git.squeep.com Git - akkoma/blob - lib/pleroma/plugs/authentication_plug.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Plugs.AuthenticationPlug do
   6   alias Comeonin.Pbkdf2
   7   import Plug.Conn
   8   alias Pleroma.User
   9   require Logger
  10
  11   def init(options) do
  12     options
  13   end
  14
  15   def checkpw(password, password_hash) do
  16     cond do
  17       String.starts_with?(password_hash, "$pbkdf2") ->
  18         Pbkdf2.checkpw(password, password_hash)
  19       String.starts_with?(password_hash, "$6") ->
  20         :crypt.crypt(password, password_hash) == password_hash
  21       true ->
  22         Logger.error("Password hash not recognized")
  23         false
  24     end
  25   end
  26
  27   def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
  28
  29   def call(
  30         %{
  31           assigns: %{
  32             auth_user: %{password_hash: password_hash} = auth_user,
  33             auth_credentials: %{password: password}
  34           }
  35         } = conn,
  36         _
  37       ) do
  38     if Pbkdf2.checkpw(password, password_hash) do
  39       conn
  40       |> assign(:user, auth_user)
  41     else
  42       conn
  43     end
  44   end
  45
  46   def call(%{assigns: %{auth_credentials: %{password: _}}} = conn, _) do
  47     Pbkdf2.dummy_checkpw()
  48     conn
  49   end
  50
  51   def call(conn, _), do: conn
  52 end