Mercurial > prosody-modules
changeset 1421:295c30e44ba8
mod_auth_http_async: Async HTTP auth module
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 29 May 2014 17:46:42 +0200 |
| parents | 808950ab007b |
| children | c3882787ae06 |
| files | mod_auth_http_async/mod_auth_http_async.lua |
| diffstat | 1 files changed, 75 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_auth_http_async/mod_auth_http_async.lua Thu May 29 17:46:42 2014 +0200 @@ -0,0 +1,75 @@ +-- Prosody IM +-- Copyright (C) 2008-2013 Matthew Wild +-- Copyright (C) 2008-2013 Waqas Hussain +-- Copyright (C) 2014 Kim Alvefur +-- +-- This project is MIT/X11 licensed. Please see the +-- COPYING file in the source package for more information. +-- + +local usermanager = require "core.usermanager"; +local new_sasl = require "util.sasl".new; +local base64 = require "util.encodings".base64.encode; +local waiter =require "util.async".waiter; +local http = require "net.http"; + +local log = module._log; +local host = module.host; + +local api_base = module:get_option_string("http_auth_url", ""):gsub("$host", host); +if api_base == "" then error("http_auth_url required") end + +local provider = {}; + +function provider.test_password(username, password) + log("debug", "test password for user %s at host %s", username, host); + + local wait, done = waiter(); + + local code = -1; + http.request(api_base:gsub("$user", username), { + headers = { + Authorization = "Basic "..base64(username..":"..password); + }; + }, + function(body, _code) + code = _code; + done(); + end); + + wait(); + + if code >= 200 and code <= 299 then + return true; + else + module:log("debug", "HTTP auth provider returned status code %d", code); + return nil, "Auth failed. Invalid username or password."; + end +end + +function provider.set_password(username, password) + return nil, "Changing passwords not supported"; +end + +function provider.user_exists(username) + return true; +end + +function provider.create_user(username, password) + return nil, "User creation not supported"; +end + +function provider.delete_user(username) + return nil , "User deletion not supported"; +end + +function provider.get_sasl_handler() + return new_sasl(host, { + plain_test = function(sasl, username, password, realm) + return usermanager.test_password(username, realm, password), true; + end + }); +end + +module:provides("auth", provider); +