2020-10-31 11:38:35 +01:00
|
|
|
# Pleroma: A lightweight social networking server
|
|
|
|
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
|
|
|
defmodule Pleroma.Helpers.AuthHelper do
|
|
|
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
2020-11-25 19:47:23 +01:00
|
|
|
alias Plug.Conn
|
2020-10-31 11:38:35 +01:00
|
|
|
|
2020-11-21 17:47:25 +01:00
|
|
|
import Plug.Conn
|
|
|
|
|
2020-11-25 19:47:23 +01:00
|
|
|
@oauth_token_session_key :oauth_token
|
|
|
|
|
2020-10-31 11:38:35 +01:00
|
|
|
@doc """
|
|
|
|
Skips OAuth permissions (scopes) checks, assigns nil `:token`.
|
|
|
|
Intended to be used with explicit authentication and only when OAuth token cannot be determined.
|
|
|
|
"""
|
|
|
|
def skip_oauth(conn) do
|
|
|
|
conn
|
2020-11-21 17:47:25 +01:00
|
|
|
|> assign(:token, nil)
|
2020-10-31 11:38:35 +01:00
|
|
|
|> OAuthScopesPlug.skip_plug()
|
|
|
|
end
|
2020-11-21 17:47:25 +01:00
|
|
|
|
2020-12-06 11:59:10 +01:00
|
|
|
@doc "Drops authentication info from connection"
|
2020-11-21 17:47:25 +01:00
|
|
|
def drop_auth_info(conn) do
|
2020-12-06 11:59:10 +01:00
|
|
|
# To simplify debugging, setting a private variable on `conn` if auth info is dropped
|
2020-11-21 17:47:25 +01:00
|
|
|
conn
|
|
|
|
|> assign(:user, nil)
|
|
|
|
|> assign(:token, nil)
|
2020-12-06 11:59:10 +01:00
|
|
|
|> put_private(:authentication_ignored, true)
|
2020-11-21 17:47:25 +01:00
|
|
|
end
|
2020-11-25 19:47:23 +01:00
|
|
|
|
2020-12-06 11:59:10 +01:00
|
|
|
@doc "Gets OAuth token string from session"
|
2020-11-25 19:47:23 +01:00
|
|
|
def get_session_token(%Conn{} = conn) do
|
|
|
|
get_session(conn, @oauth_token_session_key)
|
|
|
|
end
|
|
|
|
|
2020-12-06 11:59:10 +01:00
|
|
|
@doc "Updates OAuth token string in session"
|
2020-11-25 19:47:23 +01:00
|
|
|
def put_session_token(%Conn{} = conn, token) when is_binary(token) do
|
|
|
|
put_session(conn, @oauth_token_session_key, token)
|
|
|
|
end
|
|
|
|
|
2020-12-06 11:59:10 +01:00
|
|
|
@doc "Deletes OAuth token string from session"
|
2020-11-25 19:47:23 +01:00
|
|
|
def delete_session_token(%Conn{} = conn) do
|
|
|
|
delete_session(conn, @oauth_token_session_key)
|
|
|
|
end
|
2020-10-31 11:38:35 +01:00
|
|
|
end
|