42 local function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end |
42 local function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end |
43 |
43 |
44 function new_default_provider(host) |
44 function new_default_provider(host) |
45 local provider = { name = "default" }; |
45 local provider = { name = "default" }; |
46 |
46 |
47 function provider:test_password(username, password) |
47 function provider.test_password(username, password) |
48 if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end |
48 if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end |
49 local credentials = datamanager.load(username, host, "accounts") or {}; |
49 local credentials = datamanager.load(username, host, "accounts") or {}; |
50 |
50 |
51 if password == credentials.password then |
51 if password == credentials.password then |
52 return true; |
52 return true; |
53 else |
53 else |
54 return nil, "Auth failed. Invalid username or password."; |
54 return nil, "Auth failed. Invalid username or password."; |
55 end |
55 end |
56 end |
56 end |
57 |
57 |
58 function provider:get_password(username) |
58 function provider.get_password(username) |
59 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end |
59 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end |
60 return (datamanager.load(username, host, "accounts") or {}).password; |
60 return (datamanager.load(username, host, "accounts") or {}).password; |
61 end |
61 end |
62 |
62 |
63 function provider:set_password(username, password) |
63 function provider.set_password(username, password) |
64 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end |
64 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end |
65 local account = datamanager.load(username, host, "accounts"); |
65 local account = datamanager.load(username, host, "accounts"); |
66 if account then |
66 if account then |
67 account.password = password; |
67 account.password = password; |
68 return datamanager.store(username, host, "accounts", account); |
68 return datamanager.store(username, host, "accounts", account); |
69 end |
69 end |
70 return nil, "Account not available."; |
70 return nil, "Account not available."; |
71 end |
71 end |
72 |
72 |
73 function provider:user_exists(username) |
73 function provider.user_exists(username) |
74 if is_cyrus(host) then return true; end |
74 if is_cyrus(host) then return true; end |
75 return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials |
75 return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials |
76 end |
76 end |
77 |
77 |
78 function provider:create_user(username, password) |
78 function provider.create_user(username, password) |
79 if is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end |
79 if is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end |
80 return datamanager.store(username, host, "accounts", {password = password}); |
80 return datamanager.store(username, host, "accounts", {password = password}); |
81 end |
81 end |
82 |
82 |
83 function provider:get_supported_methods() |
83 function provider.get_supported_methods() |
84 return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config |
84 return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config |
85 end |
85 end |
86 |
86 |
87 function provider:is_admin(jid) |
87 function provider.is_admin(jid) |
88 local admins = config.get(host, "core", "admins"); |
88 local admins = config.get(host, "core", "admins"); |
89 if admins ~= config.get("*", "core", "admins") then |
89 if admins ~= config.get("*", "core", "admins") then |
90 if type(admins) == "table" then |
90 if type(admins) == "table" then |
91 jid = jid_bare(jid); |
91 jid = jid_bare(jid); |
92 for _,admin in ipairs(admins) do |
92 for _,admin in ipairs(admins) do |
100 end |
100 end |
101 return provider; |
101 return provider; |
102 end |
102 end |
103 |
103 |
104 function validate_credentials(host, username, password, method) |
104 function validate_credentials(host, username, password, method) |
105 return hosts[host].users:test_password(username, password); |
105 return hosts[host].users.test_password(username, password); |
106 end |
106 end |
107 |
107 |
108 function get_password(username, host) |
108 function get_password(username, host) |
109 return hosts[host].users:get_password(username); |
109 return hosts[host].users.get_password(username); |
110 end |
110 end |
111 |
111 |
112 function set_password(username, host, password) |
112 function set_password(username, host, password) |
113 return hosts[host].users:set_password(username, password); |
113 return hosts[host].users.set_password(username, password); |
114 end |
114 end |
115 |
115 |
116 function user_exists(username, host) |
116 function user_exists(username, host) |
117 return hosts[host].users:user_exists(username); |
117 return hosts[host].users.user_exists(username); |
118 end |
118 end |
119 |
119 |
120 function create_user(username, password, host) |
120 function create_user(username, password, host) |
121 return hosts[host].users:create_user(username, password); |
121 return hosts[host].users.create_user(username, password); |
122 end |
122 end |
123 |
123 |
124 function get_supported_methods(host) |
124 function get_supported_methods(host) |
125 return hosts[host].users:get_supported_methods(); |
125 return hosts[host].users.get_supported_methods(); |
126 end |
126 end |
127 |
127 |
128 function is_admin(jid, host) |
128 function is_admin(jid, host) |
129 if host and host ~= "*" then |
129 if host and host ~= "*" then |
130 return hosts[host].users:is_admin(jid); |
130 return hosts[host].users.is_admin(jid); |
131 else -- Test only whether this JID is a global admin |
131 else -- Test only whether this JID is a global admin |
132 local admins = config.get("*", "core", "admins"); |
132 local admins = config.get("*", "core", "admins"); |
133 if type(admins) == "table" then |
133 if type(admins) == "table" then |
134 jid = jid_bare(jid); |
134 jid = jid_bare(jid); |
135 for _,admin in ipairs(admins) do |
135 for _,admin in ipairs(admins) do |