2018-12-23 21:04:54 +01:00
|
|
|
# Pleroma: A lightweight social networking server
|
2020-03-03 23:44:49 +01:00
|
|
|
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
2018-12-23 21:04:54 +01:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
2020-06-24 10:13:19 +02:00
|
|
|
defmodule Pleroma.Web.Plugs.BasicAuthDecoderPlug do
|
2020-10-31 11:38:35 +01:00
|
|
|
@moduledoc """
|
|
|
|
Decodes HTTP Basic Auth information and assigns `:auth_credentials`.
|
|
|
|
|
|
|
|
NOTE: no checks are performed at this step, auth_credentials/username could be easily faked.
|
|
|
|
"""
|
|
|
|
|
2018-09-05 17:30:05 +02:00
|
|
|
import Plug.Conn
|
|
|
|
|
|
|
|
def init(options) do
|
|
|
|
options
|
|
|
|
end
|
|
|
|
|
2018-12-09 10:12:48 +01:00
|
|
|
def call(conn, _opts) do
|
2018-09-05 17:30:05 +02:00
|
|
|
with ["Basic " <> header] <- get_req_header(conn, "authorization"),
|
|
|
|
{:ok, userinfo} <- Base.decode64(header),
|
|
|
|
[username, password] <- String.split(userinfo, ":", parts: 2) do
|
|
|
|
conn
|
|
|
|
|> assign(:auth_credentials, %{
|
|
|
|
username: username,
|
|
|
|
password: password
|
|
|
|
})
|
|
|
|
else
|
|
|
|
_ -> conn
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|