- function provider.get_sasl_handler()
- local realm = module:get_option("sasl_realm") or module.host;
- local testpass_authentication_profile = {
- plain_test = function(username, password, realm)
- local prepped_username = nodeprep(username);
- if not prepped_username then
- log("debug", "NODEprep failed on username: %s", username);
- return "", nil;
- end
- return usermanager.test_password(prepped_username, password, realm), true;
- end,
- scram_sha_1 = function(username, realm)
- local credentials = datamanager.load(username, host, "accounts") or {};
- if credentials.password then
- usermanager.set_password(username, credentials.password);
- credentials = datamanager.load(username, host, "accounts") or {};
- end
-
- -- convert hexpass to stored_key and server_key
- -- TODO: remove this in near future
- if credentials.hashpass then
- local salted_password = credentials.hashpass:gsub("..", function(x) return string.char(tonumber(x, 16)); end);
- credentials.stored_key = sha1(hmac_sha1(salted_password, "Client Key")):gsub(".", function (c) return ("%02x"):format(c:byte()); end);
- credentials.server_key = hmac_sha1(salted_password, "Server Key"):gsub(".", function (c) return ("%02x"):format(c:byte()); end);
- end
-
- local stored_key, server_key, iteration_count, salt = credentials.stored_key, credentials.server_key, credentials.iteration_count, credentials.salt;
- stored_key = stored_key and stored_key:gsub("..", function(x) return string.char(tonumber(x, 16)); end);
- server_key = server_key and server_key:gsub("..", function(x) return string.char(tonumber(x, 16)); end);
- return stored_key, server_key, iteration_count, salt, true;
- end
- };
- return new_sasl(realm, testpass_authentication_profile);
+function provider.user_exists(username)
+ local account = accounts:get(username);
+ if not account then
+ log("debug", "account not found for username '%s'", username);
+ return nil, "Auth failed. Invalid username";
+ end
+ return true;
+end
+
+function provider.users()
+ return accounts:users();
+end
+
+function provider.create_user(username, password)
+ if password == nil then
+ return accounts:set(username, {});