
1460
diff
changeset
|
22 local template_path = module:get_option_string("register_web_template", "templates"); |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
23 function template(data) |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
24 -- Like util.template, but deals with plain text |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
25 return { apply = function(values) return (data:gsub("{([^}]+)}", values)); end } |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
26 end |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
27 |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
28 local function get_template(name) |
1572
1aa894db3585
mod_register_web: Add option for specifying path to templates
Kim Alvefur <zash@zash.se>
parents:
1460
diff
changeset
|
29 local fh = assert(module:load_resource(template_path..path_sep..name..".html")); |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
30 local data = assert(fh:read("*a")); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
31 fh:close(); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
32 return template(data); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
33 end |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
34 |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
35 local function render(template, data) |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
36 return tostring(template.apply(data)); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
37 end |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
38 |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
39 local register_tpl = get_template "register"; |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
40 local success_tpl = get_template "success"; |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
41 |
3724
1c3c7d73c5a6
mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian)
Kim Alvefur <zash@zash.se>
parents:
3679
diff
changeset
|
42 -- COMPAT `or request.conn:ip()` |
1c3c7d73c5a6
mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian)
Kim Alvefur <zash@zash.se>
parents:
3679
diff
changeset
|
43 |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
44 if next(captcha_options) ~= nil then |
4440
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
45 local provider = captcha_options.provider; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
46 if provider == nil or provider == "recaptcha" then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
47 local recaptcha_tpl = get_template "recaptcha"; |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
48 |
4440
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
49 function generate_captcha(display_options) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
50 return recaptcha_tpl.apply(setmetatable({ |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
51 recaptcha_display_error = display_options and display_options.recaptcha_error |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
52 and ("&error="..display_options.recaptcha_error) or ""; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
53 }, { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
54 __index = function (_, k) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
55 if captcha_options[k] then return captcha_options[k]; end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
56 module:log("error", "Missing parameter from captcha_options: %s", k); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
57 end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
58 })); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
59 end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
60 function verify_captcha(request, form, callback) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
61 http.request("https://www.google.com/recaptcha/api/siteverify", { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
62 body = http.formencode { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
63 secret = captcha_options.recaptcha_private_key; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
64 remoteip = request.ip or request.conn:ip(); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
65 response = form["g-recaptcha-response"]; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
66 }; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
67 }, function (verify_result, code) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
68 local result = json(verify_result); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
69 if not result then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
70 module:log("warn", "Unable to decode response from recaptcha: [%d] %s", code, verify_result); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
71 callback(false, "Captcha API error"); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
72 elseif result.success == true then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
73 callback(true); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
74 else |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
75 callback(false, t_concat(result["error-codes"])); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
76 end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
77 end); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
78 end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
79 elseif provider == "hcaptcha" then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
80 local captcha_tpl = get_template "hcaptcha"; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
81 |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
82 function generate_captcha(display_options) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
83 return captcha_tpl.apply(setmetatable({ |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
84 captcha_display_error = display_options and display_options.captcha_error |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
85 and ("&error="..display_options.captcha_error) or ""; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
86 }, { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
87 __index = function (_, k) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
88 if captcha_options[k] then return captcha_options[k]; end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
89 module:log("error", "Missing parameter from captcha_options: %s", k); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
90 end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
91 })); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
92 end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
93 function verify_captcha(request, form, callback) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
94 http.request("https://hcaptcha.com/siteverify", { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
95 body = http.formencode { |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
96 secret = captcha_options.captcha_private_key; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
97 remoteip = request.ip or request.conn:ip(); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
98 response = form["h-captcha-response"]; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
99 }; |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
100 }, function (verify_result, code) |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
101 local result = json(verify_result); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
102 if not result then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
103 module:log("warn", "Unable to decode response from hcaptcha: [%d] %s", code, verify_result); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
104 callback(false, "Captcha API error"); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
105 elseif result.success == true then |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
106 callback(true); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
107 else |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
108 callback(false, t_concat(result["error-codes"])); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
109 end |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
110 end); |
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
111 end |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
112 end |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
113 else |
4440
95262bd1bcb2
mod_register_web: Add hCaptcha provider
Michel Le Bihan <michel@lebihan.pl>
parents:
3753
diff
changeset
|
114 module:log("debug", "No captcha options set, using fallback captcha") |
1231 | 115 local random = math.random; |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
116 local hmac_sha1 = require "util.hashes".hmac_sha1; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
117 local secret = require "util.uuid".generate() |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
118 local ops = { '+', '-' }; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
119 local captcha_tpl = get_template "simplecaptcha"; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
120 function generate_captcha() |
1231 | 121 local op = ops[random(1, #ops)]; |
122 local x, y = random(1, 9) | |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
123 repeat |
1231 | 124 y = random(1, 9); |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
125 until x ~= y; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
126 local answer; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
127 if op == '+' then |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
128 answer = x + y; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
129 elseif op == '-' then |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
130 if x < y then |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
131 -- Avoid negative numbers |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
132 x, y = y, x; |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
133 end |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
134 answer = x - y; |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
135 end |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
136 local challenge = hmac_sha1(secret, answer, true); |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
137 return captcha_tpl.apply { |
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
138 op = op, x = x, y = y, challenge = challenge; |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
139 }; |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
140 end |
1234
da39ba4047a7
mod_register_web: Pass request to captcha handler
Kim Alvefur <zash@zash.se>
parents:
1233
diff
changeset
|
141 function verify_captcha(request, form, callback) |
3679
f9a93d7b6c50
mod_register_web: Fix traceback if captcha_reply is left out of the form (thanks woffs)
Kim Alvefur <zash@zash.se>
parents:
3372
diff
changeset
|
142 if hmac_sha1(secret, form.captcha_reply or "", true) == form.captcha_challenge then |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
143 callback(true); |
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
144 else |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
145 callback(false, "Captcha verification failed"); |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
146 end |
1228
db85ff22ae97
mod_register_web: Add a simple fallback captcha
Kim Alvefur <zash@zash.se>
parents:
1227
diff
changeset
|
147 end |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
148 end |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
149 |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
150 function generate_page(event, display_options) |
1618
c56baec031e8
mod_register_web: Send Content-Type headers
Kim Alvefur <zash@zash.se>
parents:
1572
diff
changeset
|
151 local request, response = event.request, event.response; |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
152 |
1618
c56baec031e8
mod_register_web: Send Content-Type headers
Kim Alvefur <zash@zash.se>
parents:
1572
diff
changeset
|
153 response.headers.content_type = "text/html; charset=utf-8"; |
1227
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
154 return render(register_tpl, { |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
155 path = request.path; hostname = module.host; |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
156 notice = display_options and display_options.register_error or ""; |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
157 captcha = generate_captcha(display_options); |
6015434f0e05
mod_register_web: Move HTML into separate template files
Kim Alvefur <zash@zash.se>
parents:
1226
diff
changeset
|
158 }) |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
159 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
160 |
1320
e670d4cc5027
mod_register_web: Pass request around so IP address can be reported
Kim Alvefur <zash@zash.se>
parents:
1247
diff
changeset
|
161 function register_user(form, origin) |
2924
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2923
diff
changeset
|
162 local username = form.username; |
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2923
diff
changeset
|
163 local password = form.password; |
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2923
diff
changeset
|
164 local confirm_password = form.confirm_password; |
2929
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
165 local jid = nil; |
2924
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2923
diff
changeset
|
166 form.username, form.password, form.confirm_password = nil, nil, nil; |
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2923
diff
changeset
|
167 |
3725
19e43b7a969d
mod_register_web: Enforce strict username validation (on trunk, ignored otherwise)
Kim Alvefur <zash@zash.se>
parents:
3724
diff
changeset
|
168 local prepped_username = nodeprep(username, true); |
1230
f7c561fbd5a6
mod_register_web: Friendly error messages if the username is taken or failed nodeprep
Kim Alvefur <zash@zash.se>
parents:
1229
diff
changeset
|
169 if not prepped_username then |
f7c561fbd5a6
mod_register_web: Friendly error messages if the username is taken or failed nodeprep
Kim Alvefur <zash@zash.se>
parents:
1229
diff
changeset
|
170 return nil, "Username contains forbidden characters"; |
f7c561fbd5a6
mod_register_web: Friendly error messages if the username is taken or failed nodeprep
Kim Alvefur <zash@zash.se>
parents:
1229
diff
changeset
|
171 end |
1236
59332e0bfbdc
mod_register_web: Check for empty username
Kim Alvefur <zash@zash.se>
parents:
1235
diff
changeset
|
172 if #prepped_username == 0 then |
59332e0bfbdc
mod_register_web: Check for empty username
Kim Alvefur <zash@zash.se>
parents:
1235
diff
changeset
|
173 return nil, "The username field was empty"; |
59332e0bfbdc
mod_register_web: Check for empty username
Kim Alvefur <zash@zash.se>
parents:
1235
diff
changeset
|
174 end |
1229
12e3bc0fd6ed
mod_register_web: Indentation fix
Kim Alvefur <zash@zash.se>
parents:
1228
diff
changeset
|
175 if usermanager.user_exists(prepped_username, module.host) then |
1230
f7c561fbd5a6
mod_register_web: Friendly error messages if the username is taken or failed nodeprep
Kim Alvefur <zash@zash.se>
parents:
1229
diff
changeset
|
176 return nil, "Username already taken"; |
1229
12e3bc0fd6ed
mod_register_web: Indentation fix
Kim Alvefur <zash@zash.se>
parents:
1228
diff
changeset
|
177 end |
3724
1c3c7d73c5a6
mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian)
Kim Alvefur <zash@zash.se>
parents:
3679
diff
changeset
|
178 local registering = { username = prepped_username , host = module.host, additional = form, ip = origin.ip or origin.conn:ip(), allowed = true } |
1237
c669cb78b293
mod_register_web: Fire user-registering event like mod_register
Kim Alvefur <zash@zash.se>
parents:
1236
diff
changeset
|
179 module:fire_event("user-registering", registering); |
c669cb78b293
mod_register_web: Fire user-registering event like mod_register
Kim Alvefur <zash@zash.se>
parents:
1236
diff
changeset
|
180 if not registering.allowed then |
2923
9d53134a0b29
mod_register_web: Return reason for rejection if one was provided by another plugin during pre-registration checks
Kim Alvefur <zash@zash.se>
parents:
2922
diff
changeset
|
181 return nil, registering.reason or "Registration not allowed"; |
1237
c669cb78b293
mod_register_web: Fire user-registering event like mod_register
Kim Alvefur <zash@zash.se>
parents:
1236
diff
changeset
|
182 end |
2924
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2923
diff
changeset
|
183 if confirm_password ~= password then |
2733
c8161146c698
mod_register_web: Add password confirmation field
Michel Le Bihan <michel@lebihan.pl>
parents:
1778
diff
changeset
|
184 return nil, "Passwords don't match"; |
c8161146c698
mod_register_web: Add password confirmation field
Michel Le Bihan <michel@lebihan.pl>
parents:
1778
diff
changeset
|
185 end |
2924
edf5e8a77d0c
mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
Kim Alvefur <zash@zash.se>
parents:
2923
diff
changeset
|
186 local ok, err = usermanager.create_user(prepped_username, password, module.host); |
1232
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
187 if ok then |
2929
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
188 jid = prepped_username.."@"..module.host |
1235
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
189 local extra_data = {}; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
190 for field in pairs(extra_fields) do |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
191 local field_value = form[field]; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
192 if field_value and #field_value > 0 then |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
193 extra_data[field] = field_value; |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
194 end |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
195 end |
1238
752285859607
mod_register_web: Use correct variables
Kim Alvefur <zash@zash.se>
parents:
1237
diff
changeset
|
196 if next(extra_data) ~= nil then |
1235
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
197 datamanager.store(prepped_username, module.host, "account_details", extra_data); |
9277e0a3922f
mod_register_web: Support additional registration fields
Kim Alvefur <zash@zash.se>
parents:
1234
diff
changeset
|
198 end |
1232
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
199 module:fire_event("user-registered", { |
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
200 username = prepped_username, |
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
201 host = module.host, |
1320
e670d4cc5027
mod_register_web: Pass request around so IP address can be reported
Kim Alvefur <zash@zash.se>
parents:
1247
diff
changeset
|
202 source = module.name, |
3724
1c3c7d73c5a6
mod_register_web: Fix to use real client IP in case of proxy forwarding (thanks Sebastian)
Kim Alvefur <zash@zash.se>
parents:
3679
diff
changeset
|
203 ip = origin.ip or origin.conn:ip(), |
1232
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
204 }); |
12f59489ef6e
mod_register_web: Fire user-registered event
Kim Alvefur <zash@zash.se>
parents:
1231
diff
changeset
|
205 end |
2929
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
206 return jid, err; |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
207 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
208 |
2929
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
209 function generate_success(event, jid) |
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
210 return render(success_tpl, { jid = jid }); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
211 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
212 |
2929
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
213 function generate_register_response(event, jid, err) |
1618
c56baec031e8
mod_register_web: Send Content-Type headers
Kim Alvefur <zash@zash.se>
parents:
1572
diff
changeset
|
214 event.response.headers.content_type = "text/html; charset=utf-8"; |
2929
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
215 if jid then |
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
216 return generate_success(event, jid); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
217 else |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
218 return generate_page(event, { register_error = err }); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
219 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
220 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
221 |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
222 function handle_form(event) |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
223 local request, response = event.request, event.response; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
224 local form = http.formdecode(request.body); |
1234
da39ba4047a7
mod_register_web: Pass request to captcha handler
Kim Alvefur <zash@zash.se>
parents:
1233
diff
changeset
|
225 verify_captcha(request, form, function (ok, err) |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
226 if ok then |
2929
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
227 local jid, register_err = register_user(form, request); |
3a104a900af1
mod_register_web: Pass username to generate_register_response
Michel Le Bihan <michel@lebihan.pl>
parents:
2925
diff
changeset
|
228 response:send(generate_register_response(event, jid, register_err)); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
229 else |
1226
0667624637da
mod_register_web: Split out recaptcha verification to a separate function
Kim Alvefur <zash@zash.se>
parents:
1225
diff
changeset
|
230 response:send(generate_page(event, { register_error = err })); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
231 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
232 end); |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
233 return true; -- Leave connection open until we respond above |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
234 end |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
235 |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
236 module:provides("http", { |
3753
cf3247ec5e01
mod_register_web: Set a (configurable) HTTP app title
Kim Alvefur <zash@zash.se>
parents:
3725
diff
changeset
|
237 title = module:get_option_string("register_web_title", "Account Registration"); |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
238 route = { |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
239 GET = generate_page; |
1239
cc5cbeeb9fc7
mod_register_web: Handle URLs with a trailing slash
Kim Alvefur <zash@zash.se>
parents:
1238
diff
changeset
|
240 ["GET /"] = generate_page; |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
241 POST = handle_form; |
1239
cc5cbeeb9fc7
mod_register_web: Handle URLs with a trailing slash
Kim Alvefur <zash@zash.se>
parents:
1238
diff
changeset
|
242 ["POST /"] = handle_form; |
653
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
243 }; |
c08b0e4b7b38
mod_register_web: Extremely rough web registration page, with captcha
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
244 }); |