Mercurial > prosody-modules
view mod_auth_token/mod_auth_token.lua @ 3139:03cda95ae97a
mod_pastebin: Prevent header table form being mutated
default_headers was mutated, probably by mod_http_errors and ended up
with multiple content-type entries, which led to issues in browsers
which would sometimes treat the paste as html
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 23 Jun 2018 16:37:15 +0200 |
parents | d0ca211e1b0e |
children | 0fb12a4b6106 |
line wrap: on
line source
-- Copyright (C) 2018 Minddistrict -- -- This file is MIT/X11 licensed. -- local host = module.host; local log = module._log; local new_sasl = require "util.sasl".new; local verify_token = module:require "token_auth_utils".verify_token; local provider = {}; function provider.test_password(username, password, realm) log("debug", "Testing signed OTP for user %s at host %s", username, host); return verify_token( username, password, realm, module:get_option_string("otp_seed"), module:get_option_string("token_secret"), log ); end function provider.users() return function() return nil; end end function provider.set_password(username, password) return nil, "Changing passwords not supported"; end function provider.user_exists(username) return true; end function provider.create_user(username, password) return nil, "User creation not supported"; end function provider.delete_user(username) return nil , "User deletion not supported"; end function provider.get_sasl_handler() local supported_mechanisms = {}; supported_mechanisms["X-TOKEN"] = true; return new_sasl(host, { token = function(sasl, username, password, realm) return provider.test_password(username, password, realm), true; end, mechanisms = supported_mechanisms }); end module:provides("auth", provider);