projects
/
akkoma
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'feature/1952-read-muted-notifications' into 'develop'
[akkoma]
/
lib
/
pleroma
/
plugs
/
admin_secret_authentication_plug.ex
diff --git
a/lib/pleroma/plugs/admin_secret_authentication_plug.ex
b/lib/pleroma/plugs/admin_secret_authentication_plug.ex
index ff0328d4a658cab3819071b913802fbc408e801b..2e54df47a386bb6e02eb402981e09c5567d08cdc 100644
(file)
--- a/
lib/pleroma/plugs/admin_secret_authentication_plug.ex
+++ b/
lib/pleroma/plugs/admin_secret_authentication_plug.ex
@@
-5,15
+5,19
@@
defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
import Plug.Conn
defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
import Plug.Conn
- alias Pleroma.User
alias Pleroma.Plugs.OAuthScopesPlug
alias Pleroma.Plugs.OAuthScopesPlug
+ alias Pleroma.Plugs.RateLimiter
+ alias Pleroma.User
def init(options) do
options
end
def secret_token do
def init(options) do
options
end
def secret_token do
- Pleroma.Config.get(:admin_token)
+ case Pleroma.Config.get(:admin_token) do
+ blank when blank in [nil, ""] -> nil
+ token -> token
+ end
end
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
end
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
@@
-30,7
+34,7
@@
defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
if admin_token == secret_token() do
assign_admin_user(conn)
else
if admin_token == secret_token() do
assign_admin_user(conn)
else
- conn
+ handle_bad_token(conn)
end
end
end
end
@@
-38,8
+42,9
@@
defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
token = secret_token()
case get_req_header(conn, "x-admin-token") do
token = secret_token()
case get_req_header(conn, "x-admin-token") do
+ blank when blank in [[], [""]] -> conn
[^token] -> assign_admin_user(conn)
[^token] -> assign_admin_user(conn)
- _ ->
conn
+ _ ->
handle_bad_token(conn)
end
end
end
end
@@
-48,4
+53,8
@@
defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
|> assign(:user, %User{is_admin: true})
|> OAuthScopesPlug.skip_plug()
end
|> assign(:user, %User{is_admin: true})
|> OAuthScopesPlug.skip_plug()
end
+
+ defp handle_bad_token(conn) do
+ RateLimiter.call(conn, name: :authentication)
+ end
end
end