projects
/
akkoma
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add link verification in profile fields (#405)
[akkoma]
/
lib
/
pleroma
/
web
/
plugs
/
o_auth_plug.ex
diff --git
a/lib/pleroma/web/plugs/o_auth_plug.ex
b/lib/pleroma/web/plugs/o_auth_plug.ex
index 29b3316b32cb6ca7987c2ec46fa9861fdf448b29..91f6e997419312c580dd4f600aee22fc003b9823 100644
(file)
--- a/
lib/pleroma/web/plugs/o_auth_plug.ex
+++ b/
lib/pleroma/web/plugs/o_auth_plug.ex
@@
-8,6
+8,7
@@
defmodule Pleroma.Web.Plugs.OAuthPlug do
import Plug.Conn
import Ecto.Query
import Plug.Conn
import Ecto.Query
+ alias Pleroma.Helpers.AuthHelper
alias Pleroma.Repo
alias Pleroma.User
alias Pleroma.Web.OAuth.App
alias Pleroma.Repo
alias Pleroma.User
alias Pleroma.Web.OAuth.App
@@
-17,6
+18,8
@@
defmodule Pleroma.Web.Plugs.OAuthPlug do
def init(options), do: options
def init(options), do: options
+ def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
+
def call(conn, _) do
with {:ok, token_str} <- fetch_token_str(conn) do
with {:ok, user, user_token} <- fetch_user_and_token(token_str),
def call(conn, _) do
with {:ok, token_str} <- fetch_token_str(conn) do
with {:ok, user, user_token} <- fetch_user_and_token(token_str),
@@
-44,15
+47,17
@@
defmodule Pleroma.Web.Plugs.OAuthPlug do
#
@spec fetch_user_and_token(String.t()) :: {:ok, User.t(), Token.t()} | nil
defp fetch_user_and_token(token) do
#
@spec fetch_user_and_token(String.t()) :: {:ok, User.t(), Token.t()} | nil
defp fetch_user_and_token(token) do
- query =
+
token_
query =
from(t in Token,
from(t in Token,
- where: t.token == ^token,
- join: user in assoc(t, :user),
- preload: [user: user]
+ where: t.token == ^token
)
)
- with %Token{user: user} = token_record <- Repo.one(query) do
+ with %Token{user_id: user_id} = token_record <- Repo.one(token_query),
+ false <- is_nil(user_id),
+ %User{} = user <- User.get_cached_by_id(user_id) do
{:ok, user, token_record}
{:ok, user, token_record}
+ else
+ _ -> nil
end
end
end
end
@@
-79,7
+84,7
@@
defmodule Pleroma.Web.Plugs.OAuthPlug do
with {:ok, token} <- fetch_token_str(headers) do
{:ok, token}
else
with {:ok, token} <- fetch_token_str(headers) do
{:ok, token}
else
- _ ->
:no_token_found
+ _ ->
fetch_token_from_session(conn)
end
end
end
end
@@
-93,4
+98,12
@@
defmodule Pleroma.Web.Plugs.OAuthPlug do
end
defp fetch_token_str([]), do: :no_token_found
end
defp fetch_token_str([]), do: :no_token_found
+
+ @spec fetch_token_from_session(Plug.Conn.t()) :: :no_token_found | {:ok, String.t()}
+ defp fetch_token_from_session(conn) do
+ case AuthHelper.get_session_token(conn) do
+ nil -> :no_token_found
+ token -> {:ok, token}
+ end
+ end
end
end