X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=plugins%2Fmod_register.lua;h=c04eca0a702abe4859e3d81b175425443b372148;hb=0a15fb63d7e11c2e6c81c268042785bfa6df64fe;hp=44bbf700af547a1eb10578a84a1f350bed658a81;hpb=aaeae2efeea1819f657bb8afcee1855e056562b7;p=prosody.git diff --git a/plugins/mod_register.lua b/plugins/mod_register.lua index 44bbf700..c04eca0a 100644 --- a/plugins/mod_register.lua +++ b/plugins/mod_register.lua @@ -1,20 +1,9 @@ --- Prosody IM v0.2 --- Copyright (C) 2008 Matthew Wild --- Copyright (C) 2008 Waqas Hussain +-- Prosody IM v0.4 +-- Copyright (C) 2008-2009 Matthew Wild +-- Copyright (C) 2008-2009 Waqas Hussain -- --- This program is free software; you can redistribute it and/or --- modify it under the terms of the GNU General Public License --- as published by the Free Software Foundation; either version 2 --- of the License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU General Public License for more details. --- --- You should have received a copy of the GNU General Public License --- along with this program; if not, write to the Free Software --- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +-- This project is MIT/X11 licensed. Please see the +-- COPYING file in the source package for more information. -- @@ -24,6 +13,7 @@ local usermanager_user_exists = require "core.usermanager".user_exists; local usermanager_create_user = require "core.usermanager".create_user; local datamanager_store = require "util.datamanager".store; local os_time = os.time; +local nodeprep = require "util.encodings".stringprep.nodeprep; module:add_feature("jabber:iq:register"); @@ -40,22 +30,23 @@ module:add_iq_handler("c2s", "jabber:iq:register", function (session, stanza) elseif stanza.attr.type == "set" then if query.tags[1] and query.tags[1].name == "remove" then -- TODO delete user auth data, send iq response, kick all user resources with a , delete all user data + local username, host = session.username, session.host; --session.send(st.error_reply(stanza, "cancel", "not-allowed")); --return; - usermanager_create_user(session.username, nil, session.host); -- Disable account + usermanager_create_user(username, nil, host); -- Disable account -- FIXME the disabling currently allows a different user to recreate the account -- we should add an in-memory account block mode when we have threading session.send(st.reply(stanza)); local roster = session.roster; - for _, session in pairs(hosts[session.host].sessions[session.username].sessions) do -- disconnect all resources - session:disconnect({condition = "not-authorized", text = "Account deleted"}); + for _, session in pairs(hosts[host].sessions[username].sessions) do -- disconnect all resources + session:close({condition = "not-authorized", text = "Account deleted"}); end -- TODO datamanager should be able to delete all user data itself - datamanager.store(session.username, session.host, "roster", nil); - datamanager.store(session.username, session.host, "vcard", nil); - datamanager.store(session.username, session.host, "private", nil); - datamanager.store(session.username, session.host, "offline", nil); - local bare = session.username.."@"..session.host; + datamanager.store(username, host, "roster", nil); + datamanager.store(username, host, "vcard", nil); + datamanager.store(username, host, "private", nil); + datamanager.store(username, host, "offline", nil); + --local bare = username.."@"..host; for jid, item in pairs(roster) do if jid ~= "pending" then if item.subscription == "both" or item.subscription == "to" then @@ -66,13 +57,13 @@ module:add_iq_handler("c2s", "jabber:iq:register", function (session, stanza) end end end - datamanager.store(session.username, session.host, "accounts", nil); -- delete accounts datastore at the end + datamanager.store(username, host, "accounts", nil); -- delete accounts datastore at the end else local username = query:child_with_name("username"); local password = query:child_with_name("password"); if username and password then -- FIXME shouldn't use table.concat - username = table.concat(username); + username = nodeprep(table.concat(username)); password = table.concat(password); if username == session.username then if usermanager_create_user(username, password, session.host) then -- password change -- TODO is this the right way? @@ -143,7 +134,7 @@ module:add_iq_handler("c2s_unauthed", "jabber:iq:register", function (session, s end end -- FIXME shouldn't use table.concat - username = table.concat(username); + username = nodeprep(table.concat(username)); password = table.concat(password); if usermanager_user_exists(username, session.host) then session.send(st.error_reply(stanza, "cancel", "conflict"));