diff options
| author | Alex Gleason <alex@alexgleason.me> | 2022-01-03 13:40:19 -0600 |
|---|---|---|
| committer | Alex Gleason <alex@alexgleason.me> | 2022-01-03 13:40:19 -0600 |
| commit | 4081be0001332bac402faec7565807df088b0117 (patch) | |
| tree | a5305404e9bb31b3613dbc9631d36f8827be81c2 /lib/pleroma/web/plugs/ensure_user_token_assigns_plug.ex | |
| parent | d00f74e036735c1c238f661076f2925b39daa6ac (diff) | |
| parent | a3094b64df344622f1bcb03091ef2ff4dce6da82 (diff) | |
| download | pleroma-matrix.tar.gz | |
Merge remote-tracking branch 'origin/develop' into matrixmatrix
Diffstat (limited to 'lib/pleroma/web/plugs/ensure_user_token_assigns_plug.ex')
| -rw-r--r-- | lib/pleroma/web/plugs/ensure_user_token_assigns_plug.ex | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/lib/pleroma/web/plugs/ensure_user_token_assigns_plug.ex b/lib/pleroma/web/plugs/ensure_user_token_assigns_plug.ex new file mode 100644 index 000000000..534b0cff1 --- /dev/null +++ b/lib/pleroma/web/plugs/ensure_user_token_assigns_plug.ex @@ -0,0 +1,41 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Plugs.EnsureUserTokenAssignsPlug do + import Plug.Conn + + alias Pleroma.Helpers.AuthHelper + alias Pleroma.User + alias Pleroma.Web.OAuth.Token + + @moduledoc "Ensures presence and consistency of :user and :token assigns." + + def init(opts) do + opts + end + + def call(%{assigns: %{user: %User{id: user_id}} = assigns} = conn, _) do + with %Token{user_id: ^user_id} <- assigns[:token] do + conn + else + %Token{} -> + # A safety net for abnormal (unexpected) scenario: :token belongs to another user + AuthHelper.drop_auth_info(conn) + + _ -> + assign(conn, :token, nil) + end + end + + # App-bound token case (obtained with client_id and client_secret) + def call(%{assigns: %{token: %Token{user_id: nil}}} = conn, _) do + assign(conn, :user, nil) + end + + def call(conn, _) do + conn + |> assign(:user, nil) + |> assign(:token, nil) + end +end |