Mercurial > prosody-modules

view mod_block_registrations/mod_block_registrations.lua @ 5406:b86d80e21c60

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Validate consistency of response and grant types Ensure that these correlated fields make sense per RFC 7591 ยง 2.1, even though we currently only check the response type during authorization. This could probably all be deleted if (when!) we remove the implicit grant, since then these things don't make any sense anymore.
author Kim Alvefur <zash@zash.se>
date Tue, 02 May 2023 16:34:31 +0200
parents 368bf9b06484
children
line wrap: on
line source

local st = require "util.stanza";
local nodeprep = require "util.encodings".stringprep.nodeprep;

local block_users = module:get_option_set("block_registrations_users", {
	"abuse", "admin", "administrator", "hostmaster", "info", "news",
	"noc", "operator", "owner", "postmaster", "register", "registration",
	"root", "security", "service", "signup", "support", "sysadmin",
	"sysop", "system", "test", "trouble", "webmaster", "www", "xmpp",
});
local block_patterns = module:get_option_set("block_registrations_matching", {});
local require_pattern = module:get_option_string("block_registrations_require");

function is_blocked(username)
        -- Check if the username is simply blocked
        if block_users:contains(username) then return true; end

        for pattern in block_patterns do
                if username:find(pattern) then
                        return true;
                end
        end
        -- Not blocked, but check that username matches allowed pattern
        if require_pattern and not username:match(require_pattern) then
                return true;
        end
end

module:hook("user-registering", function(event)
        local username = event.username;
        if is_blocked(username) then
                event.allowed = false;
                return true;
        end
end, 10);