Merge branch 'get_announce_visibility-name' into 'develop'
[akkoma] / lib / pleroma / web / auth / pleroma_authenticator.ex
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.Auth.PleromaAuthenticator do
6 alias Pleroma.Plugs.AuthenticationPlug
7 alias Pleroma.Registration
8 alias Pleroma.Repo
9 alias Pleroma.User
10
11 import Pleroma.Web.Auth.Authenticator,
12 only: [fetch_credentials: 1, fetch_user: 1]
13
14 @behaviour Pleroma.Web.Auth.Authenticator
15
16 def get_user(%Plug.Conn{} = conn) do
17 with {:ok, {name, password}} <- fetch_credentials(conn),
18 {_, %User{} = user} <- {:user, fetch_user(name)},
19 {_, true} <- {:checkpw, AuthenticationPlug.checkpw(password, user.password_hash)} do
20 {:ok, user}
21 else
22 error ->
23 {:error, error}
24 end
25 end
26
27 @doc """
28 Gets or creates Pleroma.Registration record from Ueberauth assigns.
29 Note: some strategies (like `keycloak`) might need extra configuration to fill `uid` from callback response —
30 see [`docs/config.md`](docs/config.md).
31 """
32 def get_registration(%Plug.Conn{assigns: %{ueberauth_auth: %{uid: nil}}}),
33 do: {:error, :missing_uid}
34
35 def get_registration(%Plug.Conn{
36 assigns: %{ueberauth_auth: %{provider: provider, uid: uid} = auth}
37 }) do
38 registration = Registration.get_by_provider_uid(provider, uid)
39
40 if registration do
41 {:ok, registration}
42 else
43 info = auth.info
44
45 %Registration{}
46 |> Registration.changeset(%{
47 provider: to_string(provider),
48 uid: to_string(uid),
49 info: %{
50 "nickname" => info.nickname,
51 "email" => info.email,
52 "name" => info.name,
53 "description" => info.description
54 }
55 })
56 |> Repo.insert()
57 end
58 end
59
60 def get_registration(%Plug.Conn{} = _conn), do: {:error, :missing_credentials}
61
62 @doc "Creates Pleroma.User record basing on params and Pleroma.Registration record."
63 def create_from_registration(
64 %Plug.Conn{params: %{"authorization" => registration_attrs}},
65 %Registration{} = registration
66 ) do
67 nickname = value([registration_attrs["nickname"], Registration.nickname(registration)])
68 email = value([registration_attrs["email"], Registration.email(registration)])
69 name = value([registration_attrs["name"], Registration.name(registration)]) || nickname
70 bio = value([registration_attrs["bio"], Registration.description(registration)])
71
72 random_password = :crypto.strong_rand_bytes(64) |> Base.encode64()
73
74 with {:ok, new_user} <-
75 User.register_changeset(
76 %User{},
77 %{
78 email: email,
79 nickname: nickname,
80 name: name,
81 bio: bio,
82 password: random_password,
83 password_confirmation: random_password
84 },
85 external: true,
86 need_confirmation: false
87 )
88 |> Repo.insert(),
89 {:ok, _} <-
90 Registration.changeset(registration, %{user_id: new_user.id}) |> Repo.update() do
91 {:ok, new_user}
92 end
93 end
94
95 defp value(list), do: Enum.find(list, &(to_string(&1) != ""))
96
97 def handle_error(%Plug.Conn{} = _conn, error) do
98 error
99 end
100
101 def auth_template, do: nil
102
103 def oauth_consumer_template, do: nil
104 end