Prosody plugin to add an expiration date to created accounts and stop them when the date is reached

Milochris · March 6, 2023, 10:08pm

hi, for a while i’ve been wondering if it’s possible to add an expiration date to accounts so that they are automatically disabled. can someone take a look at this code? and tell me how i could link the basic authentication with prosodyctl register to my plugin so that it asks me for an expiration date?

-- Load the internal_plain module
local auth_internal_plain = module:require "auth_internal_plain"

-- Define a new function to add expiration date to user accounts
function add_user_with_expiration(username, password, expiration_date)
    -- Call the original add_user function to create the user account
    auth_internal_plain.add_user(username, password)
    -- Store the expiration date in the user account data
    module:save_user(username, {expiration_date = expiration_date})
end

-- Override the original login function to check for expiration date
function authenticate_with_expiration(username, password)
    -- Call the original authenticate function to check the user's password
    local authenticated, err = auth_internal_plain.authenticate(username, password)
    if authenticated then
        -- Check the expiration date of the user's account
        local user_data = module:open_user(username)
        local expiration_date = user_data and user_data.expiration_date
        if expiration_date and os.time() > expiration_date then
            -- Account has expired, deny authentication
            authenticated, err = nil, "Account has expired"
        end
    end
    return authenticated, err
end

-- Override the original user_exists function to check for expiration date
function user_exists_with_expiration(username)
    -- Call the original user_exists function to check if the user exists
    local exists = auth_internal_plain.user_exists(username)
    if exists then
        -- Check the expiration date of the user's account
        local user_data = module:open_user(username)
        local expiration_date = user_data and user_data.expiration_date
        if expiration_date and os.time() > expiration_date then
            -- Account has expired, deny existence
            exists = nil
        end
    end
    return exists
end

-- Add the new functions to the Prosody authentication provider
module:provides("auth", {
    add_user = add_user_with_expiration,
    authenticate = authenticate_with_expiration,
    user_exists = user_exists_with_expiration
})

emrah · March 7, 2023, 8:02am

You may use an identity provider (such as LDAP, keycloak) and apply the identity related rules on it.

Milochris · March 7, 2023, 8:03am

Hi, okay, I’ll see how it works

Milochris · March 7, 2023, 9:01am

if you have any documentation on this subject, could you share it with me? I can’t find much

emrah · March 7, 2023, 9:05am

I don’t know a specific document but you can find many by searching on a search site.

First, you need to decide how to keep the user data.