projects
/
akkoma
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'openapi/nullable-request-fields' into 'develop'
[akkoma]
/
lib
/
pleroma
/
plugs
/
authentication_plug.ex
diff --git
a/lib/pleroma/plugs/authentication_plug.ex
b/lib/pleroma/plugs/authentication_plug.ex
index eec5148927e32fd2fb8ad99c06881e9065b5e681..2cdf6c9511f986b44c0266a19012a38ba76c0ca2 100644
(file)
--- a/
lib/pleroma/plugs/authentication_plug.ex
+++ b/
lib/pleroma/plugs/authentication_plug.ex
@@
-1,29
+1,33
@@
# Pleroma: A lightweight social networking server
# Pleroma: A lightweight social networking server
-# Copyright © 2017-20
19
Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-20
20
Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Plugs.AuthenticationPlug do
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Plugs.AuthenticationPlug do
- alias Comeonin.Pbkdf2
- import Plug.Conn
+ alias Pleroma.Plugs.OAuthScopesPlug
alias Pleroma.User
alias Pleroma.User
+
+ import Plug.Conn
+
require Logger
require Logger
- def init(options) do
- options
+ def init(options), do: options
+
+ def checkpw(password, "$6" <> _ = password_hash) do
+ :crypt.crypt(password, password_hash) == password_hash
end
end
- def checkpw(password, password_hash) do
- cond do
- String.starts_with?(password_hash, "$pbkdf2") ->
- Pbkdf2.checkpw(password, password_hash)
+ def checkpw(password,
"$2" <> _ =
password_hash) do
+ # Handle bcrypt passwords for Mastodon migration
+ Bcrypt.verify_pass(password, password_hash)
+ end
- String.starts_with?(password_hash, "$6") ->
- :crypt.crypt(password, password_hash) == password_hash
+ def checkpw(password, "$pbkdf2" <> _ = password_hash) do
+ Pbkdf2.verify_pass(password, password_hash)
+ end
- true ->
- Logger.error("Password hash not recognized")
- false
- end
+ def checkpw(_password, _password_hash) do
+ Logger.error("Password hash not recognized")
+ false
end
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
end
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
@@
-37,16
+41,17
@@
defmodule Pleroma.Plugs.AuthenticationPlug do
} = conn,
_
) do
} = conn,
_
) do
- if
Pbkdf2.
checkpw(password, password_hash) do
+ if checkpw(password, password_hash) do
conn
|> assign(:user, auth_user)
conn
|> assign(:user, auth_user)
+ |> OAuthScopesPlug.skip_plug()
else
conn
end
end
def call(%{assigns: %{auth_credentials: %{password: _}}} = conn, _) do
else
conn
end
end
def call(%{assigns: %{auth_credentials: %{password: _}}} = conn, _) do
- Pbkdf2.
dummy_checkpw
()
+ Pbkdf2.
no_user_verify
()
conn
end
conn
end