diff options
author | rinpatch <rinpatch@sdf.org> | 2020-11-12 12:34:48 +0000 |
---|---|---|
committer | rinpatch <rinpatch@sdf.org> | 2020-11-12 12:34:48 +0000 |
commit | 1172844ed18d94d84724dc6f11c6e9f72e0ba6ec (patch) | |
tree | 7d48a259e08856ab6db0eba255f20c0c19410463 /lib/pleroma/plugs/admin_secret_authentication_plug.ex | |
parent | a0f5e8b27edbe2224d9c2c3997ad5b8ea484244b (diff) | |
parent | b4c6b262d6dc12362f0014a864e8aed6c727c39c (diff) |
Merge branch 'release/2.2.0' into 'stable'v2.2.0
Release/2.2.0
See merge request pleroma/secteam/pleroma!19
Diffstat (limited to 'lib/pleroma/plugs/admin_secret_authentication_plug.ex')
-rw-r--r-- | lib/pleroma/plugs/admin_secret_authentication_plug.ex | 60 |
1 files changed, 0 insertions, 60 deletions
diff --git a/lib/pleroma/plugs/admin_secret_authentication_plug.ex b/lib/pleroma/plugs/admin_secret_authentication_plug.ex deleted file mode 100644 index 2e54df47a..000000000 --- a/lib/pleroma/plugs/admin_secret_authentication_plug.ex +++ /dev/null @@ -1,60 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do - import Plug.Conn - - alias Pleroma.Plugs.OAuthScopesPlug - alias Pleroma.Plugs.RateLimiter - alias Pleroma.User - - def init(options) do - options - end - - def secret_token do - case Pleroma.Config.get(:admin_token) do - blank when blank in [nil, ""] -> nil - token -> token - end - end - - def call(%{assigns: %{user: %User{}}} = conn, _), do: conn - - def call(conn, _) do - if secret_token() do - authenticate(conn) - else - conn - end - end - - def authenticate(%{params: %{"admin_token" => admin_token}} = conn) do - if admin_token == secret_token() do - assign_admin_user(conn) - else - handle_bad_token(conn) - end - end - - def authenticate(conn) do - token = secret_token() - - case get_req_header(conn, "x-admin-token") do - blank when blank in [[], [""]] -> conn - [^token] -> assign_admin_user(conn) - _ -> handle_bad_token(conn) - end - end - - defp assign_admin_user(conn) do - conn - |> assign(:user, %User{is_admin: true}) - |> OAuthScopesPlug.skip_plug() - end - - defp handle_bad_token(conn) do - RateLimiter.call(conn, name: :authentication) - end -end |