Mercurial > prosody-modules

view mod_http_auth_check/mod_http_auth_check.lua @ 5338:03044a6f5f4c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_service_outage_status: XEP-0455: Service Outage Status Only the out of band part so far. The in-band pubsub part would need '+notify' support in mod_pubsub, since mod_pep does not serve the bare-host-JID. All the hard parts of this XEP is elsewhere, i.e. hosting the document somewhere reliable.
author Kim Alvefur <zash@zash.se>
date Mon, 10 Apr 2023 13:24:03 +0200
parents 5ca6d53d3186
children
line wrap: on
line source

-- HTTP Is User Valid
-- By Nicolas Cedilnik <nicoco@nicoco.fr>

local jid_prep = require "util.jid".prep;
local jid_split = require "util.jid".split;
local test_password = require "core.usermanager".test_password;
local b64_decode = require "util.encodings".base64.decode;
local saslprep = require "util.encodings".stringprep.saslprep;
local realm = module:get_host() .. "/" .. module:get_name();
module:depends"http";

local function authenticate (event, path)
	local request = event.request;
	local response = event.response;
	local headers = request.headers;
	if not headers.authorization then
		response.headers.www_authenticate = ("Basic realm=%q"):format(realm);
		return 401
	end
	local from_jid, password = b64_decode(headers.authorization:match"[^ ]*$"):match"([^:]*):(.*)";
	from_jid = jid_prep(from_jid);
	password = saslprep(password);
	if from_jid and password then
		local user, host = jid_split(from_jid);
		local ok, err = test_password(user, host, password);
		if ok and user and host then
			return 200
		elseif err then
			return 401
		end
	end
end

module:provides("http", {
	route = {
		GET = authenticate
	};
});