git.squeep.com Git - akkoma/blob - lib/pleroma/web/plugs/basic_auth_decoder_plug.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.Plugs.BasicAuthDecoderPlug do
   6   @moduledoc """
   7   Decodes HTTP Basic Auth information and assigns `:auth_credentials`.
   8
   9   NOTE: no checks are performed at this step, auth_credentials/username could be easily faked.
  10   """
  11
  12   import Plug.Conn
  13
  14   def init(options) do
  15     options
  16   end
  17
  18   def call(conn, _opts) do
  19     with ["Basic " <> header] <- get_req_header(conn, "authorization"),
  20          {:ok, userinfo} <- Base.decode64(header),
  21          [username, password] <- String.split(userinfo, ":", parts: 2) do
  22       conn
  23       |> assign(:auth_credentials, %{
  24         username: username,
  25         password: password
  26       })
  27     else
  28       _ -> conn
  29     end
  30   end
  31 end