2020-10-31 10:38:35 +00:00
|
|
|
# Pleroma: A lightweight social networking server
|
2021-01-13 06:49:20 +00:00
|
|
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
2020-10-31 10:38:35 +00:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
|
|
|
defmodule Pleroma.Helpers.AuthHelper do
|
|
|
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
2022-08-21 17:52:02 +01:00
|
|
|
alias Plug.Conn
|
2020-10-31 10:38:35 +00:00
|
|
|
|
2020-11-21 16:47:25 +00:00
|
|
|
import Plug.Conn
|
|
|
|
|
2022-08-21 17:52:02 +01:00
|
|
|
@oauth_token_session_key :oauth_token
|
2022-08-25 15:37:51 +01:00
|
|
|
@oauth_user_session_key :oauth_user
|
2022-08-21 17:52:02 +01:00
|
|
|
|
2020-10-31 10:38:35 +00:00
|
|
|
@doc """
|
|
|
|
Skips OAuth permissions (scopes) checks, assigns nil `:token`.
|
|
|
|
Intended to be used with explicit authentication and only when OAuth token cannot be determined.
|
|
|
|
"""
|
|
|
|
def skip_oauth(conn) do
|
|
|
|
conn
|
2020-11-21 16:47:25 +00:00
|
|
|
|> assign(:token, nil)
|
2020-10-31 10:38:35 +00:00
|
|
|
|> OAuthScopesPlug.skip_plug()
|
|
|
|
end
|
2020-11-21 16:47:25 +00:00
|
|
|
|
2020-12-06 10:59:10 +00:00
|
|
|
@doc "Drops authentication info from connection"
|
2020-11-21 16:47:25 +00:00
|
|
|
def drop_auth_info(conn) do
|
2020-12-06 10:59:10 +00:00
|
|
|
# To simplify debugging, setting a private variable on `conn` if auth info is dropped
|
2020-11-21 16:47:25 +00:00
|
|
|
conn
|
|
|
|
|> assign(:user, nil)
|
|
|
|
|> assign(:token, nil)
|
2020-12-06 10:59:10 +00:00
|
|
|
|> put_private(:authentication_ignored, true)
|
2020-11-21 16:47:25 +00:00
|
|
|
end
|
2022-08-21 17:52:02 +01:00
|
|
|
|
|
|
|
@doc "Gets OAuth token string from session"
|
|
|
|
def get_session_token(%Conn{} = conn) do
|
|
|
|
get_session(conn, @oauth_token_session_key)
|
|
|
|
end
|
|
|
|
|
|
|
|
@doc "Updates OAuth token string in session"
|
|
|
|
def put_session_token(%Conn{} = conn, token) when is_binary(token) do
|
|
|
|
put_session(conn, @oauth_token_session_key, token)
|
|
|
|
end
|
|
|
|
|
|
|
|
@doc "Deletes OAuth token string from session"
|
|
|
|
def delete_session_token(%Conn{} = conn) do
|
|
|
|
delete_session(conn, @oauth_token_session_key)
|
|
|
|
end
|
2022-08-25 15:37:51 +01:00
|
|
|
|
|
|
|
def put_session_user(%Conn{} = conn, user) do
|
|
|
|
put_session(conn, @oauth_user_session_key, user)
|
|
|
|
end
|
|
|
|
|
|
|
|
def delete_session_user(%Conn{} = conn) do
|
|
|
|
delete_session(conn, @oauth_user_session_key)
|
|
|
|
end
|
|
|
|
|
|
|
|
def get_session_user(%Conn{} = conn) do
|
|
|
|
get_session(conn, @oauth_user_session_key)
|
|
|
|
end
|
2020-10-31 10:38:35 +00:00
|
|
|
end
|