Remove _misskey_reaction matching (#500)
[akkoma] / lib / pleroma / web / plugs / admin_secret_authentication_plug.ex
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.Plugs.AdminSecretAuthenticationPlug do
6 import Plug.Conn
7
8 alias Pleroma.Helpers.AuthHelper
9 alias Pleroma.User
10 alias Pleroma.Web.Plugs.RateLimiter
11
12 def init(options) do
13 options
14 end
15
16 def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
17
18 def call(conn, _) do
19 if secret_token() do
20 authenticate(conn)
21 else
22 conn
23 end
24 end
25
26 defp authenticate(%{params: %{"admin_token" => admin_token}} = conn) do
27 if admin_token == secret_token() do
28 assign_admin_user(conn)
29 else
30 handle_bad_token(conn)
31 end
32 end
33
34 defp authenticate(conn) do
35 token = secret_token()
36
37 case get_req_header(conn, "x-admin-token") do
38 blank when blank in [[], [""]] -> conn
39 [^token] -> assign_admin_user(conn)
40 _ -> handle_bad_token(conn)
41 end
42 end
43
44 defp secret_token do
45 case Pleroma.Config.get(:admin_token) do
46 blank when blank in [nil, ""] -> nil
47 token -> token
48 end
49 end
50
51 defp assign_admin_user(conn) do
52 conn
53 |> assign(:user, %User{is_admin: true})
54 |> AuthHelper.skip_oauth()
55 end
56
57 defp handle_bad_token(conn) do
58 RateLimiter.call(conn, name: :authentication)
59 end
60 end