Mercurial > prosody-modules
comparison mod_register_json/register_json/mod_register_json.lua @ 1343:7dbde05b48a9
all the things: Remove trailing whitespace
| author | Florian Zeitz <florob@babelmonkeys.de> |
|---|---|
| date | Tue, 11 Mar 2014 18:44:01 +0100 |
| parents | 716a2b9cc18d |
| children |
comparison
equal
deleted
inserted
replaced
| 1342:0ae065453dc9 | 1343:7dbde05b48a9 |
|---|---|
| 64 module:log("error", "Failed to save the mail addresses' hashes store.") | 64 module:log("error", "Failed to save the mail addresses' hashes store.") |
| 65 end | 65 end |
| 66 end | 66 end |
| 67 | 67 |
| 68 local function check_mail(address) | 68 local function check_mail(address) |
| 69 for _, pattern in ipairs(fm_patterns) do | 69 for _, pattern in ipairs(fm_patterns) do |
| 70 if address:match(pattern) then return false end | 70 if address:match(pattern) then return false end |
| 71 end | 71 end |
| 72 return true | 72 return true |
| 73 end | 73 end |
| 74 | 74 |
| 91 if secure and not request.secure then return nil end | 91 if secure and not request.secure then return nil end |
| 92 | 92 |
| 93 if request.method ~= "POST" then | 93 if request.method ~= "POST" then |
| 94 return http_response(event, 405, "Bad method.", {["Allow"] = "POST"}) | 94 return http_response(event, 405, "Bad method.", {["Allow"] = "POST"}) |
| 95 end | 95 end |
| 96 | 96 |
| 97 local req_body | 97 local req_body |
| 98 -- We check that what we have is valid JSON wise else we throw an error... | 98 -- We check that what we have is valid JSON wise else we throw an error... |
| 99 if not pcall(function() req_body = json_decode(b64_decode(request.body)) end) then | 99 if not pcall(function() req_body = json_decode(b64_decode(request.body)) end) then |
| 100 module:log("debug", "Data submitted for user registration by %s failed to Decode.", user) | 100 module:log("debug", "Data submitted for user registration by %s failed to Decode.", user) |
| 101 return http_response(event, 400, "Decoding failed.") | 101 return http_response(event, 400, "Decoding failed.") |
| 111 | 111 |
| 112 -- Check if user is an admin of said host | 112 -- Check if user is an admin of said host |
| 113 if token ~= auth_token then | 113 if token ~= auth_token then |
| 114 module:log("warn", "%s tried to retrieve a registration token for %s@%s", request.ip, username, module.host) | 114 module:log("warn", "%s tried to retrieve a registration token for %s@%s", request.ip, username, module.host) |
| 115 return http_response(event, 401, "Auth token is invalid! The attempt has been logged.") | 115 return http_response(event, 401, "Auth token is invalid! The attempt has been logged.") |
| 116 else | 116 else |
| 117 -- Blacklist can be checked here. | 117 -- Blacklist can be checked here. |
| 118 if blacklist:contains(ip) then | 118 if blacklist:contains(ip) then |
| 119 module:log("warn", "Attempt of reg. submission to the JSON servlet from blacklisted address: %s", ip) | 119 module:log("warn", "Attempt of reg. submission to the JSON servlet from blacklisted address: %s", ip) |
| 120 return http_response(event, 403, "The specified address is blacklisted, sorry.") | 120 return http_response(event, 403, "The specified address is blacklisted, sorry.") |
| 121 end | 121 end |
| 122 | 122 |
| 123 if not check_mail(mail) then | 123 if not check_mail(mail) then |
| 124 module:log("warn", "%s attempted to use a mail address (%s) matching one of the forbidden patterns.", ip, mail) | 124 module:log("warn", "%s attempted to use a mail address (%s) matching one of the forbidden patterns.", ip, mail) |
| 125 return http_response(event, 403, "Requesting to register using this E-Mail address is forbidden, sorry.") | 125 return http_response(event, 403, "Requesting to register using this E-Mail address is forbidden, sorry.") |
| 140 if not usermanager.user_exists(username, module.host) then | 140 if not usermanager.user_exists(username, module.host) then |
| 141 -- if username fails to register successive requests shouldn't be throttled until one is successful. | 141 -- if username fails to register successive requests shouldn't be throttled until one is successful. |
| 142 if throttle_time and not whitelist:contains(ip) then | 142 if throttle_time and not whitelist:contains(ip) then |
| 143 if not recent_ips[ip] then | 143 if not recent_ips[ip] then |
| 144 recent_ips[ip] = os_time() | 144 recent_ips[ip] = os_time() |
| 145 else | 145 else |
| 146 if os_time() - recent_ips[ip] < throttle_time then | 146 if os_time() - recent_ips[ip] < throttle_time then |
| 147 recent_ips[ip] = os_time() | 147 recent_ips[ip] = os_time() |
| 148 module:log("warn", "JSON Registration request from %s has been throttled.", req_body["ip"]) | 148 module:log("warn", "JSON Registration request from %s has been throttled.", req_body["ip"]) |
| 149 return http_response(event, 503, "Request throttled, wait a bit and try again.") | 149 return http_response(event, 503, "Request throttled, wait a bit and try again.") |
| 150 end | 150 end |
| 206 } | 206 } |
| 207 | 207 |
| 208 if request.method == "GET" then | 208 if request.method == "GET" then |
| 209 if path == "" then | 209 if path == "" then |
| 210 return r_template(event, "form") | 210 return r_template(event, "form") |
| 211 end | 211 end |
| 212 | 212 |
| 213 if valid_files[path] then | 213 if valid_files[path] then |
| 214 local data = open_file(valid_files[path]) | 214 local data = open_file(valid_files[path]) |
| 215 if data then return data | 215 if data then return data |
| 216 else return http_response(event, 404, "Not found.") end | 216 else return http_response(event, 404, "Not found.") end |
| 221 local uuid = urldecode(body):match("^uuid=(.*)$") | 221 local uuid = urldecode(body):match("^uuid=(.*)$") |
| 222 | 222 |
| 223 if not pending[uuid] then | 223 if not pending[uuid] then |
| 224 return r_template(event, "fail") | 224 return r_template(event, "fail") |
| 225 else | 225 else |
| 226 local username, password, ip = | 226 local username, password, ip = |
| 227 pending[uuid].node, pending[uuid].password, pending[uuid].ip | 227 pending[uuid].node, pending[uuid].password, pending[uuid].ip |
| 228 | 228 |
| 229 local ok, error = usermanager.create_user(username, password, module.host) | 229 local ok, error = usermanager.create_user(username, password, module.host) |
| 230 if ok then | 230 if ok then |
| 231 module:fire_event( | 231 module:fire_event( |
| 232 "user-registered", | 232 "user-registered", |
| 233 { username = username, host = module.host, source = "mod_register_json", session = { ip = ip } } | 233 { username = username, host = module.host, source = "mod_register_json", session = { ip = ip } } |
| 234 ) | 234 ) |
| 235 module:log("info", "Account %s@%s is successfully verified and activated", username, module.host) | 235 module:log("info", "Account %s@%s is successfully verified and activated", username, module.host) |
| 236 -- we shall not clean the user from the pending lists as long as registration doesn't succeed. | 236 -- we shall not clean the user from the pending lists as long as registration doesn't succeed. |
| 237 pending[uuid] = nil ; pending_node[username] = nil | 237 pending[uuid] = nil ; pending_node[username] = nil |
| 238 return r_template(event, "success") | 238 return r_template(event, "success") |
| 239 else | 239 else |
| 240 module:log("error", "User creation failed: "..error) | 240 module:log("error", "User creation failed: "..error) |
| 241 return http_response(event, 500, "Encountered server error while creating the user: "..error) | 241 return http_response(event, 500, "Encountered server error while creating the user: "..error) |
| 242 end | 242 end |
| 243 end | 243 end |
| 244 end | 244 end |
| 245 else | 245 else |
| 246 return http_response(event, 405, "Invalid method.") | 246 return http_response(event, 405, "Invalid method.") |
| 247 end | 247 end |
| 248 end | 248 end |
| 249 | 249 |