comparison mod_http_oauth2/mod_http_oauth2.lua @ 5752:c27eaa7117d6

mod_http_oauth2: Fire authentication events on login form For e.g. mod_audit_auth to use. A bit hacky because upon review many modules don't seem to handle the lack of an XMPP session in the event payload.
author Kim Alvefur <zash@zash.se>
date Fri, 01 Dec 2023 22:40:41 +0100
parents d563a6b0dfb7
children 87920d436cb4
comparison
equal deleted inserted replaced
5751:d563a6b0dfb7 5752:c27eaa7117d6
638 638
639 if not form.user_token then 639 if not form.user_token then
640 -- First step: login 640 -- First step: login
641 local username = encodings.stringprep.nodeprep(form.username); 641 local username = encodings.stringprep.nodeprep(form.username);
642 local password = encodings.stringprep.saslprep(form.password); 642 local password = encodings.stringprep.saslprep(form.password);
643 -- Many things hooked to authentication-{success,failure} don't expect
644 -- non-XMPP sessions so here's something close enough...
645 local auth_event = {
646 session = {
647 type = "http";
648 ip = request.ip;
649 conn = request.conn;
650 username = username;
651 host = module.host;
652 sasl_handler = { username = username; selected = "x-www-form" };
653 client_id = request.headers.user_agent;
654 };
655 };
643 if not (username and password) or not usermanager.test_password(username, module.host, password) then 656 if not (username and password) or not usermanager.test_password(username, module.host, password) then
657 module:fire_event("authentication-failure", auth_event);
644 return { 658 return {
645 error = "Invalid username/password"; 659 error = "Invalid username/password";
646 }; 660 };
647 end 661 end
662 module:fire_event("authentication-success", auth_event);
648 return { 663 return {
649 user = { 664 user = {
650 username = username; 665 username = username;
651 host = module.host; 666 host = module.host;
652 token = new_user_token({ username = username; host = module.host; auth_time = os.time(); amr = { "pwd" } }); 667 token = new_user_token({ username = username; host = module.host; auth_time = os.time(); amr = { "pwd" } });