Merge pull request #2 from meyerd/master
Local User Authentication upon Transport Registration
This commit is contained in:
Jan Kaluza
commit
aee29f90b6
3 changed files with 93 additions and 0 deletions
|
|
@ -95,3 +95,20 @@ type = none
|
|||
|
||||
# Prefix used for tables
|
||||
#prefix = jabber_
|
||||
|
||||
[registration]
|
||||
# Enable public registrations
|
||||
enable_public_registration=1
|
||||
|
||||
# Text to display upon user registration form
|
||||
username_label=Jabber JID (e.g. user@server.tld):
|
||||
instructions=Enter your remote jabber JID and password as well as your local username and password
|
||||
|
||||
# If True a local jabber account on <local_account_server> is needed
|
||||
# for transport registration, the idea is to enable public registration
|
||||
# from other servers, but only for users, who have already local accounts
|
||||
require_local_account=1
|
||||
local_username_label=Local username (without @server.tld):
|
||||
local_account_server=localhost
|
||||
local_account_server_timeout=10000
|
||||
|
||||
|
|
|
|||
|
|
@ -87,6 +87,10 @@ bool Config::load(std::istream &ifs, boost::program_options::options_description
|
|||
("registration.username_label", value<std::string>()->default_value("Legacy network username:"), "Label for username field")
|
||||
("registration.username_mask", value<std::string>()->default_value(""), "Username mask")
|
||||
("registration.encoding", value<std::string>()->default_value("utf8"), "Default encoding in registration form")
|
||||
("registration.require_local_account", value<bool>()->default_value(false), "True if users have to have a local account to register to this transport from remote servers.")
|
||||
("registration.local_username_label", value<std::string>()->default_value("Local username:"), "Label for local usernme field")
|
||||
("registration.local_account_server", value<std::string>()->default_value("localhost"), "The server on which the local accounts will be checked for validity")
|
||||
("registration.local_account_server_timeout", value<int>()->default_value(10000), "Timeout when checking local user on local_account_server (msecs)")
|
||||
("database.type", value<std::string>()->default_value("none"), "Database type.")
|
||||
("database.database", value<std::string>()->default_value(""), "Database used to store data")
|
||||
("database.server", value<std::string>()->default_value("localhost"), "Database server.")
|
||||
|
|
|
|||
|
|
@ -26,6 +26,8 @@
|
|||
#include "transport/user.h"
|
||||
#include "Swiften/Elements/ErrorPayload.h"
|
||||
#include <boost/shared_ptr.hpp>
|
||||
#include <boost/thread.hpp>
|
||||
#include <boost/date_time/posix_time/posix_time.hpp>
|
||||
#include "log4cxx/logger.h"
|
||||
|
||||
using namespace Swift;
|
||||
|
|
@ -241,6 +243,20 @@ bool UserRegistration::handleGetRequest(const Swift::JID& from, const Swift::JID
|
|||
boolean->setLabel((("Remove your registration")));
|
||||
boolean->setValue(0);
|
||||
form->addField(boolean);
|
||||
} else {
|
||||
if (CONFIG_BOOL(m_config,"registration.require_local_account")) {
|
||||
std::string localUsernameField = CONFIG_STRING(m_config, "registration.local_username_label");
|
||||
TextSingleFormField::ref local_username = TextSingleFormField::create();
|
||||
local_username->setName("local_username");
|
||||
local_username->setLabel((localUsernameField));
|
||||
local_username->setRequired(true);
|
||||
form->addField(local_username);
|
||||
TextPrivateFormField::ref local_password = TextPrivateFormField::create();
|
||||
local_password->setName("local_password");
|
||||
local_password->setLabel((("Local Password")));
|
||||
local_password->setRequired(true);
|
||||
form->addField(local_password);
|
||||
}
|
||||
}
|
||||
|
||||
reg->setForm(form);
|
||||
|
|
@ -273,6 +289,8 @@ bool UserRegistration::handleSetRequest(const Swift::JID& from, const Swift::JID
|
|||
|
||||
std::string encoding;
|
||||
std::string language;
|
||||
std::string local_username("");
|
||||
std::string local_password("");
|
||||
|
||||
Form::ref form = payload->getForm();
|
||||
if (form) {
|
||||
|
|
@ -290,6 +308,13 @@ bool UserRegistration::handleSetRequest(const Swift::JID& from, const Swift::JID
|
|||
else if (textSingle->getName() == "password") {
|
||||
payload->setPassword(textSingle->getValue());
|
||||
}
|
||||
else if (textSingle->getName() == "local_username") {
|
||||
local_username = textSingle->getValue();
|
||||
}
|
||||
// Pidgin sends it as textSingle, not sure why...
|
||||
else if (textSingle->getName() == "local_password") {
|
||||
local_password = textSingle->getValue();
|
||||
}
|
||||
continue;
|
||||
}
|
||||
|
||||
|
|
@ -298,6 +323,9 @@ bool UserRegistration::handleSetRequest(const Swift::JID& from, const Swift::JID
|
|||
if (textPrivate->getName() == "password") {
|
||||
payload->setPassword(textPrivate->getValue());
|
||||
}
|
||||
else if (textPrivate->getName() == "local_password") {
|
||||
local_password = textPrivate->getValue();
|
||||
}
|
||||
continue;
|
||||
}
|
||||
|
||||
|
|
@ -327,6 +355,50 @@ bool UserRegistration::handleSetRequest(const Swift::JID& from, const Swift::JID
|
|||
return true;
|
||||
}
|
||||
|
||||
if (CONFIG_BOOL(m_config,"registration.require_local_account")) {
|
||||
/* if (!local_username || !local_password) {
|
||||
sendResponse(from, id, InBandRegistrationPayload::ref());
|
||||
return true
|
||||
} else */ if (local_username == "" || local_password == "") {
|
||||
sendResponse(from, id, InBandRegistrationPayload::ref());
|
||||
return true;
|
||||
}
|
||||
// Swift::logging = true;
|
||||
bool validLocal = false;
|
||||
std::string localLookupServer = CONFIG_STRING(m_config, "registration.local_account_server");
|
||||
std::string localLookupJID = local_username + std::string("@") + localLookupServer;
|
||||
SimpleEventLoop localLookupEventLoop;
|
||||
BoostNetworkFactories localLookupNetworkFactories(&localLookupEventLoop);
|
||||
Client localLookupClient(localLookupJID, local_password, &localLookupNetworkFactories);
|
||||
|
||||
// TODO: this is neccessary on my server ... but should maybe omitted
|
||||
localLookupClient.setAlwaysTrustCertificates();
|
||||
localLookupClient.connect();
|
||||
|
||||
class SimpleLoopRunner {
|
||||
public:
|
||||
SimpleLoopRunner() {};
|
||||
|
||||
static void run(SimpleEventLoop * loop) {
|
||||
loop->run();
|
||||
};
|
||||
};
|
||||
|
||||
// TODO: Really ugly and hacky solution, any other ideas more than welcome!
|
||||
boost::thread thread(boost::bind(&(SimpleLoopRunner::run), &localLookupEventLoop));
|
||||
thread.timed_join(boost::posix_time::millisec(CONFIG_INT(m_config, "registration.local_account_server_timeout")));
|
||||
localLookupEventLoop.stop();
|
||||
thread.join();
|
||||
validLocal = localLookupClient.isAvailable();
|
||||
localLookupClient.disconnect();
|
||||
if (!validLocal) {
|
||||
sendError(from, id, ErrorPayload::NotAuthorized, ErrorPayload::Modify);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
printf("here\n");
|
||||
|
||||
if (!payload->getUsername() || !payload->getPassword()) {
|
||||
sendError(from, id, ErrorPayload::NotAcceptable, ErrorPayload::Modify);
|
||||
return true;
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue