diff options
| author | Alex Gleason <alex@alexgleason.me> | 2022-01-03 13:40:19 -0600 |
|---|---|---|
| committer | Alex Gleason <alex@alexgleason.me> | 2022-01-03 13:40:19 -0600 |
| commit | 4081be0001332bac402faec7565807df088b0117 (patch) | |
| tree | a5305404e9bb31b3613dbc9631d36f8827be81c2 /lib/pleroma/web/plugs/authentication_plug.ex | |
| parent | d00f74e036735c1c238f661076f2925b39daa6ac (diff) | |
| parent | a3094b64df344622f1bcb03091ef2ff4dce6da82 (diff) | |
| download | pleroma-matrix.tar.gz | |
Merge remote-tracking branch 'origin/develop' into matrixmatrix
Diffstat (limited to 'lib/pleroma/web/plugs/authentication_plug.ex')
| -rw-r--r-- | lib/pleroma/web/plugs/authentication_plug.ex | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/lib/pleroma/web/plugs/authentication_plug.ex b/lib/pleroma/web/plugs/authentication_plug.ex new file mode 100644 index 000000000..8d58169cf --- /dev/null +++ b/lib/pleroma/web/plugs/authentication_plug.ex @@ -0,0 +1,72 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Plugs.AuthenticationPlug do + @moduledoc "Password authentication plug." + + alias Pleroma.Helpers.AuthHelper + alias Pleroma.User + + import Plug.Conn + + require Logger + + def init(options), do: options + + def call(%{assigns: %{user: %User{}}} = conn, _), do: conn + + def call( + %{ + assigns: %{ + auth_user: %{password_hash: password_hash} = auth_user, + auth_credentials: %{password: password} + } + } = conn, + _ + ) do + if checkpw(password, password_hash) do + {:ok, auth_user} = maybe_update_password(auth_user, password) + + conn + |> assign(:user, auth_user) + |> AuthHelper.skip_oauth() + else + conn + end + end + + def call(conn, _), do: conn + + def checkpw(password, "$6" <> _ = password_hash) do + :crypt.crypt(password, password_hash) == password_hash + end + + def checkpw(password, "$2" <> _ = password_hash) do + # Handle bcrypt passwords for Mastodon migration + Bcrypt.verify_pass(password, password_hash) + end + + def checkpw(password, "$pbkdf2" <> _ = password_hash) do + Pleroma.Password.Pbkdf2.verify_pass(password, password_hash) + end + + def checkpw(_password, _password_hash) do + Logger.error("Password hash not recognized") + false + end + + def maybe_update_password(%User{password_hash: "$2" <> _} = user, password) do + do_update_password(user, password) + end + + def maybe_update_password(%User{password_hash: "$6" <> _} = user, password) do + do_update_password(user, password) + end + + def maybe_update_password(user, _), do: {:ok, user} + + defp do_update_password(user, password) do + User.reset_password(user, %{password: password, password_confirmation: password}) + end +end |