From 2c3bd063b9f6b729b2b1592f964444aecc10de5b Mon Sep 17 00:00:00 2001 From: Emmanuel Gil Peyrot Date: Sun, 29 Sep 2019 15:05:17 +0200 Subject: mod_register_ibr: Add FORM_TYPE as required by XEP-0077. --- plugins/mod_register_ibr.lua | 2 ++ 1 file changed, 2 insertions(+) (limited to 'plugins/mod_register_ibr.lua') diff --git a/plugins/mod_register_ibr.lua b/plugins/mod_register_ibr.lua index bbe7581d..e04e6ecd 100644 --- a/plugins/mod_register_ibr.lua +++ b/plugins/mod_register_ibr.lua @@ -25,6 +25,7 @@ end); local account_details = module:open_store("account_details"); local field_map = { + FORM_TYPE = { name = "FORM_TYPE", type = "hidden", value = "jabber:iq:register" }; username = { name = "username", type = "text-single", label = "Username", required = true }; password = { name = "password", type = "text-private", label = "Password", required = true }; nick = { name = "nick", type = "text-single", label = "Nickname" }; @@ -50,6 +51,7 @@ local registration_form = dataform_new{ title = title; instructions = instructions; + field_map.FORM_TYPE; field_map.username; field_map.password; }; -- cgit v1.2.3 From 1fa149d6c4c0e709d62999f044f28cbb0eff4040 Mon Sep 17 00:00:00 2001 From: Emmanuel Gil Peyrot Date: Sun, 29 Sep 2019 15:26:18 +0200 Subject: mod_register_ibr, mod_register_limits: Add support for custom error type and defined-condition. --- plugins/mod_register_ibr.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins/mod_register_ibr.lua') diff --git a/plugins/mod_register_ibr.lua b/plugins/mod_register_ibr.lua index e04e6ecd..fe5ede2b 100644 --- a/plugins/mod_register_ibr.lua +++ b/plugins/mod_register_ibr.lua @@ -168,7 +168,7 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event) module:fire_event("user-registering", user); if not user.allowed then log("debug", "Registration disallowed by module: %s", user.reason or "no reason given"); - session.send(st.error_reply(stanza, "modify", "not-acceptable", user.reason)); + session.send(st.error_reply(stanza, user.error_type or "modify", user.error_condition or "not-acceptable", user.reason)); return true; end -- cgit v1.2.3 From 213edf5203123371b0a9fe0efe3606ec6f9575c2 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sun, 29 Sep 2019 16:22:05 +0200 Subject: mod_register_ibr: Reminder to maybe use util.error in the future --- plugins/mod_register_ibr.lua | 1 + 1 file changed, 1 insertion(+) (limited to 'plugins/mod_register_ibr.lua') diff --git a/plugins/mod_register_ibr.lua b/plugins/mod_register_ibr.lua index fe5ede2b..3f6da004 100644 --- a/plugins/mod_register_ibr.lua +++ b/plugins/mod_register_ibr.lua @@ -168,6 +168,7 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event) module:fire_event("user-registering", user); if not user.allowed then log("debug", "Registration disallowed by module: %s", user.reason or "no reason given"); + -- TODO This could use util.error session.send(st.error_reply(stanza, user.error_type or "modify", user.error_condition or "not-acceptable", user.reason)); return true; end -- cgit v1.2.3 From fc0e6e197d28d5a37b89a12bf9ae3119d0ae69d6 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sun, 29 Sep 2019 17:34:47 +0200 Subject: mod_register_ibr: Distinguish between failure to create account or save extra data --- plugins/mod_register_ibr.lua | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'plugins/mod_register_ibr.lua') diff --git a/plugins/mod_register_ibr.lua b/plugins/mod_register_ibr.lua index 3f6da004..2f220658 100644 --- a/plugins/mod_register_ibr.lua +++ b/plugins/mod_register_ibr.lua @@ -179,14 +179,13 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event) return true; end - -- TODO unable to write file, file may be locked, etc, what's the correct error? - local error_reply = st.error_reply(stanza, "wait", "internal-server-error", "Failed to write data to disk."); - if usermanager_create_user(username, password, host) then + local created, err = usermanager_create_user(username, password, host); + if created then data.registered = os.time(); if not account_details:set(username, data) then log("debug", "Could not store extra details"); usermanager_delete_user(username, host); - session.send(error_reply); + session.send(st.error_reply(stanza, "wait", "internal-server-error", "Failed to write data to disk.")); return true; end session.send(st.reply(stanza)); -- user created! @@ -195,8 +194,8 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event) username = username, host = host, source = "mod_register", session = session }); else - log("debug", "Could not create user"); - session.send(error_reply); + log("debug", "Could not create user", err); + session.send(st.error_reply(stanza, "cancel", "feature-not-implemented", err)); end return true; end); -- cgit v1.2.3 From 1d400b6d80c689a3d6fcfcde0d588e18941f00d2 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Fri, 1 Nov 2019 18:09:13 +0100 Subject: mod_register_ibr: Allow registartion rejection reason as util.error object --- plugins/mod_register_ibr.lua | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'plugins/mod_register_ibr.lua') diff --git a/plugins/mod_register_ibr.lua b/plugins/mod_register_ibr.lua index 2f220658..32e6f710 100644 --- a/plugins/mod_register_ibr.lua +++ b/plugins/mod_register_ibr.lua @@ -168,8 +168,15 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event) module:fire_event("user-registering", user); if not user.allowed then log("debug", "Registration disallowed by module: %s", user.reason or "no reason given"); - -- TODO This could use util.error - session.send(st.error_reply(stanza, user.error_type or "modify", user.error_condition or "not-acceptable", user.reason)); + local error_type, error_condition, reason; + local err = user.error; + if err then + error_type, error_condition, reason = err.type, err.condition, err.text; + else + -- COMPAT pre-util.error + error_type, error_condition, reason = user.error_type, user.error_condition, user.reason; + end + session.send(st.error_reply(stanza, error_type or "modify", error_condition or "not-acceptable", reason)); return true; end -- cgit v1.2.3 From 64a2f6c1920e46288b323efcf9ce445fde61226a Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Fri, 1 Nov 2019 23:11:43 +0100 Subject: mod_register_ibr: Enforce strict JID validation --- plugins/mod_register_ibr.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins/mod_register_ibr.lua') diff --git a/plugins/mod_register_ibr.lua b/plugins/mod_register_ibr.lua index 32e6f710..6de9bc33 100644 --- a/plugins/mod_register_ibr.lua +++ b/plugins/mod_register_ibr.lua @@ -155,7 +155,7 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event) return true; end - local username, password = nodeprep(data.username), data.password; + local username, password = nodeprep(data.username, true), data.password; data.username, data.password = nil, nil; local host = module.host; if not username or username == "" then -- cgit v1.2.3 From d2aa477111130cd0bd677dc61513c30463a642a5 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Thu, 23 Apr 2020 19:02:44 +0200 Subject: mod_register_ibr: Fix reporting of registration rejection reason When the reason is reported as an util.error object the `reason` field is empty and the reason text should be extacted from the error object. --- plugins/mod_register_ibr.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins/mod_register_ibr.lua') diff --git a/plugins/mod_register_ibr.lua b/plugins/mod_register_ibr.lua index 6de9bc33..e79fc763 100644 --- a/plugins/mod_register_ibr.lua +++ b/plugins/mod_register_ibr.lua @@ -167,7 +167,6 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event) local user = { username = username, password = password, host = host, additional = data, ip = session.ip, session = session, allowed = true } module:fire_event("user-registering", user); if not user.allowed then - log("debug", "Registration disallowed by module: %s", user.reason or "no reason given"); local error_type, error_condition, reason; local err = user.error; if err then @@ -176,6 +175,7 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event) -- COMPAT pre-util.error error_type, error_condition, reason = user.error_type, user.error_condition, user.reason; end + log("debug", "Registration disallowed by module: %s", reason or "no reason given"); session.send(st.error_reply(stanza, error_type or "modify", error_condition or "not-acceptable", reason)); return true; end -- cgit v1.2.3 From f4805838390ce2f2127e70fac6f18d0ef7867c7d Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Thu, 18 Jun 2020 16:42:22 +0100 Subject: mod_register_ibr: Allow registration to reset an existing account password if permitted by a plugin --- plugins/mod_register_ibr.lua | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) (limited to 'plugins/mod_register_ibr.lua') diff --git a/plugins/mod_register_ibr.lua b/plugins/mod_register_ibr.lua index e79fc763..000ae740 100644 --- a/plugins/mod_register_ibr.lua +++ b/plugins/mod_register_ibr.lua @@ -9,10 +9,12 @@ local st = require "util.stanza"; local dataform_new = require "util.dataforms".new; -local usermanager_user_exists = require "core.usermanager".user_exists; -local usermanager_create_user = require "core.usermanager".create_user; -local usermanager_delete_user = require "core.usermanager".delete_user; +local usermanager_user_exists = require "core.usermanager".user_exists; +local usermanager_create_user = require "core.usermanager".create_user; +local usermanager_set_password = require "core.usermanager".create_user; +local usermanager_delete_user = require "core.usermanager".delete_user; local nodeprep = require "util.encodings".stringprep.nodeprep; +local util_error = require "util.error"; local additional_fields = module:get_option("additional_registration_fields", {}); local require_encryption = module:get_option_boolean("c2s_require_encryption", @@ -181,9 +183,20 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event) end if usermanager_user_exists(username, host) then - log("debug", "Attempt to register with existing username"); - session.send(st.error_reply(stanza, "cancel", "conflict", "The requested username already exists.")); - return true; + if user.allow_reset == username then + local ok, err = util_error.coerce(usermanager_set_password(username, password, host)); + if ok then + session.send(st.reply(stanza)); -- reset ok! + else + session.log("error", "Unable to reset password for %s@%s: %s", username, host, err); + session.send(st.error_reply(stanza, err.type, err.condition, err.text)); + end + return true; + else + log("debug", "Attempt to register with existing username"); + session.send(st.error_reply(stanza, "cancel", "conflict", "The requested username already exists.")); + return true; + end end local created, err = usermanager_create_user(username, password, host); -- cgit v1.2.3 From 073a654eff55f79b67bd424529734538a1d7009e Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Mon, 22 Jun 2020 11:35:24 +0100 Subject: mod_register_ibr: Add event for successful password reset This is in addition to the existing event for password changes. This one includes additional details about the actor, and only triggers when the change is due to the account owner (presumably) resetting. As example use case is to invalidate one-time password reset tokens. --- plugins/mod_register_ibr.lua | 1 + 1 file changed, 1 insertion(+) (limited to 'plugins/mod_register_ibr.lua') diff --git a/plugins/mod_register_ibr.lua b/plugins/mod_register_ibr.lua index 000ae740..83d284c8 100644 --- a/plugins/mod_register_ibr.lua +++ b/plugins/mod_register_ibr.lua @@ -186,6 +186,7 @@ module:hook("stanza/iq/jabber:iq:register:query", function(event) if user.allow_reset == username then local ok, err = util_error.coerce(usermanager_set_password(username, password, host)); if ok then + module:fire_event("user-password-reset", user); session.send(st.reply(stanza)); -- reset ok! else session.log("error", "Unable to reset password for %s@%s: %s", username, host, err); -- cgit v1.2.3