67 lines
1.9 KiB
Lua
67 lines
1.9 KiB
Lua
--luacheck: ignore 143/module
|
|
|
|
local http_formdecode = require "net.http".formdecode;
|
|
|
|
local secret = module:get_option_string("invites_bootstrap_secret");
|
|
if not secret then return; end
|
|
|
|
local invites_bootstrap_store = module:open_store("invites_bootstrap");
|
|
|
|
-- This should be a non-negative integer higher than any set for the
|
|
-- previous bootstrap event (if any)
|
|
local current_index = module:get_option_number("invites_bootstrap_index");
|
|
|
|
local invites = module:depends("invites");
|
|
module:depends("http");
|
|
|
|
local function handle_request(event)
|
|
local query_params = http_formdecode(event.request.url.query);
|
|
|
|
if not query_params.token or query_params.token ~= secret then
|
|
return 403;
|
|
end
|
|
|
|
local bootstrap_records = invites_bootstrap_store:get() or {};
|
|
if #bootstrap_records > 0 then
|
|
local last_bootstrap = bootstrap_records[#bootstrap_records];
|
|
if current_index == last_bootstrap.index then
|
|
event.response.headers.Location = last_bootstrap.result;
|
|
return 303;
|
|
elseif current_index < last_bootstrap.index then
|
|
return 410;
|
|
end
|
|
end
|
|
|
|
-- Create invite
|
|
local invite, invite_err = invites.create_account(nil, {
|
|
roles = { ["prosody:admin"] = true };
|
|
groups = { "default" };
|
|
source = "api/token/bootstrap-"..current_index;
|
|
});
|
|
if not invite then
|
|
module:log("error", "Failed to create bootstrap invite! %s", invite_err);
|
|
return 500;
|
|
end
|
|
|
|
-- Record this bootstrap event (to prevent replay)
|
|
table.insert(bootstrap_records, {
|
|
index = current_index;
|
|
timestamp = os.time();
|
|
result = invite.landing_page or invite.uri;
|
|
});
|
|
local record_ok, record_err = invites_bootstrap_store:set(nil, bootstrap_records);
|
|
if not record_ok then
|
|
module:log("error", "Failed to store bootstrap record: %s", record_err);
|
|
return 500;
|
|
end
|
|
|
|
event.response.headers.Location = invite.landing_page or invite.uri;
|
|
return 303;
|
|
end
|
|
|
|
module:provides("http", {
|
|
route = {
|
|
GET = handle_request;
|
|
};
|
|
});
|