# Pleroma: A lightweight social networking server
-# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Plugs.AuthenticationPlug do
- alias Comeonin.Pbkdf2
- import Plug.Conn
+ alias Pleroma.Plugs.OAuthScopesPlug
alias Pleroma.User
+
+ import Plug.Conn
+
require Logger
- def init(options) do
- options
- end
+ def init(options), do: options
- def checkpw(password, password_hash) do
- cond do
- String.starts_with?(password_hash, "$pbkdf2") ->
- Pbkdf2.checkpw(password, password_hash)
+ def checkpw(password, "$6" <> _ = password_hash) do
+ :crypt.crypt(password, password_hash) == password_hash
+ end
- String.starts_with?(password_hash, "$6") ->
- :crypt.crypt(password, password_hash) == password_hash
+ def checkpw(password, "$pbkdf2" <> _ = password_hash) do
+ Pbkdf2.verify_pass(password, password_hash)
+ end
- true ->
- Logger.error("Password hash not recognized")
- false
- end
+ def checkpw(_password, _password_hash) do
+ Logger.error("Password hash not recognized")
+ false
end
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
} = conn,
_
) do
- if Pbkdf2.checkpw(password, password_hash) do
+ if Pbkdf2.verify_pass(password, password_hash) do
conn
|> assign(:user, auth_user)
+ |> OAuthScopesPlug.skip_plug()
else
conn
end
end
def call(%{assigns: %{auth_credentials: %{password: _}}} = conn, _) do
- Pbkdf2.dummy_checkpw()
+ Pbkdf2.no_user_verify()
conn
end