Update Copyrights

[akkoma] / lib / pleroma / plugs / admin_secret_authentication_plug.ex

diff --git a/lib/pleroma/plugs/admin_secret_authentication_plug.ex b/lib/pleroma/plugs/admin_secret_authentication_plug.ex
index 5baf8a6914defa37c6a60d42bb61eab7ba22d87e..b4b47a31f2ffaff3d1095610f64e1f3499cb1454 100644 (file)
--- a/lib/pleroma/plugs/admin_secret_authentication_plug.ex
+++ b/lib/pleroma/plugs/admin_secret_authentication_plug.ex
@@ -1,5 +1,5 @@
 # Pleroma: A lightweight social networking server
-# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
@@ -16,14 +16,28 @@ defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
 
   def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
 
-  def call(%{params: %{"admin_token" => admin_token}} = conn, _) do
-    if secret_token() && admin_token == secret_token() do
+  def call(conn, _) do
+    if secret_token() do
+      authenticate(conn)
+    else
       conn
-      |> assign(:user, %User{info: %{is_admin: true}})
+    end
+  end
+
+  def authenticate(%{params: %{"admin_token" => admin_token}} = conn) do
+    if admin_token == secret_token() do
+      assign(conn, :user, %User{is_admin: true})
     else
       conn
     end
   end
 
-  def call(conn, _), do: conn
+  def authenticate(conn) do
+    token = secret_token()
+
+    case get_req_header(conn, "x-admin-token") do
+      [^token] -> assign(conn, :user, %User{is_admin: true})
+      _ -> conn
+    end
+  end
 end