1
0
Fork 1
mirror of https://akkoma.dev/AkkomaGang/akkoma.git synced 2025-01-22 14:30:16 +00:00

Add LegacyAuthenticationPlug

This commit is contained in:
lain 2018-09-05 18:17:33 +02:00
parent 3cf17dc402
commit a3f54fca4d
2 changed files with 103 additions and 0 deletions

View file

@ -0,0 +1,31 @@
defmodule Pleroma.Plugs.LegacyAuthenticationPlug do
import Plug.Conn
alias Pleroma.User
def init(options) do
options
end
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
def call(
%{
assigns: %{
auth_user: %{password_hash: "$6$" <> _ = password_hash} = auth_user,
auth_credentials: %{password: password}
}
} = conn,
_
) do
if :crypt.crypt(password, password_hash) == password_hash do
conn
|> assign(:user, auth_user)
else
conn
end
end
def call(conn, _) do
conn
end
end

View file

@ -0,0 +1,72 @@
defmodule Pleroma.Plugs.LegacyAuthenticationPlugTest do
use Pleroma.Web.ConnCase, async: true
alias Pleroma.Plugs.LegacyAuthenticationPlug
alias Pleroma.User
setup do
# password is "password"
user = %User{
id: 1,
name: "dude",
password_hash:
"$6$9psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1"
}
%{user: user}
end
test "it does nothing if a user is assigned", %{conn: conn, user: user} do
conn =
conn
|> assign(:auth_credentials, %{username: "dude", password: "password"})
|> assign(:auth_user, user)
|> assign(:user, %User{})
ret_conn =
conn
|> LegacyAuthenticationPlug.call(%{})
assert ret_conn == conn
end
test "it authenticates the auth_user if present and password is correct", %{
conn: conn,
user: user
} do
conn =
conn
|> assign(:auth_credentials, %{username: "dude", password: "password"})
|> assign(:auth_user, user)
conn =
conn
|> LegacyAuthenticationPlug.call(%{})
assert conn.assigns.user == user
end
test "it does nothing if the password is wrong", %{
conn: conn,
user: user
} do
conn =
conn
|> assign(:auth_credentials, %{username: "dude", password: "wrong_password"})
|> assign(:auth_user, user)
ret_conn =
conn
|> LegacyAuthenticationPlug.call(%{})
assert conn == ret_conn
end
test "with no credentials or user it does nothing", %{conn: conn} do
ret_conn =
conn
|> LegacyAuthenticationPlug.call(%{})
assert ret_conn == conn
end
end