X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;ds=inline;f=lib%2Fpleroma%2Fhelpers%2Fauth_helper.ex;h=37765da4d7d04ca7b6a0bb705d0871b0078cc3e1;hb=281c4636fac4425a914ed70f975cea669acf6fe1;hp=878fec3466007b9983a4878fc60fdeb3793f3c09;hpb=489b12cde48d0ed6b16914c5a831b1e992d0d059;p=akkoma
diff --git a/lib/pleroma/helpers/auth_helper.ex b/lib/pleroma/helpers/auth_helper.ex
index 878fec346..37765da4d 100644
--- a/lib/pleroma/helpers/auth_helper.ex
+++ b/lib/pleroma/helpers/auth_helper.ex
@@ -1,12 +1,16 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors
+# Copyright © 2017-2021 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Helpers.AuthHelper do
alias Pleroma.Web.Plugs.OAuthScopesPlug
+ alias Plug.Conn
import Plug.Conn
+ @oauth_token_session_key :oauth_token
+ @oauth_user_session_key :oauth_user
+
@doc """
Skips OAuth permissions (scopes) checks, assigns nil `:token`.
Intended to be used with explicit authentication and only when OAuth token cannot be determined.
@@ -17,9 +21,39 @@ defmodule Pleroma.Helpers.AuthHelper do
|> OAuthScopesPlug.skip_plug()
end
+ @doc "Drops authentication info from connection"
def drop_auth_info(conn) do
+ # To simplify debugging, setting a private variable on `conn` if auth info is dropped
conn
|> assign(:user, nil)
|> assign(:token, nil)
+ |> put_private(:authentication_ignored, true)
+ end
+
+ @doc "Gets OAuth token string from session"
+ def get_session_token(%Conn{} = conn) do
+ get_session(conn, @oauth_token_session_key)
+ end
+
+ @doc "Updates OAuth token string in session"
+ def put_session_token(%Conn{} = conn, token) when is_binary(token) do
+ put_session(conn, @oauth_token_session_key, token)
+ end
+
+ @doc "Deletes OAuth token string from session"
+ def delete_session_token(%Conn{} = conn) do
+ delete_session(conn, @oauth_token_session_key)
+ end
+
+ def put_session_user(%Conn{} = conn, user) do
+ put_session(conn, @oauth_user_session_key, user)
+ end
+
+ def delete_session_user(%Conn{} = conn) do
+ delete_session(conn, @oauth_user_session_key)
+ end
+
+ def get_session_user(%Conn{} = conn) do
+ get_session(conn, @oauth_user_session_key)
end
end