Merge branch 'unify-mastodon-oauth' into 'develop'
Unify Mastodon Login with OAuth login. See merge request pleroma/pleroma!429
This commit is contained in:
commit
a68c18f0ad
4 changed files with 49 additions and 46 deletions
|
@ -1,4 +1,4 @@
|
|||
image: elixir:1.6.4
|
||||
image: elixir:1.7.2
|
||||
|
||||
services:
|
||||
- postgres:9.6.2
|
||||
|
|
|
@ -985,9 +985,29 @@ def put_settings(%{assigns: %{user: user}} = conn, %{"data" => settings} = _para
|
|||
end
|
||||
end
|
||||
|
||||
def login(conn, _) do
|
||||
def login(conn, %{"code" => code}) do
|
||||
with {:ok, app} <- get_or_make_app(),
|
||||
%Authorization{} = auth <- Repo.get_by(Authorization, token: code, app_id: app.id),
|
||||
{:ok, token} <- Token.exchange_token(app, auth) do
|
||||
conn
|
||||
|> render(MastodonView, "login.html", %{error: false})
|
||||
|> put_session(:oauth_token, token.token)
|
||||
|> redirect(to: "/web/getting-started")
|
||||
end
|
||||
end
|
||||
|
||||
def login(conn, _) do
|
||||
with {:ok, app} <- get_or_make_app() do
|
||||
path =
|
||||
o_auth_path(conn, :authorize,
|
||||
response_type: "code",
|
||||
client_id: app.client_id,
|
||||
redirect_uri: ".",
|
||||
scope: app.scopes
|
||||
)
|
||||
|
||||
conn
|
||||
|> redirect(to: path)
|
||||
end
|
||||
end
|
||||
|
||||
defp get_or_make_app() do
|
||||
|
@ -1006,22 +1026,6 @@ defp get_or_make_app() do
|
|||
end
|
||||
end
|
||||
|
||||
def login_post(conn, %{"authorization" => %{"name" => name, "password" => password}}) do
|
||||
with %User{} = user <- User.get_by_nickname_or_email(name),
|
||||
true <- Pbkdf2.checkpw(password, user.password_hash),
|
||||
{:ok, app} <- get_or_make_app(),
|
||||
{:ok, auth} <- Authorization.create_authorization(app, user),
|
||||
{:ok, token} <- Token.exchange_token(app, auth) do
|
||||
conn
|
||||
|> put_session(:oauth_token, token.token)
|
||||
|> redirect(to: "/web/getting-started")
|
||||
else
|
||||
_e ->
|
||||
conn
|
||||
|> render(MastodonView, "login.html", %{error: "Wrong username or password"})
|
||||
end
|
||||
end
|
||||
|
||||
def logout(conn, _) do
|
||||
conn
|
||||
|> clear_session
|
||||
|
|
|
@ -33,11 +33,21 @@ def create_authorization(conn, %{
|
|||
true <- Pbkdf2.checkpw(password, user.password_hash),
|
||||
%App{} = app <- Repo.get_by(App, client_id: client_id),
|
||||
{:ok, auth} <- Authorization.create_authorization(app, user) do
|
||||
if redirect_uri == "urn:ietf:wg:oauth:2.0:oob" do
|
||||
# Special case: Local MastodonFE.
|
||||
redirect_uri =
|
||||
if redirect_uri == "." do
|
||||
mastodon_api_url(conn, :login)
|
||||
else
|
||||
redirect_uri
|
||||
end
|
||||
|
||||
cond do
|
||||
redirect_uri == "urn:ietf:wg:oauth:2.0:oob" ->
|
||||
render(conn, "results.html", %{
|
||||
auth: auth
|
||||
})
|
||||
else
|
||||
|
||||
true ->
|
||||
connector = if String.contains?(redirect_uri, "?"), do: "&", else: "?"
|
||||
url = "#{redirect_uri}#{connector}"
|
||||
url_params = %{:code => auth.token}
|
||||
|
|
|
@ -1,11 +0,0 @@
|
|||
<h2>Login to Mastodon Frontend</h2>
|
||||
<%= if @error do %>
|
||||
<h2><%= @error %></h2>
|
||||
<% end %>
|
||||
<%= form_for @conn, mastodon_api_path(@conn, :login), [as: "authorization"], fn f -> %>
|
||||
<%= text_input f, :name, placeholder: "Username or email" %>
|
||||
<br>
|
||||
<%= password_input f, :password, placeholder: "Password" %>
|
||||
<br>
|
||||
<%= submit "Log in" %>
|
||||
<% end %>
|
Loading…
Reference in a new issue