projects
/
akkoma
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'issue/2068' into 'develop'
[akkoma]
/
lib
/
pleroma
/
plugs
/
admin_secret_authentication_plug.ex
diff --git
a/lib/pleroma/plugs/admin_secret_authentication_plug.ex
b/lib/pleroma/plugs/admin_secret_authentication_plug.ex
index 49dea452d4fe9e092a4fd50f750bfc8a8da8e4e2..2e54df47a386bb6e02eb402981e09c5567d08cdc 100644
(file)
--- a/
lib/pleroma/plugs/admin_secret_authentication_plug.ex
+++ b/
lib/pleroma/plugs/admin_secret_authentication_plug.ex
@@
-1,9
+1,12
@@
# Pleroma: A lightweight social networking server
# Pleroma: A lightweight social networking server
-# Copyright © 2017-20
19
Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-20
20
Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
import Plug.Conn
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
import Plug.Conn
+
+ alias Pleroma.Plugs.OAuthScopesPlug
+ alias Pleroma.Plugs.RateLimiter
alias Pleroma.User
def init(options) do
alias Pleroma.User
def init(options) do
@@
-11,7
+14,10
@@
defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
end
def secret_token do
end
def secret_token do
- Pleroma.Config.get(:admin_token)
+ case Pleroma.Config.get(:admin_token) do
+ blank when blank in [nil, ""] -> nil
+ token -> token
+ end
end
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
end
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
@@
-26,9
+32,9
@@
defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
def authenticate(%{params: %{"admin_token" => admin_token}} = conn) do
if admin_token == secret_token() do
def authenticate(%{params: %{"admin_token" => admin_token}} = conn) do
if admin_token == secret_token() do
- assign
(conn, :user, %User{is_admin: true}
)
+ assign
_admin_user(conn
)
else
else
- conn
+ handle_bad_token(conn)
end
end
end
end
@@
-36,8
+42,19
@@
defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
token = secret_token()
case get_req_header(conn, "x-admin-token") do
token = secret_token()
case get_req_header(conn, "x-admin-token") do
- [^token] -> assign(conn, :user, %User{is_admin: true})
- _ -> conn
+ blank when blank in [[], [""]] -> conn
+ [^token] -> assign_admin_user(conn)
+ _ -> handle_bad_token(conn)
end
end
end
end
+
+ defp assign_admin_user(conn) do
+ conn
+ |> assign(:user, %User{is_admin: true})
+ |> OAuthScopesPlug.skip_plug()
+ end
+
+ defp handle_bad_token(conn) do
+ RateLimiter.call(conn, name: :authentication)
+ end
end
end