source: auth.c @ 8e6ecfe

Last change on this file since 8e6ecfe was 8e6ecfe, checked in by Dennis Kaarsemaker <dennis@…>, at 2016-03-25T18:07:53Z

Authentication: scaffolding for multiple authentication backends

Instead of always putting users passwords in XML files, allow site
admins to configure a different authentication method to integrate
authentication with other systems.

This doesn't add any authentication backends yet, merely the
scaffolding. Notably:

  • Password checking and loading/removing from storage has been decoupled. A new auth_check_pass function is used to check passwords. It does check against the configured storage first, but will handle the authentication backends as well. The XML storage merely signals that a user's password should be checked using an authentication backend.
  • If unknown-to-bitlbee users identify using an authentication backend, they are automatically registered.
  • If an authentication backend is used, that fact is stored in the XML file, the password is not. Passwords are also stored unencrypted in this case, as the password used to encrypt them can change underneath us.
  • configure and Makefile changes for the backend objects
  • Property mode set to 100644
File size: 1.1 KB
Line 
1#define BITLBEE_CORE
2#include "bitlbee.h"
3
4GList *auth_init(const char *backend)
5{
6        GList *gl = NULL;
7        int ok = backend ? 0 : 1;
8
9        return ok ? gl : NULL;
10}
11
12storage_status_t auth_check_pass(irc_t *irc, const char *nick, const char *password)
13{
14        GList *gl;
15        storage_status_t status = storage_check_pass(irc, nick, password);
16
17        if (status == STORAGE_CHECK_BACKEND) {
18                for (gl = global.auth; gl; gl = gl->next) {
19                        auth_backend_t *be = gl->data;
20                        if (!strcmp(be->name, irc->auth_backend)) {
21                                status = be->check_pass(nick, password);
22                                break;
23                        }
24                }
25        } else if (status == STORAGE_NO_SUCH_USER && global.conf->auth_backend) {
26                for (gl = global.auth; gl; gl = gl->next) {
27                        auth_backend_t *be = gl->data;
28                        if (!strcmp(be->name, global.conf->auth_backend)) {
29                                status = be->check_pass(nick, password);
30                                /* Save the user so storage_load will pick them up, similar to
31                                 * what the register command would do */
32                                if (status == STORAGE_OK) {
33                                        irc->auth_backend = g_strdup(global.conf->auth_backend);
34                                        storage_save(irc, (char *)password, 0);
35                                }
36                                break;
37                        }
38                }
39        }
40
41        if (status == STORAGE_OK) {
42                irc_setpass(irc, password);
43        }
44
45        return status;
46}
Note: See TracBrowser for help on using the repository browser.