akkoma/lib/pleroma/helpers/auth_helper.ex

# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only

defmodule Pleroma.Helpers.AuthHelper do
  alias Pleroma.Web.Plugs.OAuthScopesPlug
  alias Plug.Conn

  import Plug.Conn

  @oauth_token_session_key :oauth_token

  @doc """
  Skips OAuth permissions (scopes) checks, assigns nil `:token`.
  Intended to be used with explicit authentication and only when OAuth token cannot be determined.
  """
  def skip_oauth(conn) do
    conn
    |> assign(:token, nil)
    |> OAuthScopesPlug.skip_plug()
  end

  @doc "Drops authentication info from connection"
  def drop_auth_info(conn) do
    # To simplify debugging, setting a private variable on `conn` if auth info is dropped
    conn
    |> assign(:user, nil)
    |> assign(:token, nil)
    |> put_private(:authentication_ignored, true)
  end

  @doc "Gets OAuth token string from session"
  def get_session_token(%Conn{} = conn) do
    get_session(conn, @oauth_token_session_key)
  end

  @doc "Updates OAuth token string in session"
  def put_session_token(%Conn{} = conn, token) when is_binary(token) do
    put_session(conn, @oauth_token_session_key, token)
  end

  @doc "Deletes OAuth token string from session"
  def delete_session_token(%Conn{} = conn) do
    delete_session(conn, @oauth_token_session_key)
  end
end
Auth subsystem refactoring and tweaks. Added proper OAuth skipping for SessionAuthenticationPlug. Integrated LegacyAuthenticationPlug into AuthenticationPlug. Adjusted tests & docs. 2020-10-31 10:38:35 +00:00			`# Pleroma: A lightweight social networking server`
Bump Copyright to 2021 grep -rl '# Copyright © .* Pleroma' * \| xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;' 2021-01-13 06:49:20 +00:00			`# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>`
Auth subsystem refactoring and tweaks. Added proper OAuth skipping for SessionAuthenticationPlug. Integrated LegacyAuthenticationPlug into AuthenticationPlug. Adjusted tests & docs. 2020-10-31 10:38:35 +00:00			`# SPDX-License-Identifier: AGPL-3.0-only`

			`defmodule Pleroma.Helpers.AuthHelper do`
			`alias Pleroma.Web.Plugs.OAuthScopesPlug`
Session token setting on token exchange. Auth-related refactoring. 2020-11-25 18:47:23 +00:00			`alias Plug.Conn`
Auth subsystem refactoring and tweaks. Added proper OAuth skipping for SessionAuthenticationPlug. Integrated LegacyAuthenticationPlug into AuthenticationPlug. Adjusted tests & docs. 2020-10-31 10:38:35 +00:00
Session-based OAuth auth fixes (token expiration check), refactoring, tweaks. 2020-11-21 16:47:25 +00:00			`import Plug.Conn`

Session token setting on token exchange. Auth-related refactoring. 2020-11-25 18:47:23 +00:00			`@oauth_token_session_key :oauth_token`

Auth subsystem refactoring and tweaks. Added proper OAuth skipping for SessionAuthenticationPlug. Integrated LegacyAuthenticationPlug into AuthenticationPlug. Adjusted tests & docs. 2020-10-31 10:38:35 +00:00			`@doc """`
			Skips OAuth permissions (scopes) checks, assigns nil `:token`.
			`Intended to be used with explicit authentication and only when OAuth token cannot be determined.`
			`"""`
			`def skip_oauth(conn) do`
			`conn`
Session-based OAuth auth fixes (token expiration check), refactoring, tweaks. 2020-11-21 16:47:25 +00:00			`\|> assign(:token, nil)`
Auth subsystem refactoring and tweaks. Added proper OAuth skipping for SessionAuthenticationPlug. Integrated LegacyAuthenticationPlug into AuthenticationPlug. Adjusted tests & docs. 2020-10-31 10:38:35 +00:00			`\|> OAuthScopesPlug.skip_plug()`
			`end`
Session-based OAuth auth fixes (token expiration check), refactoring, tweaks. 2020-11-21 16:47:25 +00:00
[#3112] Ensured presence and consistency of :user and :token assigns (EnsureUserTokenAssignsPlug). Refactored auth info dropping functions. 2020-12-06 10:59:10 +00:00			`@doc "Drops authentication info from connection"`
Session-based OAuth auth fixes (token expiration check), refactoring, tweaks. 2020-11-21 16:47:25 +00:00			`def drop_auth_info(conn) do`
[#3112] Ensured presence and consistency of :user and :token assigns (EnsureUserTokenAssignsPlug). Refactored auth info dropping functions. 2020-12-06 10:59:10 +00:00			# To simplify debugging, setting a private variable on `conn` if auth info is dropped
Session-based OAuth auth fixes (token expiration check), refactoring, tweaks. 2020-11-21 16:47:25 +00:00			`conn`
			`\|> assign(:user, nil)`
			`\|> assign(:token, nil)`
[#3112] Ensured presence and consistency of :user and :token assigns (EnsureUserTokenAssignsPlug). Refactored auth info dropping functions. 2020-12-06 10:59:10 +00:00			`\|> put_private(:authentication_ignored, true)`
Session-based OAuth auth fixes (token expiration check), refactoring, tweaks. 2020-11-21 16:47:25 +00:00			`end`
Session token setting on token exchange. Auth-related refactoring. 2020-11-25 18:47:23 +00:00
[#3112] Ensured presence and consistency of :user and :token assigns (EnsureUserTokenAssignsPlug). Refactored auth info dropping functions. 2020-12-06 10:59:10 +00:00			`@doc "Gets OAuth token string from session"`
Session token setting on token exchange. Auth-related refactoring. 2020-11-25 18:47:23 +00:00			`def get_session_token(%Conn{} = conn) do`
			`get_session(conn, @oauth_token_session_key)`
			`end`

[#3112] Ensured presence and consistency of :user and :token assigns (EnsureUserTokenAssignsPlug). Refactored auth info dropping functions. 2020-12-06 10:59:10 +00:00			`@doc "Updates OAuth token string in session"`
Session token setting on token exchange. Auth-related refactoring. 2020-11-25 18:47:23 +00:00			`def put_session_token(%Conn{} = conn, token) when is_binary(token) do`
			`put_session(conn, @oauth_token_session_key, token)`
			`end`

[#3112] Ensured presence and consistency of :user and :token assigns (EnsureUserTokenAssignsPlug). Refactored auth info dropping functions. 2020-12-06 10:59:10 +00:00			`@doc "Deletes OAuth token string from session"`
Session token setting on token exchange. Auth-related refactoring. 2020-11-25 18:47:23 +00:00			`def delete_session_token(%Conn{} = conn) do`
			`delete_session(conn, @oauth_token_session_key)`
			`end`
Auth subsystem refactoring and tweaks. Added proper OAuth skipping for SessionAuthenticationPlug. Integrated LegacyAuthenticationPlug into AuthenticationPlug. Adjusted tests & docs. 2020-10-31 10:38:35 +00:00			`end`