Mercurial > prosody-modules

view mod_welcome_page/mod_welcome_page.lua @ 5646:d67980d9e12d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Apply refresh token ttl to refresh token instead of grant The intent in 59d5fc50f602 was for refresh tokens to extend the lifetime of the grant, but the refresh token ttl was applied to the grant and mod_tokenauth does not change it, leading to the grant expiring regardless of refresh token usage. This makes grant lifetimes unlimited, which seems to be standard practice in the wild.
author Kim Alvefur <zash@zash.se>
date Mon, 11 Sep 2023 10:48:31 +0200
parents 75b6e5df65f9
children
line wrap: on
line source

local st = require "util.stanza";
local url_escape = require "util.http".urlencode;
local render_html_template = require"util.interpolation".new("%b{}", st.xml_escape, {
	urlescape = url_escape;
});

local template_path = module:get_option_string("welcome_page_template_path", module:get_directory().."/html");
local user_vars = module:get_option("welcome_page_variables", {});
local site_name = module:get_option("site_name", module.host);
local invite_only = module:get_option_boolean("registration_invite_only", true);
local open_registration = module:get_option_boolean("welcome_page_open_registration", not invite_only);

module:depends("http");
module:depends("http_libjs");
local invites = module:depends("invites");

local function load_template(path)
	local template_file, err = io.open(path);
	if not template_file then
		error("Unable to load template file: "..tostring(err));
	end
	local template = template_file:read("*a");
	template_file:close();
	return template;
end

local template = load_template(template_path.."/index.html");

local function serve_page(event)
	event.response.headers["Content-Type"] = "text/html; charset=utf-8";
	return render_html_template(template, {
		site_name = site_name;
		request = event.request;
		var = user_vars;
	});
end

local function handle_submit(event)
	local submission = { allowed = open_registration, request = event.request };
	module:fire_event("mod_welcome_page/submission", submission);
	if not submission.allowed then
		event.response.headers["Content-Type"] = "text/html; charset=utf-8";
		return render_html_template(template, {
			site_name = site_name;
			request = event.request;
			var = user_vars;
			message = {
				class = "alert-danger";
				text = submission.reason or "Account creation is not possible at this time";
			};
		});
	end

	local invite = invites.create_account(nil, { source = module.name });
	if not invite then
		return 500;
	end

	event.response.headers.Location = invite.landing_page or invite.uri;

	return 303;
end

local http_files
if prosody.process_type == "prosody" then
	-- Prosody >= 0.12
	http_files = require "net.http.files";
else
	-- Prosody <= 0.11
	http_files = module:depends "http_files";
end

module:provides("http", {
	default_path = "/";
	route = {
		["GET"] = serve_page;
		["GET /*"] = http_files.serve({ path = template_path });
		["POST"] = handle_submit;
	};
});