Mercurial > prosody-modules
view mod_auth_token/mod_auth_token.lua @ 4362:116c88c28532
mod_http_admin_api: restructure group-related info in API
- Return the members of the group right in the get_group_by_id
call. This is an O(1) of extra work.
- Remove the groups attribute from get_user_by_name as that is
O(n) of work and rarely immediately needed.
The replacement for the group membership information in the user
is for now to use the group API and iterate; future work may fix
that.
| author | Jonas Schäfer <jonas@wielicki.name> |
|---|---|
| date | Wed, 20 Jan 2021 15:30:29 +0100 |
| parents | 0fb12a4b6106 |
| children |
line wrap: on
line source
-- Copyright (C) 2018 Minddistrict -- -- This file is MIT/X11 licensed. -- local host = module.host; local log = module._log; local new_sasl = require "util.sasl".new; local usermanager = require "core.usermanager"; local verify_token = module:require "token_auth_utils".verify_token; local provider = {}; function provider.test_password(username, password) log("debug", "Testing signed OTP for user %s at host %s", username, host); return verify_token( username, password, module:get_option_string("otp_seed"), module:get_option_string("token_secret"), log ); end function provider.users() return function() return nil; end end function provider.set_password(username, password) return nil, "Changing passwords not supported"; end function provider.user_exists(username) return true; end function provider.create_user(username, password) return nil, "User creation not supported"; end function provider.delete_user(username) return nil , "User deletion not supported"; end function provider.get_sasl_handler() local supported_mechanisms = {}; supported_mechanisms["X-TOKEN"] = true; return new_sasl(host, { token = function(sasl, username, password, realm) return usermanager.test_password(username, realm, password), true; end, mechanisms = supported_mechanisms }); end module:provides("auth", provider);