Merge branch 'stable' into stable-sync/2.1.2

[akkoma] / lib / pleroma / web / auth / pleroma_authenticator.ex

diff --git a/lib/pleroma/web/auth/pleroma_authenticator.ex b/lib/pleroma/web/auth/pleroma_authenticator.ex
index c4a6fce08113b76932c04df6fc116d44f3a747ad..c611b3e0916dd83485bb65c3a04cd789d5532c6c 100644 (file)
--- a/lib/pleroma/web/auth/pleroma_authenticator.ex
+++ b/lib/pleroma/web/auth/pleroma_authenticator.ex
@@ -1,9 +1,9 @@
 # Pleroma: A lightweight social networking server
-# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.Auth.PleromaAuthenticator do
-  alias Comeonin.Pbkdf2
+  alias Pleroma.Plugs.AuthenticationPlug
   alias Pleroma.Registration
   alias Pleroma.Repo
   alias Pleroma.User
@@ -16,14 +16,23 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticator do
   def get_user(%Plug.Conn{} = conn) do
     with {:ok, {name, password}} <- fetch_credentials(conn),
          {_, %User{} = user} <- {:user, fetch_user(name)},
-         {_, true} <- {:checkpw, Pbkdf2.checkpw(password, user.password_hash)} do
+         {_, true} <- {:checkpw, AuthenticationPlug.checkpw(password, user.password_hash)},
+         {:ok, user} <- AuthenticationPlug.maybe_update_password(user, password) do
       {:ok, user}
     else
-      error ->
-        {:error, error}
+      {:error, _reason} = error -> error
+      error -> {:error, error}
     end
   end
 
+  @doc """
+  Gets or creates Pleroma.Registration record from Ueberauth assigns.
+  Note: some strategies (like `keycloak`) might need extra configuration to fill `uid` from callback response —
+    see [`docs/config.md`](docs/config.md).
+  """
+  def get_registration(%Plug.Conn{assigns: %{ueberauth_auth: %{uid: nil}}}),
+    do: {:error, :missing_uid}
+
   def get_registration(%Plug.Conn{
         assigns: %{ueberauth_auth: %{provider: provider, uid: uid} = auth}
       }) do
@@ -51,14 +60,15 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticator do
 
   def get_registration(%Plug.Conn{} = _conn), do: {:error, :missing_credentials}
 
+  @doc "Creates Pleroma.User record basing on params and Pleroma.Registration record."
   def create_from_registration(
         %Plug.Conn{params: %{"authorization" => registration_attrs}},
-        registration
+        %Registration{} = registration
       ) do
     nickname = value([registration_attrs["nickname"], Registration.nickname(registration)])
     email = value([registration_attrs["email"], Registration.email(registration)])
     name = value([registration_attrs["name"], Registration.name(registration)]) || nickname
-    bio = value([registration_attrs["bio"], Registration.description(registration)])
+    bio = value([registration_attrs["bio"], Registration.description(registration)]) || ""
 
     random_password = :crypto.strong_rand_bytes(64) |> Base.encode64()