Mercurial > prosody-modules

view mod_invites_adhoc/README.markdown @ 5682:527c747711f3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Limit revocation to clients own tokens in strict mode RFC 7009 section 2.1 states: > The authorization server first validates the client credentials (in > case of a confidential client) and then verifies whether the token was > issued to the client making the revocation request. If this > validation fails, the request is refused and the client is informed of > the error by the authorization server as described below. The first part was already covered (in strict mode). This adds the later part using the hash of client_id recorded in 0860497152af It still seems weird to me that revoking a leaked token should not be allowed whoever might have discovered it, as that seems the responsible thing to do.
author Kim Alvefur <zash@zash.se>
date Sun, 29 Oct 2023 11:30:49 +0100
parents 2f7fff6c8c73
children
line wrap: on
line source

---
labels:
- 'Stage-Merged'
summary: 'Enable ad-hoc command for XMPP clients to create invitations'
...

Introduction
============

::: {.alert .alert-info}
This module has been merged into Prosody as
[mod_invites_adhoc][doc:modules:mod_invites_adhoc]. Users of Prosody **0.12**
and later should not install this version.
:::

This module is part of the suite of modules that implement invite-based
account registration for Prosody. The other modules are:

- [mod_invites][doc:modules:mod_invites]
- [mod_invites_register][doc:modules:mod_invites_register]
- [mod_invites_page]
- [mod_invites_register_web]
- [mod_invites_api]
- [mod_register_apps]

For details and a full overview, start with the [mod_invites] documentation.

Details
=======

mod_invites_adhoc allows XMPP clients to create new invites on the server.
Clients must support either XEP-0401 (Easy Onboarding) or XEP-0050 (Ad-hoc
commands).

There are three types of invitation that can be created:

| Invite type | Description |
|--|--|
| Account-only invites | These can be used to register a new account |
| Contact-only invites | These can be shared with a contact so they can easily add you to their contact list |
| Account-and-contact invites | Like a contact-only invite, but also allows the contact to register on the current server if they don't already have an XMPP account |

Only configured admins of the server are able to create account-only invites. By default
normal users may only create contact-only invites, but account-and-contact invites can
be enabled with the `allow_user_invites` option.

Configuration
=============

| Name                  | Description                                                           | Default                                   |
|-----------------------|-----------------------------------------------------------------------|-------------------------------------------|
| allow_user_invites    | Whether non-admin users can invite contacts to register on this server| `false`                                   |
| allow_contact_invites | Whether non-admin users can invite contacts to their roster           | `true`                                    |

The `allow_user_invites` option should be set as desired. However it is
strongly recommended to leave the other option (`allow_contact_invites`)
at its default to provide the best user experience.