ejabberd_http_auth: cannot use multiple passwords per user if auth cache is enabled

processone / ejabberd-contrib

Growing and curated ejabberd contributions repository - PR or ask to join !

http://ejabberd.im

248 stars 137 forks source link

ejabberd_http_auth: cannot use multiple passwords per user if auth cache is enabled #288

Closed sonnyp closed 3 years ago

sonnyp commented 4 years ago

We use ejabberd_http_auth and SASL Plain. We have multiple passwords (which are in fact oauth tokens) per user.

When the auth cache is enabled if a user authenticates with a password then every other connected clients gets disconnected.

auth_use_cache: false fixes the issue

I can imagine why this happens and I'm not entirely sure if this should be considered a bug. If not, let me know and I can send a PR to the documentation.

badlop commented 3 years ago

I think that, if your custom auth script accepts different passwords for the same username, then you can't use ejabberd's caching. I'm curious to read your changes in the documentation.