[ejabberd] user registration via HTTP

Andy Skelton skeltoac at gmail.com
Thu Dec 24 18:30:13 MSK 2009


Any time I want a simple HTTP interface for an ejabberd function I
write a new HTTP request handler module. It's pretty easy. Here's an
example. It has not been updated for exmpp. It is activated by adding
the request handler to the ejabberd_http port config, such as
{["message"], http_message}. I do this in the web admin but you can
also put it in your config file.

This module expects an authenticated POST containing a valid message
stanza. If the HTTP request does not contain a valid Authorization
header the response is a 403. A bad username/password gets a 401. You
would probably want to remove that check but I included it so that
this code can be used for authenticated actions.

Forgive me for the sloppy and vestigial parts of the code. It works
for me. Our developers use this interface to send themselves debug
messages from web servers. It's easier than tailing logs on hundreds
of web servers simultaneously. :-)

-module(http_message).
-author('andy at automattic.com').
-include("jlib.hrl").
-include("ejabberd_http.hrl").
-include("ejabberd.hrl").
-export([process/2]).

process(LocalPath, #request{auth = Auth} = Request)->
        case get_auth(Auth) of
        {User, Domain} ->
            out(Request, Request#request.method, LocalPath,
jlib:string_to_jid(User++"@"++Domain));
        _ ->
                {401, [{"WWW-Authenticate", "basic
realm=\"ejabberd\""}],"Unauthorized"}
    end;

process(_LocalPath, _Request) ->
        {403, [], "Forbidden"}.

out(Args, 'POST', _Node, From) ->
        Payload = xml_stream:parse_element(Args#request.data),
        To = xml:get_tag_attr_s("to", Payload),
        case ejabberd_router:route(From, jlib:string_to_jid(To), Payload) of
                ok ->
                        {201, [], Payload};
                _ ->
                        {400, [], ""}
        end;

out(_, _, _, _) ->
        {403, [], "Forbidden"}.

get_auth(Auth) ->
    case Auth of
        {SJID, P} ->
            case jlib:string_to_jid(SJID) of
                error ->
                    unauthorized;
                #jid{user = U, server = S} ->
                    case ejabberd_auth:check_password(U, S, P) of
                        true ->
                            {U, S};
                        false ->
                            unauthorized
                    end
            end;
         _ ->
            unauthorized
    end.


More information about the ejabberd mailing list