X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fplugs%2Fauthentication_plug.ex;h=14654f2e6ff6f73aa8d7aa86cc6872e914b139f4;hb=5fc6e9d467f69af155627cccaa27616fe7ffc61f;hp=76a4710c18f6c27416e3d62bc14c4650c7242725;hpb=e32dbfc9a5477830dba7bf3e99621161e4454a29;p=akkoma diff --git a/lib/pleroma/plugs/authentication_plug.ex b/lib/pleroma/plugs/authentication_plug.ex index 76a4710c1..14654f2e6 100644 --- a/lib/pleroma/plugs/authentication_plug.ex +++ b/lib/pleroma/plugs/authentication_plug.ex @@ -1,28 +1,40 @@ defmodule Pleroma.Plugs.AuthenticationPlug do + alias Comeonin.Pbkdf2 import Plug.Conn + alias Pleroma.User def init(options) do options end + def call(%{assigns: %{user: %User{}}} = conn, _), do: conn + def call(conn, opts) do with {:ok, username, password} <- decode_header(conn), {:ok, user} <- opts[:fetcher].(username), - {:ok, verified_user} <- verify(user, password) + saved_user_id <- get_session(conn, :user_id), + {:ok, verified_user} <- verify(user, password, saved_user_id) do - conn |> assign(:user, verified_user) + conn + |> assign(:user, verified_user) + |> put_session(:user_id, verified_user.id) else _ -> conn |> halt_or_continue(opts) end end - defp verify(nil, _password) do - Comeonin.Pbkdf2.dummy_checkpw + # Short-circuit if we have a cookie with the id for the given user. + defp verify(%{id: id} = user, _password, id) do + {:ok, user} + end + + defp verify(nil, _password, _user_id) do + Pbkdf2.dummy_checkpw :error end - defp verify(user, password) do - if Comeonin.Pbkdf2.checkpw(password, user[:password_hash]) do + defp verify(user, password, _user_id) do + if Pbkdf2.checkpw(password, user.password_hash) do {:ok, user} else :error @@ -34,7 +46,7 @@ defmodule Pleroma.Plugs.AuthenticationPlug do {:ok, userinfo} <- Base.decode64(header), [username, password] <- String.split(userinfo, ":") do - { :ok, username, password } + {:ok, username, password} end end