pleroma/lib/pleroma/web/plugs/session_authentication_plug.ex

# Pleroma: A lightweight social networking server
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only

defmodule Pleroma.Web.Plugs.SessionAuthenticationPlug do
  @moduledoc """
  Authenticates user by session-stored `:user_id` and request-contained username.
  Username can be provided via HTTP Basic Auth (the password is not checked and can be anything).
  """

  import Plug.Conn

  alias Pleroma.Helpers.AuthHelper

  def init(options) do
    options
  end

  def call(%{assigns: %{user: %Pleroma.User{}}} = conn, _), do: conn

  def call(conn, _) do
    with saved_user_id <- get_session(conn, :user_id),
         %{auth_user: %{id: ^saved_user_id}} <- conn.assigns do
      conn
      |> assign(:user, conn.assigns.auth_user)
      |> AuthHelper.skip_oauth()
    else
      _ -> conn
    end
  end
end
add license boilerplate to pleroma core 2018-12-23 21:04:54 +01:00			`# Pleroma: A lightweight social networking server`
Update Copyrights 2020-03-03 23:44:49 +01:00			`# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>`
add license boilerplate to pleroma core 2018-12-23 21:04:54 +01:00			`# SPDX-License-Identifier: AGPL-3.0-only`

SessionAuthenticationPlug module name 2020-06-24 08:27:29 +02:00			`defmodule Pleroma.Web.Plugs.SessionAuthenticationPlug do`
Auth subsystem refactoring and tweaks. Added proper OAuth skipping for SessionAuthenticationPlug. Integrated LegacyAuthenticationPlug into AuthenticationPlug. Adjusted tests & docs. 2020-10-31 11:38:35 +01:00			`@moduledoc """`
			Authenticates user by session-stored `:user_id` and request-contained username.
			`Username can be provided via HTTP Basic Auth (the password is not checked and can be anything).`
			`"""`

Add SessionAuthenticationPlug. 2018-09-05 18:37:02 +02:00			`import Plug.Conn`

Auth subsystem refactoring and tweaks. Added proper OAuth skipping for SessionAuthenticationPlug. Integrated LegacyAuthenticationPlug into AuthenticationPlug. Adjusted tests & docs. 2020-10-31 11:38:35 +01:00			`alias Pleroma.Helpers.AuthHelper`

Add SessionAuthenticationPlug. 2018-09-05 18:37:02 +02:00			`def init(options) do`
			`options`
			`end`

Auth subsystem refactoring and tweaks. Added proper OAuth skipping for SessionAuthenticationPlug. Integrated LegacyAuthenticationPlug into AuthenticationPlug. Adjusted tests & docs. 2020-10-31 11:38:35 +01:00			`def call(%{assigns: %{user: %Pleroma.User{}}} = conn, _), do: conn`

Add SessionAuthenticationPlug. 2018-09-05 18:37:02 +02:00			`def call(conn, _) do`
			`with saved_user_id <- get_session(conn, :user_id),`
			`%{auth_user: %{id: ^saved_user_id}} <- conn.assigns do`
			`conn`
			`\|> assign(:user, conn.assigns.auth_user)`
Auth subsystem refactoring and tweaks. Added proper OAuth skipping for SessionAuthenticationPlug. Integrated LegacyAuthenticationPlug into AuthenticationPlug. Adjusted tests & docs. 2020-10-31 11:38:35 +01:00			`\|> AuthHelper.skip_oauth()`
Add SessionAuthenticationPlug. 2018-09-05 18:37:02 +02:00			`else`
			`_ -> conn`
			`end`
			`end`
			`end`