aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_auth_anonymous.lua
blob: 761dc8a476aa4217524f7d46d32d7ec1ec5d2342 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
-- Prosody IM
-- Copyright (C) 2008-2010 Matthew Wild
-- Copyright (C) 2008-2010 Waqas Hussain
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--

local new_sasl = require "util.sasl".new;
local datamanager = require "util.datamanager";

-- define auth provider
local provider = { name = "anonymous" };

function provider.test_password(username, password)
	return nil, "Password based auth not supported.";
end

function provider.get_password(username)
	return nil, "Password not available.";
end

function provider.set_password(username, password)
	return nil, "Password based auth not supported.";
end

function provider.user_exists(username)
	return nil, "Only anonymous users are supported."; -- FIXME check if anonymous user is connected?
end

function provider.create_user(username, password)
	return nil, "Account creation/modification not supported.";
end

function provider.get_sasl_handler()
	local anonymous_authentication_profile = {
		anonymous = function(sasl, username, realm)
			return true; -- for normal usage you should always return true here
		end
	};
	return new_sasl(module.host, anonymous_authentication_profile);
end

-- datamanager callback to disable writes
local function dm_callback(username, host, datastore, data)
	if host == module.host then
		return false;
	end
	return username, host, datastore, data;
end

if not module:get_option_boolean("allow_anonymous_s2s", false) then
	module:hook("route/remote", function (event)
		return false; -- Block outgoing s2s from anonymous users
	end, 300);
end

function module.load()
	datamanager.add_callback(dm_callback);
end
function module.unload()
	datamanager.remove_callback(dm_callback);
end

module:add_item("auth-provider", provider);