diff options
Diffstat (limited to 'tex/context/base/mkiv/util-sql-users.lua')
-rw-r--r-- | tex/context/base/mkiv/util-sql-users.lua | 102 |
1 files changed, 78 insertions, 24 deletions
diff --git a/tex/context/base/mkiv/util-sql-users.lua b/tex/context/base/mkiv/util-sql-users.lua index a1f433946..7204fb310 100644 --- a/tex/context/base/mkiv/util-sql-users.lua +++ b/tex/context/base/mkiv/util-sql-users.lua @@ -10,47 +10,77 @@ if not modules then modules = { } end modules ['util-sql-users'] = { -- because it's easier to dirtribute this way. Eventually it will be documented -- and the related scripts will show up as well. --- local sql = sql or (utilities and utilities.sql) or require("util-sql") --- local md5 = md5 or require("md5") - local sql = utilities.sql -local format, upper, find, gsub, topattern = string.format, string.upper, string.find, string.gsub, string.topattern -local sumhexa = md5.sumhexa +local find, topattern = string.find, string.topattern +local sumHEXA = md5.sumHEXA local toboolean = string.toboolean +local lpegmatch = lpeg.match -local sql = utilities.sql +local sql = require("util-sql") -- utilities.sql local users = { } sql.users = users local trace_sql = false trackers.register("sql.users.trace", function(v) trace_sql = v end) local report = logs.reporter("sql","users") -local function encryptpassword(str) +local split = lpeg.splitat(":") +local valid = nil +local hash = function(s) return "MD5:" .. sumHEXA(s) end + +if LUAVERSION >= 5.3 then + + local sha2 = require("util-sha") + + local HASH224 = sha2.HASH224 + local HASH256 = sha2.HASH256 + local HASH384 = sha2.HASH384 + local HASH512 = sha2.HASH512 + + valid = { + MD5 = hash, + SHA224 = function(s) return "SHA224:" .. HASH224(s) end, + SHA256 = function(s) return "SHA256:" .. HASH256(s) end, + SHA384 = function(s) return "SHA384:" .. HASH384(s) end, + SHA512 = function(s) return "SHA512:" .. HASH512(s) end, + } + +else + + valid = { + MD5 = hash, + SHA224 = hash, + SHA256 = hash, + SHA384 = hash, + SHA512 = hash, + } + +end + +local function encryptpassword(str,how) if not str or str == "" then return "" - elseif find(str,"^MD5:") then + end + local prefix, rest = lpegmatch(split,str) + if prefix and rest and valid[prefix] then return str - else - return upper(format("MD5:%s",sumhexa(str))) end + return (how and valid[how] or valid.MD5)(str) end local function cleanuppassword(str) - return (gsub(str,"^MD5:","")) + local prefix, rest = lpegmatch(split,str) + if prefix and rest and valid[prefix] then + return rest + end + return str end local function samepasswords(one,two) if not one or not two then return false end - if not find(one,"^MD5:") then - one = encryptpassword(one) - end - if not find(two,"^MD5:") then - two = encryptpassword(two) - end - return one == two + return encryptpassword(one) == encryptpassword(two) end local function validaddress(address,addresses) @@ -64,7 +94,6 @@ local function validaddress(address,addresses) end end - users.encryptpassword = encryptpassword users.cleanuppassword = cleanuppassword users.samepasswords = samepasswords @@ -103,13 +132,23 @@ users.groupnumbers = groupnumbers -- password 'test': -- -- INSERT insert into users (`name`,`password`,`group`,`enabled`) values ('...','MD5:098F6BCD4621D373CADE4E832627B4F6',1,1) ; +-- +-- MD5:098F6BCD4621D373CADE4E832627B4F6 +-- SHA224:90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809 +-- SHA256:9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08 +-- SHA384:768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9 +-- SHA512:EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF -local template =[[ +-- old values (a name can have utf and a password a long hash): +-- +-- name 80, fullname 80, password 50 + +local template = [[ CREATE TABLE `users` ( `id` int(11) NOT NULL AUTO_INCREMENT, - `name` varchar(80) NOT NULL, - `fullname` varchar(80) NOT NULL, - `password` varchar(50) DEFAULT NULL, + `name` varchar(100) NOT NULL, + `fullname` varchar(100) NOT NULL, + `password` varchar(200) DEFAULT NULL, `group` int(11) NOT NULL, `enabled` int(11) DEFAULT '1', `email` varchar(80) DEFAULT NULL, @@ -121,6 +160,21 @@ local template =[[ ) DEFAULT CHARSET = utf8 ; ]] +local sqlite_template = [[ + CREATE TABLE `users` ( + `id` INTEGER PRIMARY KEY AUTOINCREMENT, + `name` TEXT NOT NULL, + `fullname` TEXT NOT NULL, + `password` TEXT DEFAULT NULL, + `group` INTEGER NOT NULL, + `enabled` INTEGER DEFAULT '1', + `email` TEXT DEFAULT NULL, + `address` TEXT DEFAULT NULL, + `theme` TEXT DEFAULT NULL, + `data` TEXT DEFAULT NULL + ) ; +]] + local converter, fields = sql.makeconverter { { name = "id", type = "number" }, { name = "name", type = "string" }, @@ -139,7 +193,7 @@ function users.createdb(presets,datatable) local db = checkeddb(presets,datatable) db.execute { - template = template, + template = db.usedmethod == "sqlite" and sqlite_template or template, variables = { basename = db.basename, }, |