Mercurial > prosody-modules
changeset 5752:c27eaa7117d6
mod_http_oauth2: Fire authentication events on login form
For e.g. mod_audit_auth to use.
A bit hacky because upon review many modules don't seem to handle the
lack of an XMPP session in the event payload.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 01 Dec 2023 22:40:41 +0100 |
| parents | d563a6b0dfb7 |
| children | 3730992d0c7c |
| files | mod_http_oauth2/mod_http_oauth2.lua |
| diffstat | 1 files changed, 15 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua Fri Dec 01 21:35:25 2023 +0100 +++ b/mod_http_oauth2/mod_http_oauth2.lua Fri Dec 01 22:40:41 2023 +0100 @@ -640,11 +640,26 @@ -- First step: login local username = encodings.stringprep.nodeprep(form.username); local password = encodings.stringprep.saslprep(form.password); + -- Many things hooked to authentication-{success,failure} don't expect + -- non-XMPP sessions so here's something close enough... + local auth_event = { + session = { + type = "http"; + ip = request.ip; + conn = request.conn; + username = username; + host = module.host; + sasl_handler = { username = username; selected = "x-www-form" }; + client_id = request.headers.user_agent; + }; + }; if not (username and password) or not usermanager.test_password(username, module.host, password) then + module:fire_event("authentication-failure", auth_event); return { error = "Invalid username/password"; }; end + module:fire_event("authentication-success", auth_event); return { user = { username = username;