in dev, allow dev FE

[akkoma] / lib / pleroma / web / plugs / authentication_plug.ex
diff --git a/lib/pleroma/web/plugs/authentication_plug.ex b/lib/pleroma/web/plugs/authentication_plug.ex

index e2a8b1b69366062b8571f861ed17db1e56fd403c..894a1067e75c053d495eaa24f6240bc719819622 100644 (file)
--- a/lib/pleroma/web/plugs/authentication_plug.ex
+++ b/lib/pleroma/web/plugs/authentication_plug.ex
@@ -1,9 +1,13 @@
  # Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
  # SPDX-License-Identifier: AGPL-3.0-only
  
  defmodule Pleroma.Web.Plugs.AuthenticationPlug do
+  @moduledoc "Password authentication plug."
+
+  alias Pleroma.Helpers.AuthHelper
    alias Pleroma.User
+  alias Pleroma.Password
  
    import Plug.Conn
  
@@ -11,43 +15,6 @@ defmodule Pleroma.Web.Plugs.AuthenticationPlug do
  
    def init(options), do: options
  
-  def checkpw(password, "$6" <> _ = password_hash) do
-    :crypt.crypt(password, password_hash) == password_hash
-  end
-
-  def checkpw(password, "$2" <> _ = password_hash) do
-    # Handle bcrypt passwords for Mastodon migration
-    Bcrypt.verify_pass(password, password_hash)
-  end
-
-  def checkpw(password, "$pbkdf2" <> _ = password_hash) do
-    Pbkdf2.verify_pass(password, password_hash)
-  end
-
-  def checkpw(_password, _password_hash) do
-    Logger.error("Password hash not recognized")
-    false
-  end
-
-  def maybe_update_password(%User{password_hash: "$2" <> _} = user, password) do
-    do_update_password(user, password)
-  end
-
-  def maybe_update_password(%User{password_hash: "$6" <> _} = user, password) do
-    do_update_password(user, password)
-  end
-
-  def maybe_update_password(user, _), do: {:ok, user}
-
-  defp do_update_password(user, password) do
-    user
-    |> User.password_update_changeset(%{
-      "password" => password,
-      "password_confirmation" => password
-    })
-    |> Pleroma.Repo.update()
-  end
-
    def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
  
    def call(
@@ -59,21 +26,19 @@ defmodule Pleroma.Web.Plugs.AuthenticationPlug do
          } = conn,
          _
        ) do
-    if checkpw(password, password_hash) do
-      {:ok, auth_user} = maybe_update_password(auth_user, password)
+    if Password.checkpw(password, password_hash) do
+      {:ok, auth_user} = Password.maybe_update_password(auth_user, password)
  
        conn
        |> assign(:user, auth_user)
-      |> Pleroma.Web.Plugs.OAuthScopesPlug.skip_plug()
+      |> AuthHelper.skip_oauth()
      else
        conn
      end
    end
  
-  def call(%{assigns: %{auth_credentials: %{password: _}}} = conn, _) do
-    Pbkdf2.no_user_verify()
-    conn
-  end
-
    def call(conn, _), do: conn
+
+  @spec checkpw(String.t(), String.t()) :: boolean
+  defdelegate checkpw(password, hash), to: Password
  end