+local secure_auth_only = module:get_option("c2s_require_encryption") or module:get_option("require_encryption");
+
+local sessionmanager = require "core.sessionmanager";
+local usermanager = require "core.usermanager";
+local nodeprep = require "util.encodings".stringprep.nodeprep;
+local resourceprep = require "util.encodings".stringprep.resourceprep;
+
+module:add_feature("jabber:iq:auth");
+module:hook("stream-features", function(event)
+ local origin, features = event.origin, event.features;
+ if secure_auth_only and not origin.secure then
+ -- Sorry, not offering to insecure streams!
+ return;
+ elseif not origin.username then
+ features:tag("auth", {xmlns='http://jabber.org/features/iq-auth'}):up();
+ end
+end);
+
+module:add_iq_handler("c2s_unauthed", "jabber:iq:auth",