[#923] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth

[akkoma] / lib / pleroma / web / auth / pleroma_authenticator.ex

diff --git a/lib/pleroma/web/auth/pleroma_authenticator.ex b/lib/pleroma/web/auth/pleroma_authenticator.ex
index 5583f41a92092a7b275ab418b4b8dafc83361b24..c826adb4c504ab6c64823bcc71b53ffbdb180c92 100644 (file)
--- a/lib/pleroma/web/auth/pleroma_authenticator.ex
+++ b/lib/pleroma/web/auth/pleroma_authenticator.ex
@@ -4,13 +4,22 @@
 
 defmodule Pleroma.Web.Auth.PleromaAuthenticator do
   alias Comeonin.Pbkdf2
+  alias Pleroma.Registration
+  alias Pleroma.Repo
   alias Pleroma.User
 
   @behaviour Pleroma.Web.Auth.Authenticator
 
-  def get_user(%Plug.Conn{} = _conn, %{
-        "authorization" => %{"name" => name, "password" => password}
-      }) do
+  def get_user(%Plug.Conn{} = _conn, params) do
+    {name, password} =
+      case params do
+        %{"authorization" => %{"name" => name, "password" => password}} ->
+          {name, password}
+
+        %{"grant_type" => "password", "username" => name, "password" => password} ->
+          {name, password}
+      end
+
     with {_, %User{} = user} <- {:user, User.get_by_nickname_or_email(name)},
          {_, true} <- {:checkpw, Pbkdf2.checkpw(password, user.password_hash)} do
       {:ok, user}
@@ -20,59 +29,69 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticator do
     end
   end
 
-  def get_user(%Plug.Conn{} = _conn, _params), do: {:error, :missing_credentials}
-
-  def get_or_create_user_by_oauth(
+  def get_registration(
         %Plug.Conn{assigns: %{ueberauth_auth: %{provider: provider, uid: uid} = auth}},
         _params
       ) do
-    user = User.get_by_auth_provider_uid(provider, uid)
+    registration = Registration.get_by_provider_uid(provider, uid)
 
-    if user do
-      {:ok, user}
+    if registration do
+      {:ok, registration}
     else
       info = auth.info
-      email = info.email
-      nickname = info.nickname
-
-      # TODO: FIXME: connect to existing (non-oauth) account (need a UI flow for that) / generate a random nickname?
-      email =
-        if email && User.get_by_email(email) do
-          nil
-        else
-          email
-        end
-
-      nickname =
-        if nickname && User.get_by_nickname(nickname) do
-          nil
-        else
-          nickname
-        end
-
-      new_user =
-        User.oauth_register_changeset(
-          %User{},
-          %{
-            auth_provider: to_string(provider),
-            auth_provider_uid: to_string(uid),
-            name: info.name,
-            bio: info.description,
-            email: email,
-            nickname: nickname
-          }
-        )
-
-      Pleroma.Repo.insert(new_user)
+
+      Registration.changeset(%Registration{}, %{
+        provider: to_string(provider),
+        uid: to_string(uid),
+        info: %{
+          "nickname" => info.nickname,
+          "email" => info.email,
+          "name" => info.name,
+          "description" => info.description
+        }
+      })
+      |> Repo.insert()
+    end
+  end
+
+  def get_registration(%Plug.Conn{} = _conn, _params), do: {:error, :missing_credentials}
+
+  def create_from_registration(_conn, params, registration) do
+    nickname = value([params["nickname"], Registration.nickname(registration)])
+    email = value([params["email"], Registration.email(registration)])
+    name = value([params["name"], Registration.name(registration)]) || nickname
+    bio = value([params["bio"], Registration.description(registration)])
+
+    random_password = :crypto.strong_rand_bytes(64) |> Base.encode64()
+
+    with {:ok, new_user} <-
+           User.register_changeset(
+             %User{},
+             %{
+               email: email,
+               nickname: nickname,
+               name: name,
+               bio: bio,
+               password: random_password,
+               password_confirmation: random_password
+             },
+             external: true,
+             confirmed: true
+           )
+           |> Repo.insert(),
+         {:ok, _} <-
+           Registration.changeset(registration, %{user_id: new_user.id}) |> Repo.update() do
+      {:ok, new_user}
     end
   end
 
-  def get_or_create_user_by_oauth(%Plug.Conn{} = _conn, _params),
-    do: {:error, :missing_credentials}
+  defp value(list), do: Enum.find(list, &(to_string(&1) != ""))
 
   def handle_error(%Plug.Conn{} = _conn, error) do
     error
   end
 
   def auth_template, do: nil
+
+  def oauth_consumer_template, do: nil
 end