2004-12-14 00:00:12 +01:00
|
|
|
%%%----------------------------------------------------------------------
|
|
|
|
%%% File : ejabberd_auth_odbc.erl
|
|
|
|
%%% Author : Alexey Shchepin <alexey@sevcom.net>
|
|
|
|
%%% Purpose : Authentification via ODBC
|
|
|
|
%%% Created : 12 Dec 2004 by Alexey Shchepin <alexey@sevcom.net>
|
|
|
|
%%% Id : $Id$
|
|
|
|
%%%----------------------------------------------------------------------
|
|
|
|
|
|
|
|
-module(ejabberd_auth_odbc).
|
|
|
|
-author('alexey@sevcom.net').
|
|
|
|
-vsn('$Revision$ ').
|
|
|
|
|
|
|
|
%% External exports
|
2005-07-13 05:24:13 +02:00
|
|
|
-export([start/1,
|
2005-04-17 20:08:34 +02:00
|
|
|
set_password/3,
|
|
|
|
check_password/3,
|
|
|
|
check_password/5,
|
|
|
|
try_register/3,
|
2004-12-14 00:00:12 +01:00
|
|
|
dirty_get_registered_users/0,
|
2005-04-17 23:39:41 +02:00
|
|
|
get_vh_registered_users/1,
|
2005-04-17 20:08:34 +02:00
|
|
|
get_password/2,
|
|
|
|
get_password_s/2,
|
|
|
|
is_user_exists/2,
|
2004-12-14 00:00:12 +01:00
|
|
|
remove_user/2,
|
2005-04-17 20:08:34 +02:00
|
|
|
remove_user/3,
|
2004-12-14 00:00:12 +01:00
|
|
|
plain_password_required/0
|
|
|
|
]).
|
|
|
|
|
2005-07-13 05:24:13 +02:00
|
|
|
-include("ejabberd.hrl").
|
|
|
|
|
2004-12-14 00:00:12 +01:00
|
|
|
-record(passwd, {user, password}).
|
|
|
|
|
|
|
|
%%%----------------------------------------------------------------------
|
|
|
|
%%% API
|
|
|
|
%%%----------------------------------------------------------------------
|
2005-07-13 05:24:13 +02:00
|
|
|
start(Host) ->
|
2006-02-03 05:41:03 +01:00
|
|
|
ChildSpec =
|
|
|
|
{ejabberd_odbc_sup,
|
|
|
|
{ejabberd_odbc_sup, start_link, [Host]},
|
|
|
|
temporary,
|
|
|
|
infinity,
|
|
|
|
supervisor,
|
|
|
|
[ejabberd_odbc_sup]},
|
|
|
|
supervisor:start_child(ejabberd_sup, ChildSpec),
|
2004-12-14 00:00:12 +01:00
|
|
|
ok.
|
|
|
|
|
|
|
|
plain_password_required() ->
|
|
|
|
false.
|
|
|
|
|
2005-07-13 05:24:13 +02:00
|
|
|
check_password(User, Server, Password) ->
|
2004-12-14 00:00:12 +01:00
|
|
|
case jlib:nodeprep(User) of
|
|
|
|
error ->
|
|
|
|
false;
|
|
|
|
LUser ->
|
|
|
|
Username = ejabberd_odbc:escape(LUser),
|
|
|
|
case catch ejabberd_odbc:sql_query(
|
2005-07-13 05:24:13 +02:00
|
|
|
jlib:nameprep(Server),
|
2004-12-14 00:00:12 +01:00
|
|
|
["select password from users "
|
2006-01-02 18:39:04 +01:00
|
|
|
"where username='", Username, "';"]) of
|
2004-12-14 00:00:12 +01:00
|
|
|
{selected, ["password"], [{Password}]} ->
|
|
|
|
true;
|
|
|
|
_ ->
|
|
|
|
false
|
|
|
|
end
|
|
|
|
end.
|
|
|
|
|
2005-07-13 05:24:13 +02:00
|
|
|
check_password(User, Server, Password, StreamID, Digest) ->
|
2004-12-14 00:00:12 +01:00
|
|
|
case jlib:nodeprep(User) of
|
|
|
|
error ->
|
|
|
|
false;
|
|
|
|
LUser ->
|
|
|
|
Username = ejabberd_odbc:escape(LUser),
|
|
|
|
case catch ejabberd_odbc:sql_query(
|
2005-07-13 05:24:13 +02:00
|
|
|
jlib:nameprep(Server),
|
2004-12-14 00:00:12 +01:00
|
|
|
["select password from users "
|
2006-01-02 18:39:04 +01:00
|
|
|
"where username='", Username, "';"]) of
|
2004-12-14 00:00:12 +01:00
|
|
|
{selected, ["password"], [{Passwd}]} ->
|
|
|
|
DigRes = if
|
|
|
|
Digest /= "" ->
|
|
|
|
Digest == sha:sha(StreamID ++ Passwd);
|
|
|
|
true ->
|
|
|
|
false
|
|
|
|
end,
|
|
|
|
if DigRes ->
|
|
|
|
true;
|
|
|
|
true ->
|
|
|
|
(Passwd == Password) and (Password /= "")
|
|
|
|
end;
|
|
|
|
_ ->
|
|
|
|
false
|
|
|
|
end
|
|
|
|
end.
|
|
|
|
|
2005-07-13 05:24:13 +02:00
|
|
|
set_password(User, Server, Password) ->
|
2004-12-14 00:00:12 +01:00
|
|
|
case jlib:nodeprep(User) of
|
|
|
|
error ->
|
|
|
|
{error, invalid_jid};
|
|
|
|
LUser ->
|
|
|
|
Username = ejabberd_odbc:escape(LUser),
|
|
|
|
Pass = ejabberd_odbc:escape(Password),
|
2005-12-21 17:10:56 +01:00
|
|
|
LServer = jlib:nameprep(Server),
|
|
|
|
catch ejabberd_odbc:sql_transaction(
|
|
|
|
LServer,
|
|
|
|
[["delete from users where username='", Username ,"';"],
|
|
|
|
["insert into users(username, password) "
|
|
|
|
"values ('", Username, "', '", Pass, "');"]])
|
2004-12-14 00:00:12 +01:00
|
|
|
end.
|
|
|
|
|
|
|
|
|
2005-07-13 05:24:13 +02:00
|
|
|
try_register(User, Server, Password) ->
|
2004-12-14 00:00:12 +01:00
|
|
|
case jlib:nodeprep(User) of
|
|
|
|
error ->
|
|
|
|
{error, invalid_jid};
|
|
|
|
LUser ->
|
|
|
|
Username = ejabberd_odbc:escape(LUser),
|
|
|
|
Pass = ejabberd_odbc:escape(Password),
|
|
|
|
case catch ejabberd_odbc:sql_query(
|
2005-07-13 05:24:13 +02:00
|
|
|
jlib:nameprep(Server),
|
2004-12-14 00:00:12 +01:00
|
|
|
["insert into users(username, password) "
|
2006-01-02 18:39:04 +01:00
|
|
|
"values ('", Username, "', '", Pass, "');"]) of
|
2005-10-15 21:50:02 +02:00
|
|
|
{updated, 1} ->
|
2004-12-14 00:00:12 +01:00
|
|
|
{atomic, ok};
|
|
|
|
_ ->
|
|
|
|
{atomic, exists}
|
|
|
|
end
|
|
|
|
end.
|
|
|
|
|
|
|
|
dirty_get_registered_users() ->
|
2005-07-13 05:24:13 +02:00
|
|
|
get_vh_registered_users(?MYNAME).
|
|
|
|
|
|
|
|
get_vh_registered_users(Server) ->
|
2005-08-25 22:48:45 +02:00
|
|
|
LServer = jlib:nameprep(Server),
|
2005-07-13 05:24:13 +02:00
|
|
|
case catch ejabberd_odbc:sql_query(
|
2005-08-25 22:48:45 +02:00
|
|
|
LServer,
|
2005-07-13 05:24:13 +02:00
|
|
|
"select username from users") of
|
2004-12-14 00:00:12 +01:00
|
|
|
{selected, ["username"], Res} ->
|
2005-08-25 22:48:45 +02:00
|
|
|
[{U, LServer} || {U} <- Res];
|
2004-12-14 00:00:12 +01:00
|
|
|
_ ->
|
|
|
|
[]
|
|
|
|
end.
|
|
|
|
|
2005-07-13 05:24:13 +02:00
|
|
|
get_password(User, Server) ->
|
2004-12-14 00:00:12 +01:00
|
|
|
case jlib:nodeprep(User) of
|
|
|
|
error ->
|
|
|
|
false;
|
|
|
|
LUser ->
|
|
|
|
Username = ejabberd_odbc:escape(LUser),
|
|
|
|
case catch ejabberd_odbc:sql_query(
|
2005-07-13 05:24:13 +02:00
|
|
|
jlib:nameprep(Server),
|
2004-12-14 00:00:12 +01:00
|
|
|
["select password from users "
|
2006-01-02 18:39:04 +01:00
|
|
|
"where username='", Username, "';"]) of
|
2004-12-14 00:00:12 +01:00
|
|
|
{selected, ["password"], [{Password}]} ->
|
|
|
|
Password;
|
|
|
|
_ ->
|
|
|
|
false
|
|
|
|
end
|
|
|
|
end.
|
|
|
|
|
2005-07-13 05:24:13 +02:00
|
|
|
get_password_s(User, Server) ->
|
2004-12-14 00:00:12 +01:00
|
|
|
case jlib:nodeprep(User) of
|
|
|
|
error ->
|
|
|
|
"";
|
|
|
|
LUser ->
|
|
|
|
Username = ejabberd_odbc:escape(LUser),
|
|
|
|
case catch ejabberd_odbc:sql_query(
|
2005-07-13 05:24:13 +02:00
|
|
|
jlib:nameprep(Server),
|
2004-12-14 00:00:12 +01:00
|
|
|
["select password from users "
|
2006-01-02 18:39:04 +01:00
|
|
|
"where username='", Username, "';"]) of
|
2004-12-14 00:00:12 +01:00
|
|
|
{selected, ["password"], [{Password}]} ->
|
|
|
|
Password;
|
|
|
|
_ ->
|
|
|
|
""
|
|
|
|
end
|
|
|
|
end.
|
|
|
|
|
2005-07-13 05:24:13 +02:00
|
|
|
is_user_exists(User, Server) ->
|
2004-12-14 00:00:12 +01:00
|
|
|
case jlib:nodeprep(User) of
|
|
|
|
error ->
|
|
|
|
false;
|
|
|
|
LUser ->
|
|
|
|
Username = ejabberd_odbc:escape(LUser),
|
|
|
|
case catch ejabberd_odbc:sql_query(
|
2005-07-13 05:24:13 +02:00
|
|
|
jlib:nameprep(Server),
|
2004-12-14 00:00:12 +01:00
|
|
|
["select password from users "
|
2006-01-02 18:39:04 +01:00
|
|
|
"where username='", Username, "';"]) of
|
2004-12-14 00:00:12 +01:00
|
|
|
{selected, ["password"], [{_Password}]} ->
|
|
|
|
true;
|
|
|
|
_ ->
|
|
|
|
false
|
|
|
|
end
|
|
|
|
end.
|
|
|
|
|
2005-06-20 05:18:13 +02:00
|
|
|
remove_user(User, Server) ->
|
2004-12-14 00:00:12 +01:00
|
|
|
case jlib:nodeprep(User) of
|
|
|
|
error ->
|
|
|
|
error;
|
|
|
|
LUser ->
|
|
|
|
Username = ejabberd_odbc:escape(LUser),
|
|
|
|
catch ejabberd_odbc:sql_query(
|
2005-07-13 05:24:13 +02:00
|
|
|
jlib:nameprep(Server),
|
2006-01-02 18:39:04 +01:00
|
|
|
["delete from users where username='", Username ,"';"]),
|
2005-10-13 03:29:21 +02:00
|
|
|
ejabberd_hooks:run(remove_user, jlib:nameprep(Server),
|
|
|
|
[User, Server])
|
2004-12-14 00:00:12 +01:00
|
|
|
end.
|
|
|
|
|
2005-06-20 05:18:13 +02:00
|
|
|
remove_user(User, Server, Password) ->
|
2004-12-14 00:00:12 +01:00
|
|
|
case jlib:nodeprep(User) of
|
|
|
|
error ->
|
|
|
|
error;
|
|
|
|
LUser ->
|
|
|
|
Username = ejabberd_odbc:escape(LUser),
|
|
|
|
Pass = ejabberd_odbc:escape(Password),
|
2005-12-21 17:10:56 +01:00
|
|
|
LServer = jlib:nameprep(Server),
|
|
|
|
F = fun() ->
|
|
|
|
Result = ejabberd_odbc:sql_query_t(
|
|
|
|
["select password from users where username='",
|
|
|
|
Username, "';"]),
|
|
|
|
ejabberd_odbc:sql_query_t(["delete from users "
|
|
|
|
"where username='", Username,
|
|
|
|
"' and password='", Pass, "';"]),
|
|
|
|
case Result of
|
|
|
|
{selected, ["password"], [{Password}]} ->
|
|
|
|
ejabberd_hooks:run(remove_user, jlib:nameprep(Server),
|
|
|
|
[User, Server]),
|
|
|
|
ok;
|
|
|
|
{selected, ["password"], []} ->
|
|
|
|
not_exists;
|
|
|
|
_ ->
|
|
|
|
not_allowed
|
|
|
|
end
|
|
|
|
end,
|
|
|
|
{atomic, Result } = ejabberd_odbc:transaction(LServer, F),
|
|
|
|
Result
|
2004-12-14 00:00:12 +01:00
|
|
|
end.
|