how to fetch users and password from sql database into haraka server

[vivek779]

Hi there i was trying to fetch user and pass word into auth_flat_file.ini so that for multiple users i dont have to repetitively right down the all users and password for that for that i have created a small code to fetched data from mysql in an function var mysql = require('mysql'); var connection = mysql.createConnection({ host : 'localhost', user : 'root', password : 'x', database : 'x' }); connection.connect();

connection.query('SELECT * FROM user', function(err, rows ) { if (err) throw err;

Normally its shows output using console screen as { name: 'vivek', password: 'vivek' } I put this code into flat_file.js and compare the sql data in function to exports.get_plain_passwd = function (user, cb) { bt when i run the service its shows errors [CRIT] [-] [core] Compiling plugin: auth/flat_file failed [CRIT] [-] [core] /usr/local/lib/node_modules/Haraka/plugins/auth/flat_file.js:5 0 [CRIT] [-] [core] exports.get_plain_passwd = function (user, cb) { [CRIT] [-] [core] ^^^^^^^ [CRIT] [-] [core] SyntaxError: Unexpected identifier [CRIT] [-] [core] at Object.exports.runInNewContext (vm.js:68:16) [CRIT] [-] [core] at Object.plugins._load_and_compile_plugin (/usr/local/lib /node_modules/Haraka/plugins.js:181:12) [CRIT] [-] [core] at plugins.load_plugin (/usr/local/lib/node_modules/Haraka /plugins.js:120:26) [CRIT] [-] [core] at Array.map (native) [CRIT] [-] [core] at Object.plugins.load_plugins (/usr/local/lib/node_module s/Haraka/plugins.js:113:39) [CRIT] [-] [core] at Object.Server.createServer (/usr/local/lib/node_modules /Haraka/server.js:116:13) [CRIT] [-] [core] at Object. (/usr/local/lib/node_modules/Haraka/ haraka.js:66:8) [CRIT] [-] [core] at Module._compile (module.js:460:26) [CRIT] [-] [core] at Object.Module._extensions..js (module.js:478:10) [CRIT] [-] [core] at Module.load (module.js:355:32)

please guide me how would i do it so that i would able to add user and password directly to haraka server with database

[Dexus]

Please post your code to pastebin.com and set the link here.

[vivek779]

Thanks for the quick revert I forget to mention the code which I used in the issue as you said i have pasted the code to pastebin .com the following link is http://pastebin.com/zsP5L7Kp i can paste the code here also if you say

[Dexus]

I can see that you have no idea what you're doing, but whatever.

Get the code should go: http://pastebin.com/GfKGbyT2

[vivek779]

Thanks for the help it is really beneficial code runs perfectly without an error bt authentication is unsuccessful i have cleared the auth_flat_file and pasted your code on to the flat_file.js bt now it shows authentication unsuccessful i have entered the proper values which are in database It might not picking the proper format as i want i guess normally if i fetch from the database with query it shows output like this { name: 'vivek', password: 'vivek' }

Could please help me in this also i really wanted to make this code run here are the error logs of haraka [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running lookup_rdns hooks [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running connect hooks [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running connect hook in tarpit plugin [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] hook=connect plugin=tarpit function=tarpit params="" retval=CONT msg="" [PROTOCOL] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] S: 220 test.myhelplines.org ESMTP Haraka 2.6.1 ready [PROTOCOL] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] C: EHLO plutosuns.in state=1 [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running ehlo hooks [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running ehlo hook in tarpit plugin [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] hook=ehlo plugin=tarpit function=tarpit params="plutosuns.in" retval=CONT msg="" [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running capabilities hooks [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running capabilities hook in auth/flat_file plugin [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] hook=capabilities plugin=auth/flat_file function=hook_capabilities params="" retval=CONT msg="" [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running capabilities hook in auth/auth_mysql plugin [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] hook=capabilities plugin=auth/auth_mysql function=hook_capabilities params="" retval=CONT msg="" [PROTOCOL] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] S: 250-test.myhelplines.org Hello [191.101.225.15], Haraka is at your service. [PROTOCOL] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] S: 250-PIPELINING [PROTOCOL] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] S: 250-8BITMIME [PROTOCOL] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] S: 250-SIZE 500000 [PROTOCOL] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] S: 250 AUTH PLAIN LOGIN [PROTOCOL] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] C: AUTH LOGIN state=1 [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running unrecognized_command hooks [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running unrecognized_command hook in auth/flat_file plugin [PROTOCOL] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] S: 334 VXNlcm5hbWU6 [INFO] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] hook=unrecognized_command plugin=auth/flat_file function=hook_unrecognized_command params="AUTH" retval=OK msg="" [PROTOCOL] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] C: ICd2aXZlayc= state=1 [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running unrecognized_command hooks [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running unrecognized_command hook in auth/flat_file plugin [PROTOCOL] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] S: 334 UGFzc3dvcmQ6 [INFO] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] hook=unrecognized_command plugin=auth/flat_file function=hook_unrecognized_command params="ICd2aXZlayc=" retval=OK msg="" [PROTOCOL] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] C: ICd2aXZlayc= state=1 [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running unrecognized_command hooks [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running unrecognized_command hook in auth/flat_file plugin [NOTICE] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [auth/flat_file] delaying response for 1 seconds [PROTOCOL] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] S: 535 Authentication failed [INFO] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] hook=unrecognized_command plugin=auth/flat_file function=hook_unrecognized_command params="ICd2aXZlayc=" retval=OK msg="" [INFO] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] client [191.101.225.15] half closed connection [DEBUG] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] running disconnect hooks [NOTICE] [A3076959-9832-4ABB-9F94-83E85EA59FC6] [core] disconnect ip=191.101.225.15 rdns="DNSERROR" helo="plutosuns.in" relay=N early=N esmtp=Y tls=N pipe=N txns=0 rcpts=0/0/0 msgs=0/0/0 bytes=0 lr="535 Authentication failed" time=1.862

[Dexus]

You can only login plain text and the passwort stored in DB musst also plaintext...

[vivek779]

I am able to fetch user from database bt it is only comparing password to authenticate which means different users with that password are able to authenticate it only using password to authenticate could you please tell me from which section of codes takes user to authenticate so that i am able to authenticate with both user and password

[Dexus]

how do you create an array with key and value?

ARRAY[key=user] = value=password

var users =[];
users[userlogin] = password;

please use ur head...

[Dexus]

https://github.com/vivek779/haraka-plugins/blob/master/auth/auth_mysql.js

doing exact that what you need ;)

[vivek779]

sorry for wrong question i was not able to explain have a look to my code this use only password to authenticate but dosent take users to authenticate which means i can put any user and it gets authenticate http://pastebin.com/zsP5L7Kp

[Dexus]

Dear vivek779,

i dont will help you for this anymore, you have a Plugin (https://github.com/vivek779/haraka-plugins/blob/master/auth/auth_mysql.js) that exact doing that what you need.

If you don't understand how it works, look at the code and begin to read and learn.

I do not want to be rude, but you have no idea of what you're doing. And for this reason I give you also no further support. There are ready-made plug-ins that you can look at, but not even that, have you considered necessary.

[Manojkumar09]

Hi Dexus, I am facing this type of issue also. I have stored user and password in DB and able to retrive in plain text format easily. I have tried your code also - (https://github.com/vivek779/haraka-plugins/blob/master/auth/auth_mysql.js). Mydatabase looks like-

+-------+----------+ | user | password | +-------+----------+ | manoj | yu890 | +-------+----------+

Now i see with that code (while authenticating) that if i put password value - yu890 and user value - manoj then it got authenticate but when i put password - yu890 and user value - abc then it also got authenticate means there is no need of user value it take anything in user value.

I think In your code -

conn.query(myNotes.config.main.password_query, [user], function(err, results) { if (err) { plugin.logerror("MySQL error: " + err); return next(DENYSOFT); }

        if (results && results.length > 0) {
            cb(results[0].password);
        } else {
            cb();
        }

cb is returning password but user is not supporting. Please help me here so i will sortout this issue.

Thanks.

[Dexus]

Then try: https://gist.github.com/Dexus/42b06875b6c26551d1b1

(here the password is md5 hashed in the DB) It's not tested.

[smfreegard]

You're misunderstanding how the code works.

exports.check_plain_passwd = function (connection, user, passwd, cb) {

This function is called by the inherited auth/auth_base code. It provides the user and passwd that was parsed and decoded from the AUTH SMTP command, the cb is a callback function that should be returned and in this case takes either true (User/pass authenticated successfully) or false (Authentication failure).

This function then calls:

this.get_plain_passwd(user, function (plain_pw) {

Where user is the same argument that was sent to the parent function (check_plain_pw) and its passing an anonymous function which expects a single argument of plain_pw - this calls the exports.get_plain_passwd = function(user, cb) { which is your database function which should retrieve the password for the user: conn.query(myNotes.config.main.password_query, [user] where your SQL query is: password_query: 'SELECT password FROM users WHERE user=?'.

If a password is found it is returned by calling the cb() function which is the anonymous function (plain_pw) { mentioned above, this function then compares the input password with the password from the database and returns either cb(true) or cb(false) back which causes the Authentication to be accepted of rejected.

Hope that helps.

[smfreegard]

@Manojkumar09 what password_query are you setting (e.g. the SQL to retrieve the user)?

[Manojkumar09]

HI smfreegard, Thanks for your reply. I am using the query -

password_query: 'SELECT password FROM users WHERE user=?'

the same query i am using but issue is same yet. User doesn't matter for authentication.

[smfreegard]

Try this: https://gist.github.com/smfreegard/28238802f09c6029cc62

Set your loglevel to LOGDEBUG and then send log output for a session that clearly demonstrates your issue.

[Manojkumar09]

Hi smfreegard , This code has worked for me now i am able to authenticate. Really appreciate you and thankful to you. I am also thankful to mr. dexsus. : -)