projects
/
akkoma
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'openapi/nullable-request-fields' into 'develop'
[akkoma]
/
lib
/
pleroma
/
plugs
/
authentication_plug.ex
diff --git
a/lib/pleroma/plugs/authentication_plug.ex
b/lib/pleroma/plugs/authentication_plug.ex
index 0061c69dccedf50949b02aca0f89f55457e673cc..2cdf6c9511f986b44c0266a19012a38ba76c0ca2 100644
(file)
--- a/
lib/pleroma/plugs/authentication_plug.ex
+++ b/
lib/pleroma/plugs/authentication_plug.ex
@@
-3,7
+3,6
@@
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Plugs.AuthenticationPlug do
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Plugs.AuthenticationPlug do
- alias Comeonin.Pbkdf2
alias Pleroma.Plugs.OAuthScopesPlug
alias Pleroma.User
alias Pleroma.Plugs.OAuthScopesPlug
alias Pleroma.User
@@
-17,8
+16,13
@@
defmodule Pleroma.Plugs.AuthenticationPlug do
:crypt.crypt(password, password_hash) == password_hash
end
:crypt.crypt(password, password_hash) == password_hash
end
+ def checkpw(password, "$2" <> _ = password_hash) do
+ # Handle bcrypt passwords for Mastodon migration
+ Bcrypt.verify_pass(password, password_hash)
+ end
+
def checkpw(password, "$pbkdf2" <> _ = password_hash) do
def checkpw(password, "$pbkdf2" <> _ = password_hash) do
- Pbkdf2.
checkpw
(password, password_hash)
+ Pbkdf2.
verify_pass
(password, password_hash)
end
def checkpw(_password, _password_hash) do
end
def checkpw(_password, _password_hash) do
@@
-37,7
+41,7
@@
defmodule Pleroma.Plugs.AuthenticationPlug do
} = conn,
_
) do
} = conn,
_
) do
- if
Pbkdf2.
checkpw(password, password_hash) do
+ if checkpw(password, password_hash) do
conn
|> assign(:user, auth_user)
|> OAuthScopesPlug.skip_plug()
conn
|> assign(:user, auth_user)
|> OAuthScopesPlug.skip_plug()
@@
-47,7
+51,7
@@
defmodule Pleroma.Plugs.AuthenticationPlug do
end
def call(%{assigns: %{auth_credentials: %{password: _}}} = conn, _) do
end
def call(%{assigns: %{auth_credentials: %{password: _}}} = conn, _) do
- Pbkdf2.
dummy_checkpw
()
+ Pbkdf2.
no_user_verify
()
conn
end
conn
end