X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;ds=sidebyside;f=lib%2Fpleroma%2Fweb%2Fplugs%2Fauthentication_plug.ex;h=894a1067e75c053d495eaa24f6240bc719819622;hb=a079ec3a3cdfd42d2cbd51c7698c2c87828e5778;hp=e2a8b1b69366062b8571f861ed17db1e56fd403c;hpb=d8d4e962304c5424de4d171d25445b7135a67a09;p=akkoma
diff --git a/lib/pleroma/web/plugs/authentication_plug.ex b/lib/pleroma/web/plugs/authentication_plug.ex
index e2a8b1b69..894a1067e 100644
--- a/lib/pleroma/web/plugs/authentication_plug.ex
+++ b/lib/pleroma/web/plugs/authentication_plug.ex
@@ -1,9 +1,13 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors
+# Copyright © 2017-2021 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Plugs.AuthenticationPlug do
+ @moduledoc "Password authentication plug."
+
+ alias Pleroma.Helpers.AuthHelper
alias Pleroma.User
+ alias Pleroma.Password
import Plug.Conn
@@ -11,43 +15,6 @@ defmodule Pleroma.Web.Plugs.AuthenticationPlug do
def init(options), do: options
- def checkpw(password, "$6" <> _ = password_hash) do
- :crypt.crypt(password, password_hash) == password_hash
- end
-
- def checkpw(password, "$2" <> _ = password_hash) do
- # Handle bcrypt passwords for Mastodon migration
- Bcrypt.verify_pass(password, password_hash)
- end
-
- def checkpw(password, "$pbkdf2" <> _ = password_hash) do
- Pbkdf2.verify_pass(password, password_hash)
- end
-
- def checkpw(_password, _password_hash) do
- Logger.error("Password hash not recognized")
- false
- end
-
- def maybe_update_password(%User{password_hash: "$2" <> _} = user, password) do
- do_update_password(user, password)
- end
-
- def maybe_update_password(%User{password_hash: "$6" <> _} = user, password) do
- do_update_password(user, password)
- end
-
- def maybe_update_password(user, _), do: {:ok, user}
-
- defp do_update_password(user, password) do
- user
- |> User.password_update_changeset(%{
- "password" => password,
- "password_confirmation" => password
- })
- |> Pleroma.Repo.update()
- end
-
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
def call(
@@ -59,21 +26,19 @@ defmodule Pleroma.Web.Plugs.AuthenticationPlug do
} = conn,
_
) do
- if checkpw(password, password_hash) do
- {:ok, auth_user} = maybe_update_password(auth_user, password)
+ if Password.checkpw(password, password_hash) do
+ {:ok, auth_user} = Password.maybe_update_password(auth_user, password)
conn
|> assign(:user, auth_user)
- |> Pleroma.Web.Plugs.OAuthScopesPlug.skip_plug()
+ |> AuthHelper.skip_oauth()
else
conn
end
end
- def call(%{assigns: %{auth_credentials: %{password: _}}} = conn, _) do
- Pbkdf2.no_user_verify()
- conn
- end
-
def call(conn, _), do: conn
+
+ @spec checkpw(String.t(), String.t()) :: boolean
+ defdelegate checkpw(password, hash), to: Password
end