X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fplugs%2Fo_auth_plug.ex;h=91f6e997419312c580dd4f600aee22fc003b9823;hb=a079ec3a3cdfd42d2cbd51c7698c2c87828e5778;hp=29b3316b32cb6ca7987c2ec46fa9861fdf448b29;hpb=429e2ac832a874ae8ba8a9c116da61a6273c8a87;p=akkoma

diff --git a/lib/pleroma/web/plugs/o_auth_plug.ex b/lib/pleroma/web/plugs/o_auth_plug.ex
index 29b3316b3..91f6e9974 100644
--- a/lib/pleroma/web/plugs/o_auth_plug.ex
+++ b/lib/pleroma/web/plugs/o_auth_plug.ex
@@ -8,6 +8,7 @@ defmodule Pleroma.Web.Plugs.OAuthPlug do
   import Plug.Conn
   import Ecto.Query
 
+  alias Pleroma.Helpers.AuthHelper
   alias Pleroma.Repo
   alias Pleroma.User
   alias Pleroma.Web.OAuth.App
@@ -17,6 +18,8 @@ defmodule Pleroma.Web.Plugs.OAuthPlug do
 
   def init(options), do: options
 
+  def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
+
   def call(conn, _) do
     with {:ok, token_str} <- fetch_token_str(conn) do
       with {:ok, user, user_token} <- fetch_user_and_token(token_str),
@@ -44,15 +47,17 @@ defmodule Pleroma.Web.Plugs.OAuthPlug do
   #
   @spec fetch_user_and_token(String.t()) :: {:ok, User.t(), Token.t()} | nil
   defp fetch_user_and_token(token) do
-    query =
+    token_query =
       from(t in Token,
-        where: t.token == ^token,
-        join: user in assoc(t, :user),
-        preload: [user: user]
+        where: t.token == ^token
       )
 
-    with %Token{user: user} = token_record <- Repo.one(query) do
+    with %Token{user_id: user_id} = token_record <- Repo.one(token_query),
+         false <- is_nil(user_id),
+         %User{} = user <- User.get_cached_by_id(user_id) do
       {:ok, user, token_record}
+    else
+      _ -> nil
     end
   end
 
@@ -79,7 +84,7 @@ defmodule Pleroma.Web.Plugs.OAuthPlug do
     with {:ok, token} <- fetch_token_str(headers) do
       {:ok, token}
     else
-      _ -> :no_token_found
+      _ -> fetch_token_from_session(conn)
     end
   end
 
@@ -93,4 +98,12 @@ defmodule Pleroma.Web.Plugs.OAuthPlug do
   end
 
   defp fetch_token_str([]), do: :no_token_found
+
+  @spec fetch_token_from_session(Plug.Conn.t()) :: :no_token_found | {:ok, String.t()}
+  defp fetch_token_from_session(conn) do
+    case AuthHelper.get_session_token(conn) do
+      nil -> :no_token_found
+      token -> {:ok, token}
+    end
+  end
 end