2019-02-26 06:26:54 -07:00
|
|
|
# Pleroma: A lightweight social networking server
|
2021-01-12 23:49:20 -07:00
|
|
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
2019-02-26 06:26:54 -07:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
2019-02-28 04:12:41 -07:00
|
|
|
defmodule Pleroma.Web.Auth.PleromaAuthenticator do
|
2019-03-18 08:23:38 -06:00
|
|
|
alias Pleroma.Registration
|
|
|
|
alias Pleroma.Repo
|
2019-04-01 00:28:56 -06:00
|
|
|
alias Pleroma.User
|
2019-02-21 08:55:19 -07:00
|
|
|
|
2021-06-07 17:07:54 -06:00
|
|
|
import Pleroma.Web.Auth.Helpers, only: [fetch_credentials: 1, fetch_user: 1]
|
2019-05-01 07:28:04 -06:00
|
|
|
|
2019-02-28 04:12:41 -07:00
|
|
|
@behaviour Pleroma.Web.Auth.Authenticator
|
2019-02-21 08:55:19 -07:00
|
|
|
|
2019-04-10 12:40:38 -06:00
|
|
|
def get_user(%Plug.Conn{} = conn) do
|
2019-05-01 07:28:04 -06:00
|
|
|
with {:ok, {name, password}} <- fetch_credentials(conn),
|
|
|
|
{_, %User{} = user} <- {:user, fetch_user(name)},
|
2022-12-29 19:46:58 -07:00
|
|
|
{_, true} <- {:checkpw, Pleroma.Password.checkpw(password, user.password_hash)},
|
|
|
|
{:ok, user} <- Pleroma.Password.maybe_update_password(user, password) do
|
2019-02-21 08:55:19 -07:00
|
|
|
{:ok, user}
|
|
|
|
else
|
2020-05-07 02:14:54 -06:00
|
|
|
{:error, _reason} = error -> error
|
|
|
|
error -> {:error, error}
|
2019-02-21 08:55:19 -07:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-06-05 04:02:13 -06:00
|
|
|
@doc """
|
|
|
|
Gets or creates Pleroma.Registration record from Ueberauth assigns.
|
|
|
|
Note: some strategies (like `keycloak`) might need extra configuration to fill `uid` from callback response —
|
|
|
|
see [`docs/config.md`](docs/config.md).
|
|
|
|
"""
|
|
|
|
def get_registration(%Plug.Conn{assigns: %{ueberauth_auth: %{uid: nil}}}),
|
|
|
|
do: {:error, :missing_uid}
|
|
|
|
|
2019-04-10 12:40:38 -06:00
|
|
|
def get_registration(%Plug.Conn{
|
|
|
|
assigns: %{ueberauth_auth: %{provider: provider, uid: uid} = auth}
|
|
|
|
}) do
|
2019-03-18 08:23:38 -06:00
|
|
|
registration = Registration.get_by_provider_uid(provider, uid)
|
2019-03-15 08:08:03 -06:00
|
|
|
|
2019-03-18 08:23:38 -06:00
|
|
|
if registration do
|
2019-03-20 01:35:31 -06:00
|
|
|
{:ok, registration}
|
2019-03-15 08:08:03 -06:00
|
|
|
else
|
|
|
|
info = auth.info
|
|
|
|
|
2019-04-10 12:40:38 -06:00
|
|
|
%Registration{}
|
|
|
|
|> Registration.changeset(%{
|
2019-03-20 01:35:31 -06:00
|
|
|
provider: to_string(provider),
|
|
|
|
uid: to_string(uid),
|
|
|
|
info: %{
|
|
|
|
"nickname" => info.nickname,
|
|
|
|
"email" => info.email,
|
|
|
|
"name" => info.name,
|
|
|
|
"description" => info.description
|
|
|
|
}
|
|
|
|
})
|
|
|
|
|> Repo.insert()
|
|
|
|
end
|
|
|
|
end
|
2019-03-15 08:08:03 -06:00
|
|
|
|
2019-04-10 12:40:38 -06:00
|
|
|
def get_registration(%Plug.Conn{} = _conn), do: {:error, :missing_credentials}
|
2019-03-15 08:08:03 -06:00
|
|
|
|
2019-06-05 04:02:13 -06:00
|
|
|
@doc "Creates Pleroma.User record basing on params and Pleroma.Registration record."
|
2022-12-14 05:38:48 -07:00
|
|
|
@spec create_from_registration(Plug.Conn.t(), Registration.t()) ::
|
|
|
|
{:ok, User.t()} | {:error, any()}
|
2019-04-10 12:40:38 -06:00
|
|
|
def create_from_registration(
|
|
|
|
%Plug.Conn{params: %{"authorization" => registration_attrs}},
|
2019-06-05 04:02:13 -06:00
|
|
|
%Registration{} = registration
|
2019-04-10 12:40:38 -06:00
|
|
|
) do
|
|
|
|
nickname = value([registration_attrs["nickname"], Registration.nickname(registration)])
|
|
|
|
email = value([registration_attrs["email"], Registration.email(registration)])
|
|
|
|
name = value([registration_attrs["name"], Registration.name(registration)]) || nickname
|
2020-09-01 00:25:32 -06:00
|
|
|
bio = value([registration_attrs["bio"], Registration.description(registration)]) || ""
|
2019-03-18 09:09:53 -06:00
|
|
|
|
2019-03-20 01:35:31 -06:00
|
|
|
random_password = :crypto.strong_rand_bytes(64) |> Base.encode64()
|
|
|
|
|
|
|
|
with {:ok, new_user} <-
|
|
|
|
User.register_changeset(
|
|
|
|
%User{},
|
|
|
|
%{
|
|
|
|
email: email,
|
|
|
|
nickname: nickname,
|
|
|
|
name: name,
|
|
|
|
bio: bio,
|
|
|
|
password: random_password,
|
|
|
|
password_confirmation: random_password
|
|
|
|
},
|
|
|
|
external: true,
|
2020-10-13 15:07:36 -06:00
|
|
|
confirmed: true
|
2019-03-20 01:35:31 -06:00
|
|
|
)
|
|
|
|
|> Repo.insert(),
|
|
|
|
{:ok, _} <-
|
|
|
|
Registration.changeset(registration, %{user_id: new_user.id}) |> Repo.update() do
|
|
|
|
{:ok, new_user}
|
2022-12-14 05:38:48 -07:00
|
|
|
else
|
|
|
|
err -> err
|
2019-03-15 08:08:03 -06:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-03-20 01:35:31 -06:00
|
|
|
defp value(list), do: Enum.find(list, &(to_string(&1) != ""))
|
2019-03-15 08:08:03 -06:00
|
|
|
|
2019-02-21 08:55:19 -07:00
|
|
|
def handle_error(%Plug.Conn{} = _conn, error) do
|
|
|
|
error
|
|
|
|
end
|
2019-02-28 03:58:58 -07:00
|
|
|
|
|
|
|
def auth_template, do: nil
|
2019-03-27 06:39:35 -06:00
|
|
|
|
|
|
|
def oauth_consumer_template, do: nil
|
2019-02-21 08:55:19 -07:00
|
|
|
end
|