From: lain Date: Wed, 5 Sep 2018 16:17:33 +0000 (+0200) Subject: Add LegacyAuthenticationPlug X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=a3f54fca4d67fd7938ae00752c2cd409b6cf15ae;p=akkoma Add LegacyAuthenticationPlug --- diff --git a/lib/pleroma/plugs/legacy_authentication_plug.ex b/lib/pleroma/plugs/legacy_authentication_plug.ex new file mode 100644 index 000000000..48c0aba88 --- /dev/null +++ b/lib/pleroma/plugs/legacy_authentication_plug.ex @@ -0,0 +1,31 @@ +defmodule Pleroma.Plugs.LegacyAuthenticationPlug do + import Plug.Conn + alias Pleroma.User + + def init(options) do + options + end + + def call(%{assigns: %{user: %User{}}} = conn, _), do: conn + + def call( + %{ + assigns: %{ + auth_user: %{password_hash: "$6$" <> _ = password_hash} = auth_user, + auth_credentials: %{password: password} + } + } = conn, + _ + ) do + if :crypt.crypt(password, password_hash) == password_hash do + conn + |> assign(:user, auth_user) + else + conn + end + end + + def call(conn, _) do + conn + end +end diff --git a/test/plugs/legacy_authentication_plug_test.exs b/test/plugs/legacy_authentication_plug_test.exs new file mode 100644 index 000000000..90783f628 --- /dev/null +++ b/test/plugs/legacy_authentication_plug_test.exs @@ -0,0 +1,72 @@ +defmodule Pleroma.Plugs.LegacyAuthenticationPlugTest do + use Pleroma.Web.ConnCase, async: true + + alias Pleroma.Plugs.LegacyAuthenticationPlug + alias Pleroma.User + + setup do + # password is "password" + user = %User{ + id: 1, + name: "dude", + password_hash: + "$6$9psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1" + } + + %{user: user} + end + + test "it does nothing if a user is assigned", %{conn: conn, user: user} do + conn = + conn + |> assign(:auth_credentials, %{username: "dude", password: "password"}) + |> assign(:auth_user, user) + |> assign(:user, %User{}) + + ret_conn = + conn + |> LegacyAuthenticationPlug.call(%{}) + + assert ret_conn == conn + end + + test "it authenticates the auth_user if present and password is correct", %{ + conn: conn, + user: user + } do + conn = + conn + |> assign(:auth_credentials, %{username: "dude", password: "password"}) + |> assign(:auth_user, user) + + conn = + conn + |> LegacyAuthenticationPlug.call(%{}) + + assert conn.assigns.user == user + end + + test "it does nothing if the password is wrong", %{ + conn: conn, + user: user + } do + conn = + conn + |> assign(:auth_credentials, %{username: "dude", password: "wrong_password"}) + |> assign(:auth_user, user) + + ret_conn = + conn + |> LegacyAuthenticationPlug.call(%{}) + + assert conn == ret_conn + end + + test "with no credentials or user it does nothing", %{conn: conn} do + ret_conn = + conn + |> LegacyAuthenticationPlug.call(%{}) + + assert ret_conn == conn + end +end