# HG changeset patch # User Marco Cirillo # Date 1335704746 0 # Node ID 6f0e0d6790a7a906df31591471fa6b2e25363ea1 # Parent 6b3606e0a6e7d9377d72806282d9149d47134629 mod_register_json: updated to current HTTP API. diff -r 6b3606e0a6e7 -r 6f0e0d6790a7 mod_register_json/mod_register_json.lua --- a/mod_register_json/mod_register_json.lua Sun Apr 29 12:47:20 2012 +0000 +++ b/mod_register_json/mod_register_json.lua Sun Apr 29 13:05:46 2012 +0000 @@ -9,67 +9,74 @@ local usermanager = require "core.usermanager" local b64_decode = require "util.encodings".base64.decode local json_decode = require "util.json".decode -local httpserver = require "net.httpserver" local os_time = os.time local nodeprep = require "util.encodings".stringprep.nodeprep -module.host = "*" -- HTTP/BOSH Servlets need to be global. +module:depends("http") +module:set_global() -- Pick up configuration. local set_realm_name = module:get_option_string("reg_servlet_realm", "Restricted") +local base_path = module:get_option_string("reg_servlet_base", "/register_account/") local throttle_time = module:get_option_number("reg_servlet_ttime", nil) local whitelist = module:get_option_set("reg_servlet_wl", {}) local blacklist = module:get_option_set("reg_servlet_bl", {}) -local ports = module:get_option_array("reg_servlet_ports", {{ port = 9280 }}) local recent_ips = {} -- Begin -local function http_response(code, message, extra_headers) - local response = { - status = code .. " " .. message, - body = message .. "\n" } - if extra_headers then response.headers = extra_headers end - return response +local function http_response(event, code, message, headers) + local response = event.response + + if headers then + for header, data in pairs(headers) do response.headers[header] = data end + end + + response.headers.content_type = "application/json" + response.status_code = code + response:send(message) end -local function handle_req(method, body, request) +local function handle_req(event) + local request = event.request + local body = request.body + if request.method ~= "POST" then - return http_response(405, "Bad method...", {["Allow"] = "POST"}) + return http_response(event, 405, "Bad method...", {["Allow"] = "POST"}) end if not request.headers["authorization"] then - return http_response(401, "No... No...", {["WWW-Authenticate"]='Basic realm="'.. set_realm_name ..'"'}) + return http_response(event, 401, "No... No...", {["WWW-Authenticate"]='Basic realm="'.. set_realm_name ..'"'}) end local user, password = b64_decode(request.headers.authorization:match("[^ ]*$") or ""):match("([^:]*):(.*)") user = jid_prep(user) - if not user or not password then return http_response(400, "What's this..?") end + if not user or not password then return http_response(event, 400, "What's this..?") end local user_node, user_host = jid_split(user) - if not hosts[user_host] then return http_response(401, "Negative.") end + if not hosts[user_host] then return http_response(event, 401, "Negative.") end module:log("warn", "%s is authing to submit a new user registration data", user) if not usermanager.test_password(user_node, user_host, password) then module:log("warn", "%s failed authentication", user) - return http_response(401, "Who the hell are you?! Guards!") + return http_response(event, 401, "Who the hell are you?! Guards!") end local req_body -- We check that what we have is valid JSON wise else we throw an error... if not pcall(function() req_body = json_decode(body) end) then module:log("debug", "JSON data submitted for user registration by %s failed to Decode.", user) - return http_response(400, "JSON Decoding failed.") + return http_response(event, 400, "JSON Decoding failed.") else -- Decode JSON data and check that all bits are there else throw an error req_body = json_decode(body) if req_body["username"] == nil or req_body["password"] == nil or req_body["host"] == nil or req_body["ip"] == nil then module:log("debug", "%s supplied an insufficent number of elements or wrong elements for the JSON registration", user) - return http_response(400, "Invalid syntax.") + return http_response(event, 400, "Invalid syntax.") end -- Check if user is an admin of said host if not usermanager.is_admin(user, req_body["host"]) then module:log("warn", "%s tried to submit registration data for %s but he's not an admin", user, req_body["host"]) - return http_response(401, "I obey only to my masters... Have a nice day.") + return http_response(event, 401, "I obey only to my masters... Have a nice day.") else -- Checks for both Throttling/Whitelist and Blacklist (basically copycatted from prosody's register.lua code) if blacklist:contains(req_body["ip"]) then module:log("warn", "Attempt of reg. submission to the JSON servlet from blacklisted address: %s", req_body["ip"]) ; return http_response(403, "The specified address is blacklisted, sorry sorry.") end @@ -92,21 +99,21 @@ if not usermanager.user_exists(username, req_body["host"]) then if not username then module:log("debug", "%s supplied an username containing invalid characters: %s", user, username) - return http_response(406, "Supplied username contains invalid characters, see RFC 6122.") + return http_response(event, 406, "Supplied username contains invalid characters, see RFC 6122.") else local ok, error = usermanager.create_user(username, req_body["password"], req_body["host"]) if ok then hosts[req_body["host"]].events.fire_event("user-registered", { username = username, host = req_body["host"], source = "mod_register_json", session = { ip = req_body["ip"] } }) module:log("debug", "%s registration data submission for %s@%s is successful", user, username, req_body["host"]) - return http_response(200, "Done.") + return http_response(event, 200, "Done.") else module:log("error", "user creation failed: "..error) - return http_response(500, "Encountered server error while creating the user: "..error) + return http_response(event 500, "Encountered server error while creating the user: "..error) end end else module:log("debug", "%s registration data submission for %s failed (user already exists)", user, username) - return http_response(409, "User already exists.") + return http_response(event, 409, "User already exists.") end end end @@ -114,17 +121,10 @@ -- Set it up! -function setup() - for id, options in ipairs(ports) do - if not options.port then - if not options.ssl then ports[id].port = 9280 - else ports[id].port = 9443 end - elseif options.port == 9280 and options.ssl then ports[id].port = 9443 end end - httpserver.new_from_config(ports, handle_req, { base = "register_account" }) -end - -if prosody.start_time then -- already started - setup() -else - module:hook("server-started", setup) -end +module:provides("http", { + default_path = base_path, + route = { + ["GET /"] = handle_req, + ["POST /"] = handle_req + } +})