X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fmongooseim%2Fmongoose_im_controller.ex;h=6cbbe8fd8dbb7ea1f879f4686a4a955f7671073e;hb=9c672ecbb5d4477cd16d2139a2cb66d3923ac5c8;hp=c15b4bfb8198afd475f86c02198e814f0e2b29fd;hpb=5c7cc109172c84b991fad7eebbdd51e75f0c5382;p=akkoma

diff --git a/lib/pleroma/web/mongooseim/mongoose_im_controller.ex b/lib/pleroma/web/mongooseim/mongoose_im_controller.ex
index c15b4bfb8..6cbbe8fd8 100644
--- a/lib/pleroma/web/mongooseim/mongoose_im_controller.ex
+++ b/lib/pleroma/web/mongooseim/mongoose_im_controller.ex
@@ -5,7 +5,7 @@
 defmodule Pleroma.Web.MongooseIM.MongooseIMController do
   use Pleroma.Web, :controller
 
-  alias Comeonin.Pbkdf2
+  alias Pleroma.Plugs.AuthenticationPlug
   alias Pleroma.Plugs.RateLimiter
   alias Pleroma.Repo
   alias Pleroma.User
@@ -14,7 +14,7 @@ defmodule Pleroma.Web.MongooseIM.MongooseIMController do
   plug(RateLimiter, [name: :authentication, params: ["user"]] when action == :check_password)
 
   def user_exists(conn, %{"user" => username}) do
-    with %User{} <- Repo.get_by(User, nickname: username, local: true) do
+    with %User{} <- Repo.get_by(User, nickname: username, local: true, deactivated: false) do
       conn
       |> json(true)
     else
@@ -26,41 +26,21 @@ defmodule Pleroma.Web.MongooseIM.MongooseIMController do
   end
 
   def check_password(conn, %{"user" => username, "pass" => password}) do
-    user = Repo.get_by(User, nickname: username, local: true)
-    
-    state = case user do
-      nil -> nil
-      _ -> User.account_status(user)
-    end
-
-    case state do
-      :deactivated ->
+    with %User{password_hash: password_hash, deactivated: false} <-
+           Repo.get_by(User, nickname: username, local: true),
+         true <- AuthenticationPlug.checkpw(password, password_hash) do
+      conn
+      |> json(true)
+    else
+      false ->
         conn
-        |> put_status(:not_found)
+        |> put_status(:forbidden)
         |> json(false)
 
-      :confirmation_pending ->
+      _ ->
         conn
         |> put_status(:not_found)
         |> json(false)
-
-      _ ->
-        with %User{password_hash: password_hash} <-
-               user,
-             true <- Pbkdf2.checkpw(password, password_hash) do
-          conn
-          |> json(true)
-        else
-          false ->
-            conn
-            |> put_status(:forbidden)
-            |> json(false)
-
-          _ ->
-            conn
-            |> put_status(:not_found)
-            |> json(false)
-        end
     end
   end
 end