view mod_block_registrations/mod_block_registrations.lua @ 5550:4fda06be6b08

mod_http_oauth2: Make note about handling repeated RFC 6749 states > If an authorization code is used more than once, the authorization > server MUST deny the request and SHOULD revoke (when possible) all > tokens previously issued based on that authorization code. We should follow the SHOULD. The MUST is already covered by removing the code state from the cache.
author Kim Alvefur <zash@zash.se>
date Fri, 16 Jun 2023 00:10:46 +0200
parents 368bf9b06484
children
line wrap: on
line source

local st = require "util.stanza";
local nodeprep = require "util.encodings".stringprep.nodeprep;

local block_users = module:get_option_set("block_registrations_users", {
	"abuse", "admin", "administrator", "hostmaster", "info", "news",
	"noc", "operator", "owner", "postmaster", "register", "registration",
	"root", "security", "service", "signup", "support", "sysadmin",
	"sysop", "system", "test", "trouble", "webmaster", "www", "xmpp",
});
local block_patterns = module:get_option_set("block_registrations_matching", {});
local require_pattern = module:get_option_string("block_registrations_require");

function is_blocked(username)
        -- Check if the username is simply blocked
        if block_users:contains(username) then return true; end

        for pattern in block_patterns do
                if username:find(pattern) then
                        return true;
                end
        end
        -- Not blocked, but check that username matches allowed pattern
        if require_pattern and not username:match(require_pattern) then
                return true;
        end
end

module:hook("user-registering", function(event)
        local username = event.username;
        if is_blocked(username) then
                event.allowed = false;
                return true;
        end
end, 10);