Mercurial > prosody-modules
comparison mod_register_json/register_json/mod_register_json.lua @ 1343:7dbde05b48a9
all the things: Remove trailing whitespace
author | Florian Zeitz <florob@babelmonkeys.de> |
---|---|
date | Tue, 11 Mar 2014 18:44:01 +0100 |
parents | 716a2b9cc18d |
children |
comparison
equal
deleted
inserted
replaced
1342:0ae065453dc9 | 1343:7dbde05b48a9 |
---|---|
64 module:log("error", "Failed to save the mail addresses' hashes store.") | 64 module:log("error", "Failed to save the mail addresses' hashes store.") |
65 end | 65 end |
66 end | 66 end |
67 | 67 |
68 local function check_mail(address) | 68 local function check_mail(address) |
69 for _, pattern in ipairs(fm_patterns) do | 69 for _, pattern in ipairs(fm_patterns) do |
70 if address:match(pattern) then return false end | 70 if address:match(pattern) then return false end |
71 end | 71 end |
72 return true | 72 return true |
73 end | 73 end |
74 | 74 |
91 if secure and not request.secure then return nil end | 91 if secure and not request.secure then return nil end |
92 | 92 |
93 if request.method ~= "POST" then | 93 if request.method ~= "POST" then |
94 return http_response(event, 405, "Bad method.", {["Allow"] = "POST"}) | 94 return http_response(event, 405, "Bad method.", {["Allow"] = "POST"}) |
95 end | 95 end |
96 | 96 |
97 local req_body | 97 local req_body |
98 -- We check that what we have is valid JSON wise else we throw an error... | 98 -- We check that what we have is valid JSON wise else we throw an error... |
99 if not pcall(function() req_body = json_decode(b64_decode(request.body)) end) then | 99 if not pcall(function() req_body = json_decode(b64_decode(request.body)) end) then |
100 module:log("debug", "Data submitted for user registration by %s failed to Decode.", user) | 100 module:log("debug", "Data submitted for user registration by %s failed to Decode.", user) |
101 return http_response(event, 400, "Decoding failed.") | 101 return http_response(event, 400, "Decoding failed.") |
111 | 111 |
112 -- Check if user is an admin of said host | 112 -- Check if user is an admin of said host |
113 if token ~= auth_token then | 113 if token ~= auth_token then |
114 module:log("warn", "%s tried to retrieve a registration token for %s@%s", request.ip, username, module.host) | 114 module:log("warn", "%s tried to retrieve a registration token for %s@%s", request.ip, username, module.host) |
115 return http_response(event, 401, "Auth token is invalid! The attempt has been logged.") | 115 return http_response(event, 401, "Auth token is invalid! The attempt has been logged.") |
116 else | 116 else |
117 -- Blacklist can be checked here. | 117 -- Blacklist can be checked here. |
118 if blacklist:contains(ip) then | 118 if blacklist:contains(ip) then |
119 module:log("warn", "Attempt of reg. submission to the JSON servlet from blacklisted address: %s", ip) | 119 module:log("warn", "Attempt of reg. submission to the JSON servlet from blacklisted address: %s", ip) |
120 return http_response(event, 403, "The specified address is blacklisted, sorry.") | 120 return http_response(event, 403, "The specified address is blacklisted, sorry.") |
121 end | 121 end |
122 | 122 |
123 if not check_mail(mail) then | 123 if not check_mail(mail) then |
124 module:log("warn", "%s attempted to use a mail address (%s) matching one of the forbidden patterns.", ip, mail) | 124 module:log("warn", "%s attempted to use a mail address (%s) matching one of the forbidden patterns.", ip, mail) |
125 return http_response(event, 403, "Requesting to register using this E-Mail address is forbidden, sorry.") | 125 return http_response(event, 403, "Requesting to register using this E-Mail address is forbidden, sorry.") |
140 if not usermanager.user_exists(username, module.host) then | 140 if not usermanager.user_exists(username, module.host) then |
141 -- if username fails to register successive requests shouldn't be throttled until one is successful. | 141 -- if username fails to register successive requests shouldn't be throttled until one is successful. |
142 if throttle_time and not whitelist:contains(ip) then | 142 if throttle_time and not whitelist:contains(ip) then |
143 if not recent_ips[ip] then | 143 if not recent_ips[ip] then |
144 recent_ips[ip] = os_time() | 144 recent_ips[ip] = os_time() |
145 else | 145 else |
146 if os_time() - recent_ips[ip] < throttle_time then | 146 if os_time() - recent_ips[ip] < throttle_time then |
147 recent_ips[ip] = os_time() | 147 recent_ips[ip] = os_time() |
148 module:log("warn", "JSON Registration request from %s has been throttled.", req_body["ip"]) | 148 module:log("warn", "JSON Registration request from %s has been throttled.", req_body["ip"]) |
149 return http_response(event, 503, "Request throttled, wait a bit and try again.") | 149 return http_response(event, 503, "Request throttled, wait a bit and try again.") |
150 end | 150 end |
206 } | 206 } |
207 | 207 |
208 if request.method == "GET" then | 208 if request.method == "GET" then |
209 if path == "" then | 209 if path == "" then |
210 return r_template(event, "form") | 210 return r_template(event, "form") |
211 end | 211 end |
212 | 212 |
213 if valid_files[path] then | 213 if valid_files[path] then |
214 local data = open_file(valid_files[path]) | 214 local data = open_file(valid_files[path]) |
215 if data then return data | 215 if data then return data |
216 else return http_response(event, 404, "Not found.") end | 216 else return http_response(event, 404, "Not found.") end |
221 local uuid = urldecode(body):match("^uuid=(.*)$") | 221 local uuid = urldecode(body):match("^uuid=(.*)$") |
222 | 222 |
223 if not pending[uuid] then | 223 if not pending[uuid] then |
224 return r_template(event, "fail") | 224 return r_template(event, "fail") |
225 else | 225 else |
226 local username, password, ip = | 226 local username, password, ip = |
227 pending[uuid].node, pending[uuid].password, pending[uuid].ip | 227 pending[uuid].node, pending[uuid].password, pending[uuid].ip |
228 | 228 |
229 local ok, error = usermanager.create_user(username, password, module.host) | 229 local ok, error = usermanager.create_user(username, password, module.host) |
230 if ok then | 230 if ok then |
231 module:fire_event( | 231 module:fire_event( |
232 "user-registered", | 232 "user-registered", |
233 { username = username, host = module.host, source = "mod_register_json", session = { ip = ip } } | 233 { username = username, host = module.host, source = "mod_register_json", session = { ip = ip } } |
234 ) | 234 ) |
235 module:log("info", "Account %s@%s is successfully verified and activated", username, module.host) | 235 module:log("info", "Account %s@%s is successfully verified and activated", username, module.host) |
236 -- we shall not clean the user from the pending lists as long as registration doesn't succeed. | 236 -- we shall not clean the user from the pending lists as long as registration doesn't succeed. |
237 pending[uuid] = nil ; pending_node[username] = nil | 237 pending[uuid] = nil ; pending_node[username] = nil |
238 return r_template(event, "success") | 238 return r_template(event, "success") |
239 else | 239 else |
240 module:log("error", "User creation failed: "..error) | 240 module:log("error", "User creation failed: "..error) |
241 return http_response(event, 500, "Encountered server error while creating the user: "..error) | 241 return http_response(event, 500, "Encountered server error while creating the user: "..error) |
242 end | 242 end |
243 end | 243 end |
244 end | 244 end |
245 else | 245 else |
246 return http_response(event, 405, "Invalid method.") | 246 return http_response(event, 405, "Invalid method.") |
247 end | 247 end |
248 end | 248 end |
249 | 249 |