1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.Auth.PleromaAuthenticator do
8 alias Pleroma.Registration
11 @behaviour Pleroma.Web.Auth.Authenticator
13 def get_user(%Plug.Conn{} = _conn, params) do
16 %{"authorization" => %{"name" => name, "password" => password}} ->
19 %{"grant_type" => "password", "username" => name, "password" => password} ->
23 with {_, %User{} = user} <- {:user, User.get_by_nickname_or_email(name)},
24 {_, true} <- {:checkpw, Pbkdf2.checkpw(password, user.password_hash)} do
32 def get_by_external_registration(
33 %Plug.Conn{assigns: %{ueberauth_auth: %{provider: provider, uid: uid} = auth}},
36 registration = Registration.get_by_provider_uid(provider, uid)
39 user = Repo.preload(registration, :user).user
44 nickname = info.nickname
46 # Note: nullifying email in case this email is already taken
48 if email && User.get_by_email(email) do
54 # Note: generating a random numeric suffix to nickname in case this nickname is already taken
56 if nickname && User.get_by_nickname(nickname) do
57 "#{nickname}#{:os.system_time()}"
62 random_password = :crypto.strong_rand_bytes(64) |> Base.encode64()
64 with {:ok, new_user} <-
65 User.register_changeset(
69 bio: info.description,
72 password: random_password,
73 password_confirmation: random_password
80 Registration.changeset(%Registration{}, %{
82 provider: to_string(provider),
84 info: %{nickname: info.nickname, email: info.email}
92 def get_by_external_registration(%Plug.Conn{} = _conn, _params),
93 do: {:error, :missing_credentials}
95 def handle_error(%Plug.Conn{} = _conn, error) do
99 def auth_template, do: nil