1 /* +------------------------------------+
2 * | Inspire Internet Relay Chat Daemon |
3 * +------------------------------------+
5 * Inspire is copyright (C) 2002-2004 ChatSpike-Dev.
7 * <brain@chatspike.net>
8 * <Craig@chatspike.net>
10 * Written by Craig Edwards, Craig McLure, and others.
11 * This program is free but copyrighted software; see
12 * the file COPYING for details.
14 * ---------------------------------------------------
21 #include <sys/types.h>
22 #include <sys/socket.h>
35 /* $ModDesc: An SQL test module */
39 class ModuleSQLAuth : public Module
42 std::string usertable;
43 std::string userfield;
44 std::string passfield;
45 std::string encryption;
46 std::string killreason;
53 Conf = new ConfigReader();
54 usertable = Conf->ReadValue("sqlauth","usertable",0); // user table name
55 dbid = Conf->ReadInteger("sqlauth","dbid",0,true); // database id of a database configured in m_sql (see m_sql config)
56 userfield = Conf->ReadValue("sqlauth","userfield",0); // field name where username can be found
57 passfield = Conf->ReadValue("sqlauth","passfield",0); // field name where password can be found
58 killreason = Conf->ReadValue("sqlauth","killreason",0); // reason to give when access is denied to a user (put your reg details here)
59 encryption = Conf->ReadValue("sqlauth","encryption",0); // name of sql function used to encrypt password, e.g. "md5" or "passwd".
60 // define, but leave blank if no encryption is to be used.
62 SQLModule = Srv->FindModule("m_sql.so");
64 Srv->Log(DEFAULT,"WARNING: m_sqlauth.so could not initialize because m_sql.so is not loaded. Load the module and rehash your server.");
74 virtual void OnRehash()
79 virtual void OnUserRegister(userrec* user)
81 if (!CheckCredentials(user->nick,user->password))
83 Srv->QuitUser(user,killreason);
87 bool CheckCredentials(std::string username, std::string password)
91 // is the sql module loaded? If not, we don't attempt to do anything.
95 // Create a request containing the SQL query and send it to m_sql.so
96 SQLRequest* query = new SQLRequest(SQL_RESULT,1,"SELECT * FROM "+usertable+" WHERE "+userfield+"='"+username+"' AND "+passfield+"="+encmethod+"('"+password+"')");
97 Request queryrequest((char*)query, this, SQLModule);
98 SQLResult* result = (SQLResult*)queryrequest.Send();
100 // Did we get "OK" as a result?
101 if (result->GetType() == SQL_OK)
104 // if we did, this means we may now request a row... there should be only one row for each user, so,
105 // we don't need to loop to fetch multiple rows.
106 SQLRequest* rowrequest = new SQLRequest(SQL_ROW,1,"");
107 Request rowquery((char*)rowrequest, this, SQLModule);
108 SQLResult* rowresult = (SQLResult*)rowquery.Send();
110 // did we get a row? If we did, we can now do something with the fields
111 if (rowresult->GetType() == SQL_ROW)
113 if (rowrequest->GetField(userfield) == username)
115 // because the query directly asked for the password hash, we do not need to check it -
116 // if it didnt match it wont be returned in the first place from the SELECT.
117 // This just checks we didnt get an empty row by accident.
124 // we didn't have a row.
135 query->SetQueryType(SQL_DONE);
137 Request donerequest((char*)query, this, SQLModule);
143 virtual ~ModuleSQLAuth()
148 virtual Version GetVersion()
150 return Version(1,0,0,1,VF_VENDOR);
155 class ModuleSQLAuthFactory : public ModuleFactory
158 ModuleSQLAuthFactory()
162 ~ModuleSQLAuthFactory()
166 virtual Module * CreateModule()
168 return new ModuleSQLAuth;
174 extern "C" void * init_module( void )
176 return new ModuleSQLAuthFactory;