Mercurial > prosody-modules
view mod_invites_api/mod_invites_api.lua @ 4877:adc6241e5d16
mod_measure_process: Report the enforced limit
The soft limit is what the kernel actually enforces, while the hard
limit is is how far you can change the soft limit without privileges.
Unless the process dynamically adjusts the soft limit, knowing the hard
limit is not as useful as knowing the soft limit.
Reporting the soft limit and the number of in-use FDs allows placing
alerts on expressions like 'process_open_fds / process_max_fds >= 0.95'
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 18 Jan 2022 18:55:20 +0100 |
| parents | 35b678609b79 |
| children | 410d7c8d210d |
line wrap: on
line source
local http_formdecode = require "net.http".formdecode; local api_key_store; local invites; -- COMPAT: workaround to avoid executing inside prosodyctl if prosody.shutdown then module:depends("http"); api_key_store = module:open_store("invite_api_keys", "map"); invites = module:depends("invites"); end local function get_api_user(request, params) local combined_key; local auth_header = request.headers.authorization; if not auth_header then params = params or http_formdecode(request.url.query); combined_key = params.key; else local auth_type, value = auth_header:match("^(%S+)%s(%S+)$"); if auth_type ~= "Bearer" then return; end combined_key = value; end if not combined_key then return; end local key_id, key_token = combined_key:match("^([^/]+)/(.+)$"); if not key_id then return; end local api_user = api_key_store:get(nil, key_id); if not api_user or api_user.token ~= key_token then return; end -- TODO: key expiry, rate limiting, etc. return api_user; end function handle_request(event) local query_params = http_formdecode(event.request.url.query); local api_user = get_api_user(event.request, query_params); if not api_user then return 403; end if api_user.allowed_methods and not api_user.allowed_methods[event.request.method] then return 405; end local invite = invites.create_account(nil, { source = "api/token/"..api_user.id }); if not invite then return 500; end event.response.headers.Location = invite.landing_page or invite.uri; if query_params.redirect then return 303; end return 201; end if invites then module:provides("http", { route = { ["GET"] = handle_request; }; }); end function module.command(arg) if #arg < 2 then print("Usage:"); print(""); print(" prosodyctl mod_"..module.name.." create NAME"); print(" prosodyctl mod_"..module.name.." delete KEY_ID"); print(" prosodyctl mod_"..module.name.." list"); print(""); end local command = table.remove(arg, 1); local host = table.remove(arg, 1); if not prosody.hosts[host] then print("Error: please supply a valid host"); return 1; end require "core.storagemanager".initialize_host(host); module.host = host; --luacheck: ignore 122/module api_key_store = module:open_store("invite_api_keys", "map"); if command == "create" then local id = require "util.id".short(); local token = require "util.id".long(); api_key_store:set(nil, id, { id = id; token = token; name = arg[1]; created_at = os.time(); allowed_methods = { GET = true, POST = true }; }); print(id.."/"..token); elseif command == "delete" then local id = table.remove(arg, 1); if not api_key_store:get(nil, id) then print("Error: key not found"); return 1; end api_key_store:set(nil, id, nil); elseif command == "list" then local api_key_store_kv = module:open_store("invite_api_keys"); for key_id, key_info in pairs(api_key_store_kv:get(nil)) do print(key_id, key_info.name or "<unknown>"); end else print("Unknown command - "..command); end end