# Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.MastodonAPI.AuthController do
import Pleroma.Web.ControllerHelper, only: [json_response: 3]
- alias Pleroma.Helpers.AuthHelper
alias Pleroma.Helpers.UriHelper
alias Pleroma.User
alias Pleroma.Web.OAuth.App
|> UriHelper.modify_uri_params(%{"access_token" => oauth_token.token})
conn
- |> AuthHelper.put_session_token(oauth_token.token)
|> redirect(to: redirect_to)
else
_ -> redirect_to_oauth_form(conn, params)
end
def login(conn, params) do
- with %{assigns: %{user: %User{}, token: %Token{app_id: app_id}}} <- conn,
+ with %{assigns: %{user: %User{}, token: %Token{app_id: app_id, token: token}}} <- conn,
{:ok, %{id: ^app_id}} <- local_mastofe_app() do
- redirect(conn, to: local_mastodon_post_login_path(conn))
+ redirect(conn, to: local_mastodon_post_login_path(conn) <> "?access_token=#{token}")
else
_ -> redirect_to_oauth_form(conn, params)
end
defp redirect_to_oauth_form(conn, _params) do
with {:ok, app} <- local_mastofe_app() do
path =
- o_auth_path(conn, :authorize,
+ Routes.o_auth_path(conn, :authorize,
response_type: "code",
client_id: app.client_id,
redirect_uri: ".",
def logout(conn, _) do
conn =
with %{assigns: %{token: %Token{} = oauth_token}} <- conn,
- session_token = AuthHelper.get_session_token(conn),
- {:ok, %Token{token: ^session_token}} <- RevokeToken.revoke(oauth_token) do
- AuthHelper.delete_session_token(conn)
+ {:ok, %Token{token: _session_token}} <- RevokeToken.revoke(oauth_token) do
+ conn
else
_ -> conn
end
defp local_mastodon_post_login_path(conn) do
case get_session(conn, :return_to) do
nil ->
- masto_fe_path(conn, :index, ["getting-started"])
+ Routes.masto_fe_path(conn, :index, ["getting-started"])
return_to ->
delete_session(conn, :return_to)