Mercurial > prosody-modules

view mod_register_web/mod_register_web.lua @ 737:e4ea03b060ed

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_archive: switch from/to The XEP-0136 is not very explicit about the meening of <from> and <to> elements, but the examples are clear: <from> means it comes from the user in the 'with' attribute of the collection. That is the opposite of what is currently implemented in that module. So for better compatibility with complient clients, this switch the 'from' and 'to' fields
author Olivier Goffart <ogoffart@woboq.com>
date Wed, 04 Jul 2012 14:08:43 +0200
parents c08b0e4b7b38
children 03595194075a
line wrap: on
line source

local captcha_options = module:get_option("captcha_options", {});

function generate_captcha(display_options)
	return (([[
		<script type="text/javascript"
     		src="http://www.google.com/recaptcha/api/challenge?k=$$recaptcha_public_key$$">
  		</script>
  		<noscript>
     		<iframe src="http://www.google.com/recaptcha/api/noscript?k=$$recaptcha_public_key$$$$recaptcha_display_error$$"
         		height="300" width="500" frameborder="0"></iframe><br>
     		<textarea name="recaptcha_challenge_field" rows="3" cols="40">
     		</textarea>
     		<input type="hidden" name="recaptcha_response_field"
         		value="manual_challenge">
  		</noscript>
  	]]):gsub("$$([^$]+)$%$", setmetatable({
  		recaptcha_display_error = display_options and display_options.recaptcha_error
  			and ("&error="..display_options.recaptcha_error) or "";
  	}, {
  		__index = function (t, k)
  			if captcha_options[k] then return captcha_options[k]; end
  			module:log("error", "Missing parameter from captcha_options: %s", k);
  		end })
  	));
end

function generate_page(event, display_options)
	local request = event.request;
	return [[<!DOCTYPE html>
	<html><body>
	<h1>XMPP Account Registration</h1>
	<form action="]]..request.path..[[" method="POST">]]
	..("<p>%s</p>\n"):format((display_options or {}).register_error or "")..
	[[	<table>
		<tr>
			<td>Username:</td>
			<td><input type="text" name="username">@server</td>
		</tr>
		<tr>
			<td>Password:</td>
			<td><input type="password" name="password"></td>
		</tr>
		<tr>
			<td colspan='2'>]]..generate_captcha(display_options)..[[</td>
		</tr>
		</table>
		<input type="submit" value="Register!">
	</form>
	</body></html>]];
end

function register_user(form)
	if usermanager.user_exists(form.username, module.host) then
		return nil, "user-exists";
	end
	return usermanager.create_user(form.username, form.password, module.host);
end

function generate_success(event, form)
	return [[<!DOCTYPE html>
	<html><body><p>Registration succeeded! Your account is <pre>]]
		..form.username.."@"..module.host..
	[[</pre> - happy chatting!</p></body></html>]];
end

function generate_register_response(event, form, ok, err)
	local message;
	if ok then
		return generate_success(event, form);
	else
		return generate_page(event, { register_error = err });
	end
end

function handle_form(event)
	local request, response = event.request, event.response;
	local form = http.formdecode(request.body);
	http.request("http://www.google.com/recaptcha/api/verify", {
		body = http.formencode {
			privatekey = captcha_options.recaptcha_private_key;
			remoteip = request.conn:ip();
			challenge = form.recaptcha_challenge_field;
			response = form.recaptcha_response_field;
		};
	}, function (verify_result, code)
		local verify_ok, verify_err = verify_result:match("^([^\n]+)\n([^\n]+)");
		if verify_ok == "true" then
			local register_ok, register_err = register_user(form);
			response:send(generate_register_response(event, form, register_ok, register_err));
		else
			response:send(generate_page(event, { register_error = verify_err }));
		end
	end);
	return true; -- Leave connection open until we respond above
end

module:provides("http", {
	route = {
		GET = generate_page;
		POST = handle_form;
	};
});