Mercurial > prosody-modules

view mod_unsubscriber/mod_unsubscriber.lua @ 5264:d3ebaef1ea7a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Correctly verify OAuth client credentials on revocation Makes no sense to validate against username and password here, or using a token to revoke another token, or itself? In fact, upon further discussion, why do you need credentials to revoke a token? If you are not supposed to have the token, revoking it seems the most responsible thing to do with it, so it should be allowed, while if you are supposed to have it, you should be allowed to revoke it.
author Kim Alvefur <zash@zash.se>
date Tue, 21 Mar 2023 21:57:18 +0100
parents e00dc913d965
children
line wrap: on
line source

assert(module:get_host_type() == "component", "This module should be loaded as a Component");

local st = require "util.stanza";

module:hook("presence/bare", function(event)
	local origin, stanza = event.origin, event.stanza;
	if stanza.attr.type == "probe" then
		-- they are subscribed and want our current presence
		-- tell them we denied their subscription
		local reply = st.reply(stanza)
		reply.attr.type = "unsubcribed";
		origin.send(reply);
		return true;
	elseif stanza.attr.type == nil then
		-- they think we are subscribed and sent their current presence
		-- tell them we unsubscribe
		local reply = st.reply(stanza)
		reply.attr.type = "unsubcribe";
		origin.send(reply);
		return true;
	end
	-- fall trough to default error
end);