Add EnsureAuthenticatedPlug

diff --git a/lib/pleroma/plugs/ensure_authenticated_plug.ex b/lib/pleroma/plugs/ensure_authenticated_plug.ex
new file mode 100644 (file)
index 0000000..bca44eb
--- /dev/null
+++ b/lib/pleroma/plugs/ensure_authenticated_plug.ex
@@ -0,0 +1,19 @@
+defmodule Pleroma.Plugs.EnsureAuthenticatedPlug do
+  import Plug.Conn
+  alias Pleroma.User
+
+  def init(options) do
+    options
+  end
+
+  def call(%{assigns: %{user: %User{}}} = conn, _) do
+    conn
+  end
+
+  def call(conn, _) do
+    conn
+    |> put_resp_content_type("application/json")
+    |> send_resp(403, Jason.encode!(%{error: "Invalid credentials."}))
+    |> halt
+  end
+end

diff --git a/test/plugs/ensure_authenticated_plug_test.exs b/test/plugs/ensure_authenticated_plug_test.exs
new file mode 100644 (file)
index 0000000..b32817f
--- /dev/null
+++ b/test/plugs/ensure_authenticated_plug_test.exs
@@ -0,0 +1,27 @@
+defmodule Pleroma.Plugs.EnsureAuthenticatedPlugTest do
+  use Pleroma.Web.ConnCase, async: true
+
+  alias Pleroma.Plugs.EnsureAuthenticatedPlug
+  alias Pleroma.User
+
+  test "it halts if no user is assigned", %{conn: conn} do
+    conn =
+      conn
+      |> EnsureAuthenticatedPlug.call(%{})
+
+    assert conn.status == 403
+    assert conn.halted == true
+  end
+
+  test "it continues if a user is assigned", %{conn: conn} do
+    conn =
+      conn
+      |> assign(:user, %User{})
+
+    ret_conn =
+      conn
+      |> EnsureAuthenticatedPlug.call(%{})
+
+    assert ret_conn == conn
+  end
+end