diff options
Diffstat (limited to 'core/usermanager.lua')
-rw-r--r-- | core/usermanager.lua | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/core/usermanager.lua b/core/usermanager.lua index 6b19b651..698d2f10 100644 --- a/core/usermanager.lua +++ b/core/usermanager.lua @@ -14,11 +14,17 @@ local ipairs = ipairs; local hashes = require "util.hashes"; local jid_bare = require "util.jid".bare; local config = require "core.configmanager"; +local hosts = hosts; + +local require_provisioning = config.get("*", "core", "cyrus_require_provisioning") or false; module "usermanager" +local function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end + function validate_credentials(host, username, password, method) log("debug", "User '%s' is being validated", username); + if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end local credentials = datamanager.load(username, host, "accounts") or {}; if method == nil then method = "PLAIN"; end @@ -48,14 +54,27 @@ function validate_credentials(host, username, password, method) end function get_password(username, host) - return (datamanager.load(username, host, "accounts") or {}).password + if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end + return (datamanager.load(username, host, "accounts") or {}).password +end +function set_password(username, host, password) + if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end + local account = datamanager.load(username, host, "accounts"); + if account then + account.password = password; + return datamanager.store(username, host, "accounts", account); + end + return nil, "Account not available."; end function user_exists(username, host) - return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials + if not(require_provisioning) and is_cyrus(host) then return true; end + local account, err = datamanager.load(username, host, "accounts"); + return (account or err) ~= nil; -- FIXME also check for empty credentials end function create_user(username, password, host) + if not(require_provisioning) and is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end return datamanager.store(username, host, "accounts", {password = password}); end |