aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_auth_internal_hashed.lua
Commit message (Collapse)AuthorAgeFilesLines
* mod_auth_internal_{hashed,plain}: Respect flag for disabled accounts in ↵Kim Alvefur2024-08-091-0/+3
| | | | | | | test_password() This API method is used e.g. in HTTP modules which also should respect disabled accounts.
* usermanager, mod_auth_internal_hashed: Support metadata when disabling a userMatthew Wild2023-11-301-1/+2
| | | | | This allows us to store a time, actor, comment and/or reason why an account was disabled, which seems a generally useful thing to support.
* plugins: Use integer config API with interval specification where sensibleKim Alvefur2023-07-171-1/+1
| | | | | | | Many of these fall into a few categories: - util.cache size, must be >= 1 - byte or item counts that logically can't be negative - port numbers that should be in 1..0xffff
* plugins: Use get_option_enum where appropriateKim Alvefur2021-01-161-1/+1
|
* plugins: Prefix module imports with prosody namespaceKim Alvefur2023-03-241-6/+6
|
* mod_auth_internal_hashed: Shorten call pathKim Alvefur2023-03-181-3/+2
| | | | | Why did it call a function defined in the same module through usermanager?
* mod_auth_internal_hashed: Record time of account disable / re-enableKim Alvefur2023-03-121-0/+2
| | | | Could be useful for e.g. #1772
* mod_auth_internal_hashed: Add oauthbearer handler to our SASL profileMatthew Wild2023-03-011-1/+4
|
* mod_auth_internal_hashed: Implement methods to enable and disable usersKim Alvefur2023-02-231-4/+9
|
* mod_auth_internal_hashed: Implement is_enabled() methodKim Alvefur2023-02-231-3/+5
| | | | Uses 'disabled' property already introduced in aed38948791f
* mod_auth_internal_hashed: Add stub methods for enabling and disabling usersKim Alvefur2023-02-221-0/+8
| | | | But how and where?
* mod_auth_internal_hashed: Refactor to prepare for disabling usersKim Alvefur2023-02-221-2/+7
| | | | | | Moving this out will make space for a dynamic check whether a particular user is disabled or not, which is one possible response to abuse of account privileges.
* mod_auth_internal_hashed: Allow creating disabled account without passwordKim Alvefur2022-08-181-2/+2
| | | | | Otherwise, create_user(username, nil) leads to the account being deleted.
* usermanager, mod_auth_*: Add get_account_info() returning creation/update timeMatthew Wild2022-07-121-1/+13
| | | | | | | This is useful for a number of things. For example, listing users that need to rotate their passwords after some event. It also provides a safer way for code to determine that a user password has changed without needing to set a handler for the password change event (which is a more fragile approach).
* util.hex: Deprecate to/from in favour of encode/decode, for consistency!Matthew Wild2022-03-041-1/+1
|
* mod_auth_internal_hashed: Up iteration count to 10000 per XEP-0438Kim Alvefur2021-12-261-1/+1
| | | | | | | | More security for less pain than switching to SCRAM-SHA-256 The XEP will likely be change to reference the RFC that will probably come from draft-ietf-kitten-password-storage once it is ready, and then we should update to follow that.
* mod_auth_internal_hashed: Make SCRAM iteration count configurableKim Alvefur2021-12-261-1/+1
|
* Merge 0.11->trunkMatthew Wild2021-05-131-2/+3
|\
| * mod_auth_internal_{plain,hashed}: Use constant-time string comparison for ↵Matthew Wild2021-05-101-2/+3
| | | | | | | | secrets
* | Merge 0.11->trunkKim Alvefur2020-06-061-1/+6
|\|
| * mod_auth_internal_*: Apply saslprep to passwordsKim Alvefur2020-05-231-1/+6
| | | | | | | | Related to #1560
* | Merge 0.11->trunkKim Alvefur2019-12-241-6/+8
|\ \ | |/ |/|
| * mod_auth_internal_hashed: Precompute SCRAM authentication profile name ↵Kim Alvefur2019-08-221-1/+2
| | | | | | | | (thanks MattJ)
| * mod_auth_internal_hashed: Add support for optionally using SCRAM-SHA-256 ↵Kim Alvefur2019-01-131-6/+7
| | | | | | | | | | | | | | instead of SHA-1 This will currently require a hard reset of all passwords back to plain. This will be least painful on new deployments.
* | mod_auth_internal_hashed: Pass on errors from password hash function (fixes ↵Kim Alvefur2019-12-231-0/+6
|/ | | | #1477)
* core.usermanager, various modules: Disconnect other resources on password ↵Kim Alvefur2017-07-281-1/+3
| | | | change (thanks waqas) (fixes #512)
* mod_auth_internal_hashed: Split long lines [luacheck]Kim Alvefur2017-04-041-2/+6
|
* mod_auth_internal_hashed: Rename unused 'self' to _ [luacheck]Kim Alvefur2017-04-041-2/+2
|
* mod_auth_internal_hashed: Use util.hexKim Alvefur2015-05-181-19/+2
|
* mod_auth_interal_hashed: Update salt and iteration count when setting a new ↵Florian Zeitz2014-02-121-5/+7
| | | | password
* mod_auth_internal_hashed: Log calls to provider methods and be consistent ↵Kim Alvefur2013-08-101-2/+4
| | | | with mod_auth_internal_plain
* mod_auth_internal_hashed: Use logger setup by moduleapi instead of going for ↵Kim Alvefur2013-08-101-1/+2
| | | | util.logger directly
* mod_auth_internal_hashed: Remove this 'initializing' message tooKim Alvefur2013-08-101-1/+0
|
* Remove all trailing whitespaceFlorian Zeitz2013-08-091-6/+6
|
* mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, ↵Kim Alvefur2013-04-191-11/+12
| | | | mod_register, mod_vcard, mod_muc: Use module:open_store()
* mod_auth_internal_plain, mod_auth_internal_hashed: No need to nodeprep here.Waqas Hussain2013-01-221-7/+1
|
* mod_auth_internal_{plain,hashed}: Add support for iterating over accountsKim Alvefur2012-09-211-0/+4
|
* mod_auth_*: Use module:provides().Waqas Hussain2012-09-121-2/+2
|
* mod_auth_internal_hashed: Get rid of useless wrapper function ↵Waqas Hussain2012-09-121-88/+86
| | | | new_hashpass_provider.
* mod_auth_internal_hashed: Remove COMPAT code (upgrading old hashed storage ↵Matthew Wild2012-04-281-24/+0
| | | | format from pre-0.8)
* mod_auth_internal_hashed: Remove unused importsMatthew Wild2012-04-281-9/+0
|
* mod_auth_internal_{plain,hashed}: Clarify log messages on initializationMatthew Wild2012-03-111-1/+1
|
* mod_auth_*: Get rid of undocumented and broken 'sasl_realm' config option.Waqas Hussain2011-02-231-2/+1
|
* mod_auth_internal_*: Support for delete_user methodMatthew Wild2011-01-041-0/+4
|
* util.sasl.*, mod_auth_*, mod_saslauth: Pass SASL handler as first parameter ↵Waqas Hussain2010-12-271-2/+2
| | | | to SASL profile callbacks.
* mod_auth_internal_hashed: Fix deleting usersKim Alvefur2010-08-161-0/+3
|
* usermanager, mod_auth_internal_hashed, mod_legacyauth: New order of ↵Matthew Wild2010-07-211-1/+1
| | | | parameters for usermanager.test_password - username, host, password
* mod_auth_internal_hashed: Fixed SCRAM-SHA-1 mechanism to not traceback on ↵Waqas Hussain2010-07-171-3/+5
| | | | non-existent users.
* mod_auth_internal, mod_auth_internal_hashed: Remove checking for nil or ↵Matthew Wild2010-07-081-4/+0
| | | | empty password and pretending it means the user doesn't exist. Hopefully with more success than Custer.
* mod_auth_internal_hashed: Update TODO comments to COMPATMatthew Wild2010-06-221-3/+3
|