Mercurial > prosody-modules
comparison mod_auth_sql/mod_auth_sql.lua @ 455:52f2188ec47d
mod_default_vcard: Sets initial vCard from data enterd on registration
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 15 Oct 2011 13:43:37 +0200 |
| parents | 4e0d36941ba1 |
| children | bbea8081c865 |
comparison
equal
deleted
inserted
replaced
| 454:3f101f7a26d0 | 455:52f2188ec47d |
|---|---|
| 5 | 5 |
| 6 local log = require "util.logger".init("auth_sql"); | 6 local log = require "util.logger".init("auth_sql"); |
| 7 local new_sasl = require "util.sasl".new; | 7 local new_sasl = require "util.sasl".new; |
| 8 local nodeprep = require "util.encodings".stringprep.nodeprep; | 8 local nodeprep = require "util.encodings".stringprep.nodeprep; |
| 9 local DBI = require "DBI" | 9 local DBI = require "DBI" |
| 10 local crypt = require "crypt"; | |
| 10 | 11 |
| 11 local connection; | 12 local connection; |
| 12 local params = module:get_option("sql"); | 13 local params = module:get_option("sql"); |
| 14 local host = module.host; | |
| 15 local realm = module:get_option_string("realm", host); | |
| 16 local mitm_mode = module:get_option_boolean("mitm_mode"); | |
| 13 | 17 |
| 14 local resolve_relative_path = require "core.configmanager".resolve_relative_path; | 18 local resolve_relative_path = require "core.configmanager".resolve_relative_path; |
| 19 local datamanager = require "util.datamanager"; | |
| 15 | 20 |
| 16 local function test_connection() | 21 local function test_connection() |
| 17 if not connection then return nil; end | 22 if not connection then return nil; end |
| 18 if connection:ping() then | 23 if connection:ping() then |
| 19 return true; | 24 return true; |
| 70 | 75 |
| 71 return stmt; | 76 return stmt; |
| 72 end | 77 end |
| 73 | 78 |
| 74 local function get_password(username) | 79 local function get_password(username) |
| 75 local stmt, err = getsql("SELECT `password` FROM `authreg` WHERE `username`=? AND `realm`=?", username, module.host); | 80 local stmt, err = getsql("SELECT `password` FROM `users` WHERE `email`=?", username .. "@" .. realm); |
| 76 if stmt then | 81 if stmt then |
| 77 for row in stmt:rows(true) do | 82 for row in stmt:rows(true) do |
| 78 return row.password; | 83 return row.password; |
| 79 end | 84 end |
| 80 end | 85 end |
| 81 end | 86 end |
| 82 | 87 |
| 83 | |
| 84 provider = { name = "sql" }; | 88 provider = { name = "sql" }; |
| 85 | 89 |
| 86 function provider.test_password(username, password) | 90 function provider.test_password(username, password) |
| 87 return password and get_password(username) == password; | 91 local local_data = datamanager.load(username, realm, "accounts") or {}; |
| 92 if data.password == password then return true end | |
| 93 local dirty; | |
| 94 local hash = data.crypted_password; | |
| 95 if not hash then | |
| 96 hash = get_password(username); | |
| 97 if hash then | |
| 98 data.crypted_password = hash; | |
| 99 dirty = true; | |
| 100 else | |
| 101 return false | |
| 102 end | |
| 103 end | |
| 104 local ok = password and crypt(password, hash) == password; | |
| 105 if ok and mitm_mode then | |
| 106 local_data.password = password; | |
| 107 dirty = true | |
| 108 end | |
| 109 if dirty then | |
| 110 datamanager.store(username, realm, "accounts", local_data); | |
| 111 end | |
| 112 return ok | |
| 88 end | 113 end |
| 89 function provider.get_password(username) | 114 function provider.get_password(username) |
| 90 return get_password(username); | 115 return nil, "Getting password is not supported."; |
| 91 end | 116 end |
| 92 function provider.set_password(username, password) | 117 function provider.set_password(username, password) |
| 93 return nil, "Setting password is not supported."; | 118 return nil, "Setting password is not supported."; |
| 94 end | 119 end |
| 95 function provider.user_exists(username) | 120 function provider.user_exists(username) |
| 96 return get_password(username) and true; | 121 return datamanager.load(username, realm, "accounts") or get_password(username) and true; |
| 97 end | 122 end |
| 98 function provider.create_user(username, password) | 123 function provider.create_user(username, password) |
| 99 return nil, "Account creation/modification not supported."; | 124 return nil, "Account creation/modification not supported."; |
| 100 end | 125 end |
| 101 function provider.get_sasl_handler() | 126 function provider.get_sasl_handler() |
| 102 local profile = { | 127 local profile = { |
| 103 plain = function(sasl, username, realm) | 128 plain_test = function(sasl, username, password, realm) |
| 104 local prepped_username = nodeprep(username); | 129 local prepped_username = nodeprep(username); |
| 105 if not prepped_username then | 130 if not prepped_username then |
| 106 module:log("debug", "NODEprep failed on username: %s", username); | 131 module:log("debug", "NODEprep failed on username: %s", username); |
| 107 return "", nil; | 132 return nil; |
| 108 end | 133 end |
| 109 local password = get_password(prepped_username); | 134 return provider.test_password(prepped_username, password); |
| 110 if not password then return "", nil; end | |
| 111 return password, true; | |
| 112 end | 135 end |
| 113 }; | 136 }; |
| 114 return new_sasl(module.host, profile); | 137 return new_sasl(host, profile); |
| 115 end | 138 end |
| 116 | 139 |
| 117 module:add_item("auth-provider", provider); | 140 module:add_item("auth-provider", provider); |