Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | usermanager, mod_auth_internal_hashed: Support metadata when disabling a user | Matthew Wild | 2023-11-30 | 1 | -1/+2 |
| | | | | | This allows us to store a time, actor, comment and/or reason why an account was disabled, which seems a generally useful thing to support. | ||||
* | plugins: Use integer config API with interval specification where sensible | Kim Alvefur | 2023-07-17 | 1 | -1/+1 |
| | | | | | | | Many of these fall into a few categories: - util.cache size, must be >= 1 - byte or item counts that logically can't be negative - port numbers that should be in 1..0xffff | ||||
* | plugins: Use get_option_enum where appropriate | Kim Alvefur | 2021-01-16 | 1 | -1/+1 |
| | |||||
* | plugins: Prefix module imports with prosody namespace | Kim Alvefur | 2023-03-24 | 1 | -6/+6 |
| | |||||
* | mod_auth_internal_hashed: Shorten call path | Kim Alvefur | 2023-03-18 | 1 | -3/+2 |
| | | | | | Why did it call a function defined in the same module through usermanager? | ||||
* | mod_auth_internal_hashed: Record time of account disable / re-enable | Kim Alvefur | 2023-03-12 | 1 | -0/+2 |
| | | | | Could be useful for e.g. #1772 | ||||
* | mod_auth_internal_hashed: Add oauthbearer handler to our SASL profile | Matthew Wild | 2023-03-01 | 1 | -1/+4 |
| | |||||
* | mod_auth_internal_hashed: Implement methods to enable and disable users | Kim Alvefur | 2023-02-23 | 1 | -4/+9 |
| | |||||
* | mod_auth_internal_hashed: Implement is_enabled() method | Kim Alvefur | 2023-02-23 | 1 | -3/+5 |
| | | | | Uses 'disabled' property already introduced in aed38948791f | ||||
* | mod_auth_internal_hashed: Add stub methods for enabling and disabling users | Kim Alvefur | 2023-02-22 | 1 | -0/+8 |
| | | | | But how and where? | ||||
* | mod_auth_internal_hashed: Refactor to prepare for disabling users | Kim Alvefur | 2023-02-22 | 1 | -2/+7 |
| | | | | | | Moving this out will make space for a dynamic check whether a particular user is disabled or not, which is one possible response to abuse of account privileges. | ||||
* | mod_auth_internal_hashed: Allow creating disabled account without password | Kim Alvefur | 2022-08-18 | 1 | -2/+2 |
| | | | | | Otherwise, create_user(username, nil) leads to the account being deleted. | ||||
* | usermanager, mod_auth_*: Add get_account_info() returning creation/update time | Matthew Wild | 2022-07-12 | 1 | -1/+13 |
| | | | | | | | This is useful for a number of things. For example, listing users that need to rotate their passwords after some event. It also provides a safer way for code to determine that a user password has changed without needing to set a handler for the password change event (which is a more fragile approach). | ||||
* | util.hex: Deprecate to/from in favour of encode/decode, for consistency! | Matthew Wild | 2022-03-04 | 1 | -1/+1 |
| | |||||
* | mod_auth_internal_hashed: Up iteration count to 10000 per XEP-0438 | Kim Alvefur | 2021-12-26 | 1 | -1/+1 |
| | | | | | | | | More security for less pain than switching to SCRAM-SHA-256 The XEP will likely be change to reference the RFC that will probably come from draft-ietf-kitten-password-storage once it is ready, and then we should update to follow that. | ||||
* | mod_auth_internal_hashed: Make SCRAM iteration count configurable | Kim Alvefur | 2021-12-26 | 1 | -1/+1 |
| | |||||
* | Merge 0.11->trunk | Matthew Wild | 2021-05-13 | 1 | -2/+3 |
|\ | |||||
| * | mod_auth_internal_{plain,hashed}: Use constant-time string comparison for ↵ | Matthew Wild | 2021-05-10 | 1 | -2/+3 |
| | | | | | | | | secrets | ||||
* | | Merge 0.11->trunk | Kim Alvefur | 2020-06-06 | 1 | -1/+6 |
|\| | |||||
| * | mod_auth_internal_*: Apply saslprep to passwords | Kim Alvefur | 2020-05-23 | 1 | -1/+6 |
| | | | | | | | | Related to #1560 | ||||
* | | Merge 0.11->trunk | Kim Alvefur | 2019-12-24 | 1 | -6/+8 |
|\ \ | |/ |/| | |||||
| * | mod_auth_internal_hashed: Precompute SCRAM authentication profile name ↵ | Kim Alvefur | 2019-08-22 | 1 | -1/+2 |
| | | | | | | | | (thanks MattJ) | ||||
| * | mod_auth_internal_hashed: Add support for optionally using SCRAM-SHA-256 ↵ | Kim Alvefur | 2019-01-13 | 1 | -6/+7 |
| | | | | | | | | | | | | | | instead of SHA-1 This will currently require a hard reset of all passwords back to plain. This will be least painful on new deployments. | ||||
* | | mod_auth_internal_hashed: Pass on errors from password hash function (fixes ↵ | Kim Alvefur | 2019-12-23 | 1 | -0/+6 |
|/ | | | | #1477) | ||||
* | core.usermanager, various modules: Disconnect other resources on password ↵ | Kim Alvefur | 2017-07-28 | 1 | -1/+3 |
| | | | | change (thanks waqas) (fixes #512) | ||||
* | mod_auth_internal_hashed: Split long lines [luacheck] | Kim Alvefur | 2017-04-04 | 1 | -2/+6 |
| | |||||
* | mod_auth_internal_hashed: Rename unused 'self' to _ [luacheck] | Kim Alvefur | 2017-04-04 | 1 | -2/+2 |
| | |||||
* | mod_auth_internal_hashed: Use util.hex | Kim Alvefur | 2015-05-18 | 1 | -19/+2 |
| | |||||
* | mod_auth_interal_hashed: Update salt and iteration count when setting a new ↵ | Florian Zeitz | 2014-02-12 | 1 | -5/+7 |
| | | | | password | ||||
* | mod_auth_internal_hashed: Log calls to provider methods and be consistent ↵ | Kim Alvefur | 2013-08-10 | 1 | -2/+4 |
| | | | | with mod_auth_internal_plain | ||||
* | mod_auth_internal_hashed: Use logger setup by moduleapi instead of going for ↵ | Kim Alvefur | 2013-08-10 | 1 | -1/+2 |
| | | | | util.logger directly | ||||
* | mod_auth_internal_hashed: Remove this 'initializing' message too | Kim Alvefur | 2013-08-10 | 1 | -1/+0 |
| | |||||
* | Remove all trailing whitespace | Florian Zeitz | 2013-08-09 | 1 | -6/+6 |
| | |||||
* | mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, ↵ | Kim Alvefur | 2013-04-19 | 1 | -11/+12 |
| | | | | mod_register, mod_vcard, mod_muc: Use module:open_store() | ||||
* | mod_auth_internal_plain, mod_auth_internal_hashed: No need to nodeprep here. | Waqas Hussain | 2013-01-22 | 1 | -7/+1 |
| | |||||
* | mod_auth_internal_{plain,hashed}: Add support for iterating over accounts | Kim Alvefur | 2012-09-21 | 1 | -0/+4 |
| | |||||
* | mod_auth_*: Use module:provides(). | Waqas Hussain | 2012-09-12 | 1 | -2/+2 |
| | |||||
* | mod_auth_internal_hashed: Get rid of useless wrapper function ↵ | Waqas Hussain | 2012-09-12 | 1 | -88/+86 |
| | | | | new_hashpass_provider. | ||||
* | mod_auth_internal_hashed: Remove COMPAT code (upgrading old hashed storage ↵ | Matthew Wild | 2012-04-28 | 1 | -24/+0 |
| | | | | format from pre-0.8) | ||||
* | mod_auth_internal_hashed: Remove unused imports | Matthew Wild | 2012-04-28 | 1 | -9/+0 |
| | |||||
* | mod_auth_internal_{plain,hashed}: Clarify log messages on initialization | Matthew Wild | 2012-03-11 | 1 | -1/+1 |
| | |||||
* | mod_auth_*: Get rid of undocumented and broken 'sasl_realm' config option. | Waqas Hussain | 2011-02-23 | 1 | -2/+1 |
| | |||||
* | mod_auth_internal_*: Support for delete_user method | Matthew Wild | 2011-01-04 | 1 | -0/+4 |
| | |||||
* | util.sasl.*, mod_auth_*, mod_saslauth: Pass SASL handler as first parameter ↵ | Waqas Hussain | 2010-12-27 | 1 | -2/+2 |
| | | | | to SASL profile callbacks. | ||||
* | mod_auth_internal_hashed: Fix deleting users | Kim Alvefur | 2010-08-16 | 1 | -0/+3 |
| | |||||
* | usermanager, mod_auth_internal_hashed, mod_legacyauth: New order of ↵ | Matthew Wild | 2010-07-21 | 1 | -1/+1 |
| | | | | parameters for usermanager.test_password - username, host, password | ||||
* | mod_auth_internal_hashed: Fixed SCRAM-SHA-1 mechanism to not traceback on ↵ | Waqas Hussain | 2010-07-17 | 1 | -3/+5 |
| | | | | non-existent users. | ||||
* | mod_auth_internal, mod_auth_internal_hashed: Remove checking for nil or ↵ | Matthew Wild | 2010-07-08 | 1 | -4/+0 |
| | | | | empty password and pretending it means the user doesn't exist. Hopefully with more success than Custer. | ||||
* | mod_auth_internal_hashed: Update TODO comments to COMPAT | Matthew Wild | 2010-06-22 | 1 | -3/+3 |
| | |||||
* | mod_auth_internal_hashed: Remove far too many instances of inline hex ↵ | Matthew Wild | 2010-06-22 | 1 | -14/+35 |
| | | | | conversion using gsub, which was creating useless closures and what-not |