aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
Diffstat (limited to 'plugins')
-rw-r--r--plugins/mod_auth_internal.lua21
-rw-r--r--plugins/mod_auth_internal_hashed.lua17
2 files changed, 34 insertions, 4 deletions
diff --git a/plugins/mod_auth_internal.lua b/plugins/mod_auth_internal.lua
index 78a75a1d..0fc6e487 100644
--- a/plugins/mod_auth_internal.lua
+++ b/plugins/mod_auth_internal.lua
@@ -16,6 +16,8 @@ local hashes = require "util.hashes";
local jid_bare = require "util.jid".bare;
local config = require "core.configmanager";
local usermanager = require "core.usermanager";
+local new_sasl = require "util.sasl".new;
+local nodeprep = require "util.encodings".stringprep.nodeprep;
local hosts = hosts;
local prosody = _G.prosody;
@@ -73,8 +75,23 @@ function new_default_provider(host)
return datamanager.store(username, host, "accounts", {password = password});
end
- function provider.get_supported_methods()
- return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config
+ function provider.get_sasl_handler()
+ local realm = module:get_option("sasl_realm") or origin.host;
+ local getpass_authentication_profile = {
+ plain = function(username, realm)
+ local prepped_username = nodeprep(username);
+ if not prepped_username then
+ log("debug", "NODEprep failed on username: %s", username);
+ return "", nil;
+ end
+ local password = usermanager.get_password(prepped_username, realm);
+ if not password then
+ return "", nil;
+ end
+ return password, true;
+ end
+ };
+ return new_sasl(realm, getpass_authentication_profile);
end
function provider.is_admin(jid)
diff --git a/plugins/mod_auth_internal_hashed.lua b/plugins/mod_auth_internal_hashed.lua
index e2c423f2..1741a05a 100644
--- a/plugins/mod_auth_internal_hashed.lua
+++ b/plugins/mod_auth_internal_hashed.lua
@@ -18,6 +18,8 @@ local saltedPasswordSHA1 = require "util.sasl.scram".saltedPasswordSHA1;
local config = require "core.configmanager";
local usermanager = require "core.usermanager";
local generate_uuid = require "util.uuid".generate;
+local new_sasl = require "util.sasl".new;
+local nodeprep = require "util.encodings".stringprep.nodeprep;
local hosts = hosts;
local prosody = _G.prosody;
@@ -105,8 +107,19 @@ function new_hashpass_provider(host)
return datamanager.store(username, host, "accounts", {hashpass = hexpass, salt = salt, iteration_count = iteration_count});
end
- function provider.get_supported_methods()
- return {["PLAIN"] = true}; -- TODO this should be taken from the config
+ function provider.get_sasl_handler()
+ local realm = module:get_option("sasl_realm") or origin.host;
+ local testpass_authentication_profile = {
+ plain_test = function(username, password, realm)
+ local prepped_username = nodeprep(username);
+ if not prepped_username then
+ log("debug", "NODEprep failed on username: %s", username);
+ return "", nil;
+ end
+ return usermanager.test_password(prepped_username, password, realm), true;
+ end
+ };
+ return new_sasl(realm, testpass_authentication_profile);
end
function provider.is_admin(jid)