Mercurial > prosody-modules
view mod_c2s_limit_sessions/mod_c2s_limit_sessions.lua @ 5265:f845c218e52c
mod_http_oauth2: Allow revoking a token without OAuth client credentials
If you have a valid token, and you're not supposed to have it, revoking
it seems the most responsible thing to do with it, so it should be
allowed, while if you are supposed to have it, you should also be
allowed to revoke it.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Tue, 21 Mar 2023 22:02:38 +0100 |
parents | f581210093a7 |
children |
line wrap: on
line source
-- mod_c2s_limit_sessions local next, count = next, require "util.iterators".count; local max_resources = module:get_option_number("max_resources", 10); local sessions = hosts[module.host].sessions; module:hook("resource-bind", function(event) local session = event.session; if count(next, sessions[session.username].sessions) > max_resources then session:close{ condition = "policy-violation", text = "Too many resources" }; return false end end, -1);