plugins/mod_saslauth.lua

   1
   2 local st = require "util.stanza";
   3 local send = require "core.sessionmanager".send_to_session;
   4
   5 local usermanager_validate_credentials = require "core.usermanager".validate_credentials;
   6 local t_concat = table.concat;
   7 local tostring = tostring;
   8
   9 local log = require "util.logger".init("mod_saslauth");
  10
  11 local xmlns_sasl ='urn:ietf:params:xml:ns:xmpp-sasl';
  12
  13 local new_connhandler = require "net.connhandlers".new;
  14 local new_sasl = require "util.sasl".new;
  15
  16 add_handler("c2s_unauthed", "auth",
  17                 function (session, stanza)
  18                         if not session.sasl_handler then
  19                                 session.sasl_handler = new_sasl(stanza.attr.mechanism,
  20                                         function (username, password)
  21                                                 -- onAuth
  22                                                 require "core.usermanager"
  23                                                 if usermanager_validate_credentials(session.host, username, password) then
  24                                                         return true;
  25                                                 end
  26                                                 return false;
  27                                         end,
  28                                         function (username)
  29                                                 -- onSuccess
  30                                                 local success, err = sessionmanager.make_authenticated(session, username);
  31                                                 if not success then
  32                                                         sessionmanager.destroy_session(session);
  33                                                 end
  34                                                 session.sasl_handler = nil;
  35                                                 session.connhandler = new_connhandler("xmpp-client", session);
  36                                                 session.notopen = true;
  37                                         end,
  38                                         function (reason)
  39                                                 -- onFail
  40                                                 log("debug", "SASL failure, reason: %s", reason);
  41                                         end,
  42                                         function (stanza)
  43                                                 -- onWrite
  44                                                 log("debug", "SASL writes: %s", tostring(stanza));
  45                                                 send(session, stanza);
  46                                         end
  47                                 );
  48                                 session.sasl_handler:feed(stanza);
  49                         else
  50                                 error("Client tried to negotiate SASL again", 0);
  51                         end
  52
  53                 end);