Mercurial > prosody-modules
view mod_password_reset/mod_password_reset.lua @ 4942:e7b9bc629ecc
mod_rest: Add special handling to catch MAM results from remote hosts
Makes MAM queries to remote hosts works.
As the comment says, MAM results from users' local archives or local
MUCs are returned via origin.send() which is provided in the event and
thus already worked. Results from remote hosts go via normal stanza
routing and events, which need this extra handling to catch.
This pattern of iq-set, message+, iq-result is generally limited to MAM.
Closest similar thing might be MUC join, but to really handle that you
would need the webhook callback mechanism.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 16 May 2022 19:47:09 +0200 |
parents | 7fc6a63c3bd0 |
children | 75b6e5df65f9 |
line wrap: on
line source
local adhoc_new = module:require "adhoc".new; local adhoc_simple_form = require "util.adhoc".new_simple_form; local new_token = require "util.id".long; local new_error_id = require "util.id".short; local jid_prepped_split = require "util.jid".prepped_split; local http_formdecode = require "net.http".formdecode; local usermanager = require "core.usermanager"; local dataforms_new = require "util.dataforms".new; local st = require "util.stanza"; local apply_template = require"util.interpolation".new("%b{}", st.xml_escape); local reset_tokens = module:open_store(); local max_token_age = module:get_option_number("password_reset_validity", 86400); local serve; if not pcall(function () local http_files = require "net.http.files"; serve = http_files.serve; end) then serve = module:depends"http_files".serve; end module:depends("adhoc"); module:depends("http"); local password_policy = module:depends("password_policy"); local form_template = assert(module:load_resource("password_reset/password_reset.html")):read("*a"); local result_template = assert(module:load_resource("password_reset/password_result.html")):read("*a"); function generate_page(event) local request, response = event.request, event.response; local token = request.url.query; local reset_info = token and reset_tokens:get(token); response.headers.content_type = "text/html; charset=utf-8"; if not reset_info or os.difftime(os.time(), reset_info.generated_at) > max_token_age then module:log("warn", "Expired token: %s", token or "<none>"); return apply_template(result_template, { classes = "alert-danger", message = "This link has expired." }) end return apply_template(form_template, { jid = reset_info.user.."@"..module.host; token = token; min_password_length = password_policy.get_policy().length; }); end function handle_form(event) local request, response = event.request, event.response; local form_data = http_formdecode(request.body); local password, token = form_data["password"], form_data["token"]; local reset_info = reset_tokens:get(token); response.headers.content_type = "text/html; charset=utf-8"; if not reset_info or os.difftime(os.time(), reset_info.generated_at) > max_token_age then return apply_template(result_template, { classes = "alert-danger", message = "This link has expired." }) end local policy_ok, policy_err = password_policy.check_password(password); if not policy_ok then return apply_template(form_template, { classes = "alert-danger", message = "Unsuitable password: "..policy_err; jid = reset_info.user.."@"..module.host; token = token; min_password_length = password_policy.get_policy().length; }) end local ok, err = usermanager.set_password(reset_info.user, password, module.host); if ok then reset_tokens:set(token, nil); return apply_template(result_template, { classes = "alert-success", message = "Your password has been updated! Happy chatting :)" }) else local error_id = new_error_id(); module:log("warn", "Resetting password for %s failed: %s [%s]", reset_info.user, err, error_id); return apply_template(result_template, { classes = "alert-danger"; message = "An unknown error has occurred. Please contact your administrator and quote error id '"..error_id.."'"; }) end end module:provides("http", { route = { ["GET /bootstrap.min.css"] = serve(module:get_directory() .. "/password_reset/bootstrap.min.css"); ["GET /reset"] = generate_page; ["POST /reset"] = handle_form; }; }); -- Changing a user's password local reset_password_layout = dataforms_new{ title = "Generate password reset link"; instructions = "Please enter the details of the user who needs a reset link."; { name = "FORM_TYPE", type = "hidden", value = "http://prosody.im/protocol/adhoc/mod_password_reset" }; { name = "accountjid", type = "jid-single", required = true, label = "JID" }; }; local reset_command_handler = adhoc_simple_form(reset_password_layout, function (data, errors) if errors then local errmsg = {}; for name, text in pairs(errors) do errmsg[#errmsg + 1] = name .. ": " .. text; end return { status = "completed", error = { message = table.concat(errmsg, "\n") } }; end local jid = data.accountjid; local user, host = jid_prepped_split(jid); if host ~= module.host then return { status = "completed"; error = { message = "You may only generate password reset links for users on "..module.host.."." }; }; end local token = new_token(); reset_tokens:set(token, { generated_at = os.time(); user = user; }); return { info = module:http_url() .. "/reset?" .. token, status = "completed" }; end); local adhoc_reset = adhoc_new( "Generate password reset link", "password_reset", reset_command_handler, "admin" ); module:add_item("adhoc", adhoc_reset);