git.squeep.com Git - akkoma/blob - lib/pleroma/web/plugs/authentication_plug.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.Plugs.AuthenticationPlug do
   6   @moduledoc "Password authentication plug."
   7
   8   alias Pleroma.Helpers.AuthHelper
   9   alias Pleroma.User
  10   alias Pleroma.Password
  11
  12   import Plug.Conn
  13
  14   require Logger
  15
  16   def init(options), do: options
  17
  18   def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
  19
  20   def call(
  21         %{
  22           assigns: %{
  23             auth_user: %{password_hash: password_hash} = auth_user,
  24             auth_credentials: %{password: password}
  25           }
  26         } = conn,
  27         _
  28       ) do
  29     if Password.checkpw(password, password_hash) do
  30       {:ok, auth_user} = Password.maybe_update_password(auth_user, password)
  31
  32       conn
  33       |> assign(:user, auth_user)
  34       |> AuthHelper.skip_oauth()
  35     else
  36       conn
  37     end
  38   end
  39
  40   def call(conn, _), do: conn
  41
  42   @spec checkpw(String.t(), String.t()) :: boolean
  43   defdelegate checkpw(password, hash), to: Password
  44 end