Mercurial > prosody-modules

comparison mod_auth_phpbb3/mod_auth_phpbb3.lua @ 421:816d8e3e83a3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_auth_phpbb3: A little refactoring.
author Waqas Hussain <waqas20@gmail.com>
date Sun, 11 Sep 2011 22:53:35 +0500
parents eaafb38daa5e
children f19f723571d9
comparison
equal deleted inserted replaced
420:eaafb38daa5e 421:816d8e3e83a3
86 return row.user_password; 86 return row.user_password;
87 end 87 end
88 end 88 end
89 end 89 end
90 90
91
91 local itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; 92 local itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
92
93 local function hashEncode64(input, count) 93 local function hashEncode64(input, count)
94 local output = ""; 94 local output = "";
95 local i, value = 0, 0; 95 local i, value = 0, 0;
96 96
97 while true do 97 while true do
160 output = output .. itoa64:sub(idx, idx); 160 output = output .. itoa64:sub(idx, idx);
161 output = output .. hashEncode64(input, 6); 161 output = output .. hashEncode64(input, 6);
162 return output; 162 return output;
163 end 163 end
164 local function phpbbCheckHash(password, hash) 164 local function phpbbCheckHash(password, hash)
165 if #hash == 32 then return hash == md5(password, true); end -- legacy PHPBB2 hash
165 return #hash == 34 and hashCryptPrivate(password, hash) == hash; 166 return #hash == 34 and hashCryptPrivate(password, hash) == hash;
166 end 167 end
167 local function phpbbHash(password) 168 local function phpbbCreateHash(password)
168 local random = uuid_gen():sub(-6); 169 local random = uuid_gen():sub(-6);
169 local salt = hashGensaltPrivate(random); 170 local salt = hashGensaltPrivate(random);
170 local hash = hashCryptPrivate(password, salt); 171 local hash = hashCryptPrivate(password, salt);
171 if #hash == 34 then return hash; end 172 if #hash == 34 then return hash; end
172 return md5(password, true); 173 return md5(password, true);
174 175
175 176
176 provider = { name = "phpbb3" }; 177 provider = { name = "phpbb3" };
177 178
178 function provider.test_password(username, password) 179 function provider.test_password(username, password)
179 --module:log("debug", "test_password '%s' for user %s", tostring(password), tostring(username));
180 local hash = get_password(username); 180 local hash = get_password(username);
181 if hash and #hash == 32 then return hash == md5(password, true); end -- legacy PHPBB2 hash
182 return hash and phpbbCheckHash(password, hash); 181 return hash and phpbbCheckHash(password, hash);
183 end 182 end
184 function provider.user_exists(username) 183 function provider.user_exists(username)
185 module:log("debug", "test user %s existence", username); 184 module:log("debug", "test user %s existence", username);
186 return get_password(username) and true; 185 return get_password(username) and true;
188 187
189 function provider.get_password(username) 188 function provider.get_password(username)
190 return nil, "Getting password is not supported."; 189 return nil, "Getting password is not supported.";
191 end 190 end
192 function provider.set_password(username, password) 191 function provider.set_password(username, password)
193 local hash = phpbbHash(password); 192 local hash = phpbbCreateHash(password);
194 local stmt, err = setsql("UPDATE `phpbb_users` SET `user_password`=? WHERE `username`=?", hash, username); 193 local stmt, err = setsql("UPDATE `phpbb_users` SET `user_password`=? WHERE `username`=?", hash, username);
195 return stmt and true, err; 194 return stmt and true, err;
196 end 195 end
197 function provider.create_user(username, password) 196 function provider.create_user(username, password)
198 return nil, "Account creation/modification not supported."; 197 return nil, "Account creation/modification not supported.";