apitech
/
prosody
mirror of https://github.com/bjc/prosody
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
IMPORTANT: due to a drive failure, as of 13-Mar-2021, the Mercurial repository had to be re-mirrored, which changed every commit SHA. The old SHAs and trees are backed up in the vault branches. Please migrate to the new branches as soon as you can.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
68 Commits
12 Branches
101 Tags
54 MiB
Tag: Branch: Tree: tls
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'tls'
${ noResults }
prosody/plugins/mod_legacyauth.lua

57 lines
2.1 KiB
Raw Permalink Normal View History Unescape

Huge commit to: * Break stanza routing (to be restored in a future commit) * Remove the old stanza_dispatcher code, which was never going to be maintainable nor extendable :) * Bring us plugins, starting with mod_legacyauth and mod_roster * Sessions are now created/destroyed using a standard sessionmanager interface
18 years ago
local st = require "util.stanza";
local send = require "core.sessionmanager".send_to_session;
local t_concat = table.concat;
add_iq_handler("c2s_unauthed", "jabber:iq:auth",
function (session, stanza)
local username = stanza.tags[1]:child_with_name("username");
local password = stanza.tags[1]:child_with_name("password");
local resource = stanza.tags[1]:child_with_name("resource");
if not (username and password and resource) then
local reply = st.reply(stanza);
send(session, reply:query("jabber:iq:auth")
:tag("username"):up()
:tag("password"):up()
:tag("resource"):up());
return true;
else
username, password, resource = t_concat(username), t_concat(password), t_concat(resource);
local reply = st.reply(stanza);
require "core.usermanager"
if usermanager.validate_credentials(session.host, username, password) then
-- Authentication successful!
SASL! (but before you get too excited, no resource binding yet. And yes, there are still plenty of rough edges to the code...) ((eg. must move <stream:features> out of xmlhandlers.lua o_O ))
18 years ago
local success, err = sessionmanager.make_authenticated(session, username);
if success then
success, err = sessionmanager.bind_resource(session, resource);
--FIXME: Reply with error
if not success then
local reply = st.reply(stanza);
reply.attr.type = "error";
if err == "conflict" then
reply:tag("error", { code = "409", type = "cancel" })
:tag("conflict", { xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas" });
elseif err == "constraint" then
reply:tag("error", { code = "409", type = "cancel" })
:tag("already-bound", { xmlns = "x-lxmppd:extensions:legacyauth" });
elseif err == "auth" then
reply:tag("error", { code = "401", type = "auth" })
:tag("not-authorized", { xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas" });
end
Small fix for sending stanzas in case of resource binding error
18 years ago
send(session, reply);
SASL! (but before you get too excited, no resource binding yet. And yes, there are still plenty of rough edges to the code...) ((eg. must move <stream:features> out of xmlhandlers.lua o_O ))
18 years ago
return true;
end
Huge commit to: * Break stanza routing (to be restored in a future commit) * Remove the old stanza_dispatcher code, which was never going to be maintainable nor extendable :) * Bring us plugins, starting with mod_legacyauth and mod_roster * Sessions are now created/destroyed using a standard sessionmanager interface
18 years ago
end
send(session, st.reply(stanza));
return true;
else
local reply = st.reply(stanza);
reply.attr.type = "error";
reply:tag("error", { code = "401", type = "auth" })
:tag("not-authorized", { xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas" });
dispatch_stanza(reply);
return true;
end
end
end);