Mercurial > prosody-modules

view mod_auth_token/mod_auth_token.lua @ 3571:f5ea0b886c7c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_storage_xmlarchive: Limit search to smallest time range in case of inexact match This should improve performance in case the exact days in the 'start' and 'end' range are missing from the index.
author Kim Alvefur <zash@zash.se>
date Fri, 03 May 2019 18:59:38 +0200
parents d0ca211e1b0e
children 0fb12a4b6106
line wrap: on
line source

-- Copyright (C) 2018 Minddistrict
--
-- This file is MIT/X11 licensed.
--

local host = module.host;
local log = module._log;
local new_sasl = require "util.sasl".new;
local verify_token = module:require "token_auth_utils".verify_token;

local provider = {};


function provider.test_password(username, password, realm)
	log("debug", "Testing signed OTP for user %s at host %s", username, host);
	return verify_token(
		username,
		password,
		realm,
		module:get_option_string("otp_seed"),
		module:get_option_string("token_secret"),
		log
	);
end

function provider.users()
	return function()
		return nil;
	end
end

function provider.set_password(username, password)
	return nil, "Changing passwords not supported";
end

function provider.user_exists(username)
	return true;
end

function provider.create_user(username, password)
	return nil, "User creation not supported";
end

function provider.delete_user(username)
	return nil , "User deletion not supported";
end

function provider.get_sasl_handler()
	local supported_mechanisms = {};
	supported_mechanisms["X-TOKEN"] = true;
	return new_sasl(host, {
		token = function(sasl, username, password, realm)
			return provider.test_password(username, password, realm), true;
		end,
        mechanisms = supported_mechanisms
	});
end

module:provides("auth", provider);