diff options
Diffstat (limited to 'plugins/mod_auth_anonymous.lua')
| -rw-r--r-- | plugins/mod_auth_anonymous.lua | 71 |
1 files changed, 37 insertions, 34 deletions
diff --git a/plugins/mod_auth_anonymous.lua b/plugins/mod_auth_anonymous.lua index 9d0896e5..c877d532 100644 --- a/plugins/mod_auth_anonymous.lua +++ b/plugins/mod_auth_anonymous.lua @@ -6,63 +6,66 @@ -- COPYING file in the source package for more information. -- -local log = require "util.logger".init("auth_anonymous"); local new_sasl = require "util.sasl".new; local datamanager = require "util.datamanager"; +local hosts = prosody.hosts; -function new_default_provider(host) - local provider = { name = "anonymous" }; +-- define auth provider +local provider = {}; - function provider.test_password(username, password) - return nil, "Password based auth not supported."; - end +function provider.test_password(username, password) + return nil, "Password based auth not supported."; +end - function provider.get_password(username) - return nil, "Password not available."; - end +function provider.get_password(username) + return nil, "Password not available."; +end - function provider.set_password(username, password) - return nil, "Password based auth not supported."; - end +function provider.set_password(username, password) + return nil, "Password based auth not supported."; +end - function provider.user_exists(username) - return nil, "Only anonymous users are supported."; -- FIXME check if anonymous user is connected? - end +function provider.user_exists(username) + return nil, "Only anonymous users are supported."; -- FIXME check if anonymous user is connected? +end - function provider.create_user(username, password) - return nil, "Account creation/modification not supported."; - end +function provider.create_user(username, password) + return nil, "Account creation/modification not supported."; +end - function provider.get_sasl_handler() - local realm = module:get_option("sasl_realm") or module.host; - local anonymous_authentication_profile = { - anonymous = function(sasl, username, realm) - return true; -- for normal usage you should always return true here - end - }; - return new_sasl(realm, anonymous_authentication_profile); - end +function provider.get_sasl_handler() + local anonymous_authentication_profile = { + anonymous = function(sasl, username, realm) + return true; -- for normal usage you should always return true here + end + }; + return new_sasl(module.host, anonymous_authentication_profile); +end - return provider; +function provider.users() + return next, hosts[host].sessions, nil; end +-- datamanager callback to disable writes local function dm_callback(username, host, datastore, data) if host == module.host then return false; end return username, host, datastore, data; end -local host = hosts[module.host]; -local _saved_disallow_s2s = host.disallow_s2s; + +if not module:get_option_boolean("allow_anonymous_s2s", false) then + module:hook("route/remote", function (event) + return false; -- Block outgoing s2s from anonymous users + end, 300); +end + function module.load() - _saved_disallow_s2s = host.disallow_s2s; - host.disallow_s2s = module:get_option("disallow_s2s") ~= false; datamanager.add_callback(dm_callback); end function module.unload() - host.disallow_s2s = _saved_disallow_s2s; datamanager.remove_callback(dm_callback); end -module:add_item("auth-provider", new_default_provider(module.host)); +module:provides("auth", provider); |