Mercurial > prosody-modules
comparison mod_sasl2_fast/mod_sasl2_fast.lua @ 5287:4834eaf24fc1
mod_sasl2_fast: Add an API that allows modules to check if a client has FAST
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Wed, 29 Mar 2023 16:13:42 +0100 |
| parents | a91adc164566 |
| children | b10a7082b3c3 |
comparison
equal
deleted
inserted
replaced
| 5286:a91adc164566 | 5287:4834eaf24fc1 |
|---|---|
| 226 | 226 |
| 227 register_ht_mechanism("HT-SHA-256-NONE", "ht_sha_256", nil); | 227 register_ht_mechanism("HT-SHA-256-NONE", "ht_sha_256", nil); |
| 228 register_ht_mechanism("HT-SHA-256-UNIQ", "ht_sha_256", "tls-unique"); | 228 register_ht_mechanism("HT-SHA-256-UNIQ", "ht_sha_256", "tls-unique"); |
| 229 register_ht_mechanism("HT-SHA-256-ENDP", "ht_sha_256", "tls-server-end-point"); | 229 register_ht_mechanism("HT-SHA-256-ENDP", "ht_sha_256", "tls-server-end-point"); |
| 230 register_ht_mechanism("HT-SHA-256-EXPR", "ht_sha_256", "tls-exporter"); | 230 register_ht_mechanism("HT-SHA-256-EXPR", "ht_sha_256", "tls-exporter"); |
| 231 | |
| 232 -- Public API | |
| 233 | |
| 234 --luacheck: ignore 131 | |
| 235 function is_client_fast(username, client_id, last_password_change) | |
| 236 local client_id_hash = hash.sha256(client_id, true); | |
| 237 local curr_time = now(); | |
| 238 local cur = token_store:get(username, client_id_hash.."-cur"); | |
| 239 if cur and cur.expires_at >= curr_time and (not last_password_change or last_password_change < cur.issued_at) then | |
| 240 return true; | |
| 241 end | |
| 242 local new = token_store:get(username, client_id_hash.."-new"); | |
| 243 if new and new.expires_at >= curr_time and (not last_password_change or last_password_change < new.issued_at) then | |
| 244 return true; | |
| 245 end | |
| 246 return false; | |
| 247 end |