Mercurial > prosody-modules
comparison mod_auth_sql/mod_auth_sql.lua @ 461:bbea8081c865
Revert various changes accidentally included in previous commit
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 29 Oct 2011 13:34:15 +0200 |
| parents | 52f2188ec47d |
| children | bd08727378be |
comparison
equal
deleted
inserted
replaced
| 460:9bb9343f3c7a | 461:bbea8081c865 |
|---|---|
| 5 | 5 |
| 6 local log = require "util.logger".init("auth_sql"); | 6 local log = require "util.logger".init("auth_sql"); |
| 7 local new_sasl = require "util.sasl".new; | 7 local new_sasl = require "util.sasl".new; |
| 8 local nodeprep = require "util.encodings".stringprep.nodeprep; | 8 local nodeprep = require "util.encodings".stringprep.nodeprep; |
| 9 local DBI = require "DBI" | 9 local DBI = require "DBI" |
| 10 local crypt = require "crypt"; | |
| 11 | 10 |
| 12 local connection; | 11 local connection; |
| 13 local params = module:get_option("sql"); | 12 local params = module:get_option("sql"); |
| 14 local host = module.host; | |
| 15 local realm = module:get_option_string("realm", host); | |
| 16 local mitm_mode = module:get_option_boolean("mitm_mode"); | |
| 17 | 13 |
| 18 local resolve_relative_path = require "core.configmanager".resolve_relative_path; | 14 local resolve_relative_path = require "core.configmanager".resolve_relative_path; |
| 19 local datamanager = require "util.datamanager"; | |
| 20 | 15 |
| 21 local function test_connection() | 16 local function test_connection() |
| 22 if not connection then return nil; end | 17 if not connection then return nil; end |
| 23 if connection:ping() then | 18 if connection:ping() then |
| 24 return true; | 19 return true; |
| 75 | 70 |
| 76 return stmt; | 71 return stmt; |
| 77 end | 72 end |
| 78 | 73 |
| 79 local function get_password(username) | 74 local function get_password(username) |
| 80 local stmt, err = getsql("SELECT `password` FROM `users` WHERE `email`=?", username .. "@" .. realm); | 75 local stmt, err = getsql("SELECT `password` FROM `authreg` WHERE `username`=? AND `realm`=?", username, module.host); |
| 81 if stmt then | 76 if stmt then |
| 82 for row in stmt:rows(true) do | 77 for row in stmt:rows(true) do |
| 83 return row.password; | 78 return row.password; |
| 84 end | 79 end |
| 85 end | 80 end |
| 86 end | 81 end |
| 87 | 82 |
| 83 | |
| 88 provider = { name = "sql" }; | 84 provider = { name = "sql" }; |
| 89 | 85 |
| 90 function provider.test_password(username, password) | 86 function provider.test_password(username, password) |
| 91 local local_data = datamanager.load(username, realm, "accounts") or {}; | 87 return password and get_password(username) == password; |
| 92 if data.password == password then return true end | |
| 93 local dirty; | |
| 94 local hash = data.crypted_password; | |
| 95 if not hash then | |
| 96 hash = get_password(username); | |
| 97 if hash then | |
| 98 data.crypted_password = hash; | |
| 99 dirty = true; | |
| 100 else | |
| 101 return false | |
| 102 end | |
| 103 end | |
| 104 local ok = password and crypt(password, hash) == password; | |
| 105 if ok and mitm_mode then | |
| 106 local_data.password = password; | |
| 107 dirty = true | |
| 108 end | |
| 109 if dirty then | |
| 110 datamanager.store(username, realm, "accounts", local_data); | |
| 111 end | |
| 112 return ok | |
| 113 end | 88 end |
| 114 function provider.get_password(username) | 89 function provider.get_password(username) |
| 115 return nil, "Getting password is not supported."; | 90 return get_password(username); |
| 116 end | 91 end |
| 117 function provider.set_password(username, password) | 92 function provider.set_password(username, password) |
| 118 return nil, "Setting password is not supported."; | 93 return nil, "Setting password is not supported."; |
| 119 end | 94 end |
| 120 function provider.user_exists(username) | 95 function provider.user_exists(username) |
| 121 return datamanager.load(username, realm, "accounts") or get_password(username) and true; | 96 return get_password(username) and true; |
| 122 end | 97 end |
| 123 function provider.create_user(username, password) | 98 function provider.create_user(username, password) |
| 124 return nil, "Account creation/modification not supported."; | 99 return nil, "Account creation/modification not supported."; |
| 125 end | 100 end |
| 126 function provider.get_sasl_handler() | 101 function provider.get_sasl_handler() |
| 127 local profile = { | 102 local profile = { |
| 128 plain_test = function(sasl, username, password, realm) | 103 plain = function(sasl, username, realm) |
| 129 local prepped_username = nodeprep(username); | 104 local prepped_username = nodeprep(username); |
| 130 if not prepped_username then | 105 if not prepped_username then |
| 131 module:log("debug", "NODEprep failed on username: %s", username); | 106 module:log("debug", "NODEprep failed on username: %s", username); |
| 132 return nil; | 107 return "", nil; |
| 133 end | 108 end |
| 134 return provider.test_password(prepped_username, password); | 109 local password = get_password(prepped_username); |
| 110 if not password then return "", nil; end | |
| 111 return password, true; | |
| 135 end | 112 end |
| 136 }; | 113 }; |
| 137 return new_sasl(host, profile); | 114 return new_sasl(module.host, profile); |
| 138 end | 115 end |
| 139 | 116 |
| 140 module:add_item("auth-provider", provider); | 117 module:add_item("auth-provider", provider); |