Mercurial > prosody-modules
comparison mod_adhoc_account_management/mod_adhoc_account_management.lua @ 1090:1aa48916eb8b
mod_adhoc_account_management: Initial commit of module meant to let user manage their accounts.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 28 Jun 2013 03:22:48 +0200 |
| parents | |
| children | c6dd65354db0 |
comparison
equal
deleted
inserted
replaced
| 1089:4057f176be7b | 1090:1aa48916eb8b |
|---|---|
| 1 local dataforms_new = require "util.dataforms".new; | |
| 2 local usermanager_set_password = require "core.usermanager".set_password; | |
| 3 local usermanager_test_password = require "core.usermanager".test_password; | |
| 4 local jid_split = require"util.jid".split; | |
| 5 local close_others = module:get_option_boolean("close_sessions_on_password_change", true) | |
| 6 local require_confirm = module:get_option_boolean("require_confirm_password", true) | |
| 7 local require_current = module:get_option_boolean("require_current_password", true) | |
| 8 | |
| 9 local change_password_layout = { | |
| 10 title = "Changing Your Password"; | |
| 11 instructions = "Fill out this form to change a your password."; | |
| 12 | |
| 13 { | |
| 14 -- This is meta | |
| 15 name = "FORM_TYPE", | |
| 16 type = "hidden", | |
| 17 -- Reuses form type from XEP 77 | |
| 18 value = "jabber:iq:register:changepassword", | |
| 19 }; | |
| 20 { | |
| 21 name = "password", | |
| 22 type = "text-private", | |
| 23 required = true, | |
| 24 label = "New Password", | |
| 25 }; | |
| 26 }; | |
| 27 if require_confirm then | |
| 28 table.insert(change_password_layout, { | |
| 29 name = "password-confirm", | |
| 30 type = "text-private", | |
| 31 required = true, | |
| 32 label = "Confirm new password", | |
| 33 }); | |
| 34 end | |
| 35 if require_current then | |
| 36 table.insert(change_password_layout, 2, { | |
| 37 name = "password-current", | |
| 38 type = "text-private", | |
| 39 required = true, | |
| 40 label = "Current password", | |
| 41 }); | |
| 42 end | |
| 43 change_password_layout = dataforms_new(change_password_layout); | |
| 44 | |
| 45 function change_password_command_handler(self, data, state) | |
| 46 if not state then -- New session, send the form | |
| 47 return { status = "executing", actions = { "complete" }, form = change_password_layout }, true; | |
| 48 else | |
| 49 if data.action == "cancel" then | |
| 50 return { status = "canceled" }; | |
| 51 end | |
| 52 | |
| 53 -- Who are we talking to? | |
| 54 local username, hostname = jid_split(data.from); | |
| 55 if not username or hostname ~= module.host then | |
| 56 return { status = "error", error = { type = "cancel", | |
| 57 condition = "forbidden", message = "Invalid user or hostname." } }; | |
| 58 end | |
| 59 | |
| 60 -- Extract data from the form | |
| 61 local fields = change_password_layout:data(data.form); | |
| 62 | |
| 63 -- Validate | |
| 64 if require_current then | |
| 65 if not fields["password-current"] or #fields["password-current"] == 0 then | |
| 66 return { status = "error", error = { type = "modify", | |
| 67 condition = "bad-request", message = "Please enter your current password" } }; | |
| 68 elseif not usermanager_test_password(username, hostname, fields["password-current"]) then | |
| 69 return { status = "error", error = { type = "modify", | |
| 70 condition = "bad-request", message = "Your current password was incorrect" } }; | |
| 71 end | |
| 72 end | |
| 73 | |
| 74 if require_confirm and fields["password-confirm"] ~= fields["password"] then | |
| 75 return { status = "error", error = { type = "modify", | |
| 76 condition = "bad-request", message = "New password didn't match the confirmation" } }; | |
| 77 end | |
| 78 | |
| 79 if not fields.password or #fields.password == 0 then | |
| 80 return { status = "error", error = { type = "modify", | |
| 81 condition = "bad-request", message = "Please enter a new password" } }; | |
| 82 end | |
| 83 | |
| 84 -- All is good, so change password. | |
| 85 module:log("debug", "About to usermanager.set_password(%q, password, %q)", username, hostname); | |
| 86 local ok, err = usermanager_set_password(username, fields.password, hostname); | |
| 87 if ok then | |
| 88 if close_others then | |
| 89 for _, sess in pairs(hosts[hostname].sessions[username].sessions) do | |
| 90 if sess.full_jid ~= data.from then | |
| 91 sess:close{ condition = "reset", text = "Password changed" } | |
| 92 end | |
| 93 end | |
| 94 end | |
| 95 return { status = "completed", info = "Password successfully changed" }; | |
| 96 else | |
| 97 module:log("warn", "%s@%s could not change password: %s", username, hostname, tostring(err)); | |
| 98 return { status = "error", error = { type = "cancel", | |
| 99 condition = "internal-server-error", message = "Could not save new password: "..tostring(err) } }; | |
| 100 end | |
| 101 end | |
| 102 end | |
| 103 | |
| 104 -- Feature requests? What could fit under account management? | |
| 105 | |
| 106 | |
| 107 local adhoc_new = module:require "adhoc".new; | |
| 108 local adhoc_passwd = adhoc_new("Change Password", "passwd", change_password_command_handler, "user"); | |
| 109 module:add_item ("adhoc", adhoc_passwd); |