forked from AkkomaGang/akkoma
Create WrapperAuthenticator and simplify Authenticator behaviour
Speeds up recompilation by reducing compile-time cycles
This commit is contained in:
parent
4a6b49d0b4
commit
1399b82f7b
9 changed files with 91 additions and 75 deletions
|
@ -3,68 +3,11 @@
|
||||||
# SPDX-License-Identifier: AGPL-3.0-only
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
defmodule Pleroma.Web.Auth.Authenticator do
|
defmodule Pleroma.Web.Auth.Authenticator do
|
||||||
alias Pleroma.Registration
|
@callback get_user(Plug.Conn.t()) :: {:ok, user :: struct()} | {:error, any()}
|
||||||
alias Pleroma.User
|
@callback create_from_registration(Plug.Conn.t(), registration :: struct()) ::
|
||||||
|
|
||||||
def implementation do
|
|
||||||
Pleroma.Config.get(
|
|
||||||
Pleroma.Web.Auth.Authenticator,
|
|
||||||
Pleroma.Web.Auth.PleromaAuthenticator
|
|
||||||
)
|
|
||||||
end
|
|
||||||
|
|
||||||
@callback get_user(Plug.Conn.t()) :: {:ok, User.t()} | {:error, any()}
|
|
||||||
def get_user(plug), do: implementation().get_user(plug)
|
|
||||||
|
|
||||||
@callback create_from_registration(Plug.Conn.t(), Registration.t()) ::
|
|
||||||
{:ok, User.t()} | {:error, any()}
|
{:ok, User.t()} | {:error, any()}
|
||||||
def create_from_registration(plug, registration),
|
@callback get_registration(Plug.Conn.t()) :: {:ok, registration :: struct()} | {:error, any()}
|
||||||
do: implementation().create_from_registration(plug, registration)
|
|
||||||
|
|
||||||
@callback get_registration(Plug.Conn.t()) :: {:ok, Registration.t()} | {:error, any()}
|
|
||||||
def get_registration(plug), do: implementation().get_registration(plug)
|
|
||||||
|
|
||||||
@callback handle_error(Plug.Conn.t(), any()) :: any()
|
@callback handle_error(Plug.Conn.t(), any()) :: any()
|
||||||
def handle_error(plug, error),
|
|
||||||
do: implementation().handle_error(plug, error)
|
|
||||||
|
|
||||||
@callback auth_template() :: String.t() | nil
|
@callback auth_template() :: String.t() | nil
|
||||||
def auth_template do
|
|
||||||
# Note: `config :pleroma, :auth_template, "..."` support is deprecated
|
|
||||||
implementation().auth_template() ||
|
|
||||||
Pleroma.Config.get([:auth, :auth_template], Pleroma.Config.get(:auth_template)) ||
|
|
||||||
"show.html"
|
|
||||||
end
|
|
||||||
|
|
||||||
@callback oauth_consumer_template() :: String.t() | nil
|
@callback oauth_consumer_template() :: String.t() | nil
|
||||||
def oauth_consumer_template do
|
|
||||||
implementation().oauth_consumer_template() ||
|
|
||||||
Pleroma.Config.get([:auth, :oauth_consumer_template], "consumer.html")
|
|
||||||
end
|
|
||||||
|
|
||||||
@doc "Gets user by nickname or email for auth."
|
|
||||||
@spec fetch_user(String.t()) :: User.t() | nil
|
|
||||||
def fetch_user(name) do
|
|
||||||
User.get_by_nickname_or_email(name)
|
|
||||||
end
|
|
||||||
|
|
||||||
# Gets name and password from conn
|
|
||||||
#
|
|
||||||
@spec fetch_credentials(Plug.Conn.t() | map()) ::
|
|
||||||
{:ok, {name :: any, password :: any}} | {:error, :invalid_credentials}
|
|
||||||
def fetch_credentials(%Plug.Conn{params: params} = _),
|
|
||||||
do: fetch_credentials(params)
|
|
||||||
|
|
||||||
def fetch_credentials(params) do
|
|
||||||
case params do
|
|
||||||
%{"authorization" => %{"name" => name, "password" => password}} ->
|
|
||||||
{:ok, {name, password}}
|
|
||||||
|
|
||||||
%{"grant_type" => "password", "username" => name, "password" => password} ->
|
|
||||||
{:ok, {name, password}}
|
|
||||||
|
|
||||||
_ ->
|
|
||||||
{:error, :invalid_credentials}
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
33
lib/pleroma/web/auth/helpers.ex
Normal file
33
lib/pleroma/web/auth/helpers.ex
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
# Pleroma: A lightweight social networking server
|
||||||
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
||||||
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
|
defmodule Pleroma.Web.Auth.Helpers do
|
||||||
|
alias Pleroma.User
|
||||||
|
|
||||||
|
@doc "Gets user by nickname or email for auth."
|
||||||
|
@spec fetch_user(String.t()) :: User.t() | nil
|
||||||
|
def fetch_user(name) do
|
||||||
|
User.get_by_nickname_or_email(name)
|
||||||
|
end
|
||||||
|
|
||||||
|
# Gets name and password from conn
|
||||||
|
#
|
||||||
|
@spec fetch_credentials(Plug.Conn.t() | map()) ::
|
||||||
|
{:ok, {name :: any, password :: any}} | {:error, :invalid_credentials}
|
||||||
|
def fetch_credentials(%Plug.Conn{params: params} = _),
|
||||||
|
do: fetch_credentials(params)
|
||||||
|
|
||||||
|
def fetch_credentials(params) do
|
||||||
|
case params do
|
||||||
|
%{"authorization" => %{"name" => name, "password" => password}} ->
|
||||||
|
{:ok, {name, password}}
|
||||||
|
|
||||||
|
%{"grant_type" => "password", "username" => name, "password" => password} ->
|
||||||
|
{:ok, {name, password}}
|
||||||
|
|
||||||
|
_ ->
|
||||||
|
{:error, :invalid_credentials}
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
|
@ -7,8 +7,7 @@ defmodule Pleroma.Web.Auth.LDAPAuthenticator do
|
||||||
|
|
||||||
require Logger
|
require Logger
|
||||||
|
|
||||||
import Pleroma.Web.Auth.Authenticator,
|
import Pleroma.Web.Auth.Helpers, only: [fetch_credentials: 1, fetch_user: 1]
|
||||||
only: [fetch_credentials: 1, fetch_user: 1]
|
|
||||||
|
|
||||||
@behaviour Pleroma.Web.Auth.Authenticator
|
@behaviour Pleroma.Web.Auth.Authenticator
|
||||||
@base Pleroma.Web.Auth.PleromaAuthenticator
|
@base Pleroma.Web.Auth.PleromaAuthenticator
|
||||||
|
|
|
@ -8,8 +8,7 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticator do
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.Plugs.AuthenticationPlug
|
alias Pleroma.Web.Plugs.AuthenticationPlug
|
||||||
|
|
||||||
import Pleroma.Web.Auth.Authenticator,
|
import Pleroma.Web.Auth.Helpers, only: [fetch_credentials: 1, fetch_user: 1]
|
||||||
only: [fetch_credentials: 1, fetch_user: 1]
|
|
||||||
|
|
||||||
@behaviour Pleroma.Web.Auth.Authenticator
|
@behaviour Pleroma.Web.Auth.Authenticator
|
||||||
|
|
||||||
|
|
42
lib/pleroma/web/auth/wrapper_authenticator.ex
Normal file
42
lib/pleroma/web/auth/wrapper_authenticator.ex
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
# Pleroma: A lightweight social networking server
|
||||||
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
||||||
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
|
defmodule Pleroma.Web.Auth.WrapperAuthenticator do
|
||||||
|
@behaviour Pleroma.Web.Auth.Authenticator
|
||||||
|
|
||||||
|
defp implementation do
|
||||||
|
Pleroma.Config.get(
|
||||||
|
Pleroma.Web.Auth.Authenticator,
|
||||||
|
Pleroma.Web.Auth.PleromaAuthenticator
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
|
@impl true
|
||||||
|
def get_user(plug), do: implementation().get_user(plug)
|
||||||
|
|
||||||
|
@impl true
|
||||||
|
def create_from_registration(plug, registration),
|
||||||
|
do: implementation().create_from_registration(plug, registration)
|
||||||
|
|
||||||
|
@impl true
|
||||||
|
def get_registration(plug), do: implementation().get_registration(plug)
|
||||||
|
|
||||||
|
@impl true
|
||||||
|
def handle_error(plug, error),
|
||||||
|
do: implementation().handle_error(plug, error)
|
||||||
|
|
||||||
|
@impl true
|
||||||
|
def auth_template do
|
||||||
|
# Note: `config :pleroma, :auth_template, "..."` support is deprecated
|
||||||
|
implementation().auth_template() ||
|
||||||
|
Pleroma.Config.get([:auth, :auth_template], Pleroma.Config.get(:auth_template)) ||
|
||||||
|
"show.html"
|
||||||
|
end
|
||||||
|
|
||||||
|
@impl true
|
||||||
|
def oauth_consumer_template do
|
||||||
|
implementation().oauth_consumer_template() ||
|
||||||
|
Pleroma.Config.get([:auth, :oauth_consumer_template], "consumer.html")
|
||||||
|
end
|
||||||
|
end
|
|
@ -12,7 +12,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
||||||
alias Pleroma.Registration
|
alias Pleroma.Registration
|
||||||
alias Pleroma.Repo
|
alias Pleroma.Repo
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.Auth.Authenticator
|
alias Pleroma.Web.Auth.WrapperAuthenticator, as: Authenticator
|
||||||
alias Pleroma.Web.ControllerHelper
|
alias Pleroma.Web.ControllerHelper
|
||||||
alias Pleroma.Web.OAuth.App
|
alias Pleroma.Web.OAuth.App
|
||||||
alias Pleroma.Web.OAuth.Authorization
|
alias Pleroma.Web.OAuth.Authorization
|
||||||
|
|
|
@ -61,5 +61,5 @@
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|
||||||
<%= if Pleroma.Config.oauth_consumer_enabled?() do %>
|
<%= if Pleroma.Config.oauth_consumer_enabled?() do %>
|
||||||
<%= render @view_module, Pleroma.Web.Auth.Authenticator.oauth_consumer_template(), assigns %>
|
<%= render @view_module, Pleroma.Web.Auth.WrapperAuthenticator.oauth_consumer_template(), assigns %>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|
|
@ -11,8 +11,8 @@ defmodule Pleroma.Web.TwitterAPI.RemoteFollowController do
|
||||||
alias Pleroma.MFA
|
alias Pleroma.MFA
|
||||||
alias Pleroma.Object.Fetcher
|
alias Pleroma.Object.Fetcher
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.Auth.Authenticator
|
|
||||||
alias Pleroma.Web.Auth.TOTPAuthenticator
|
alias Pleroma.Web.Auth.TOTPAuthenticator
|
||||||
|
alias Pleroma.Web.Auth.WrapperAuthenticator
|
||||||
alias Pleroma.Web.CommonAPI
|
alias Pleroma.Web.CommonAPI
|
||||||
|
|
||||||
@status_types ["Article", "Event", "Note", "Video", "Page", "Question"]
|
@status_types ["Article", "Event", "Note", "Video", "Page", "Question"]
|
||||||
|
@ -88,7 +88,7 @@ def do_follow(%{assigns: %{user: %User{} = user}} = conn, %{"user" => %{"id" =>
|
||||||
#
|
#
|
||||||
def do_follow(conn, %{"authorization" => %{"name" => _, "password" => _, "id" => id}}) do
|
def do_follow(conn, %{"authorization" => %{"name" => _, "password" => _, "id" => id}}) do
|
||||||
with {_, %User{} = followee} <- {:fetch_user, User.get_cached_by_id(id)},
|
with {_, %User{} = followee} <- {:fetch_user, User.get_cached_by_id(id)},
|
||||||
{_, {:ok, user}, _} <- {:auth, Authenticator.get_user(conn), followee},
|
{_, {:ok, user}, _} <- {:auth, WrapperAuthenticator.get_user(conn), followee},
|
||||||
{_, _, _, false} <- {:mfa_required, followee, user, MFA.require?(user)},
|
{_, _, _, false} <- {:mfa_required, followee, user, MFA.require?(user)},
|
||||||
{:ok, _, _, _} <- CommonAPI.follow(user, followee) do
|
{:ok, _, _, _} <- CommonAPI.follow(user, followee) do
|
||||||
redirect(conn, to: "/users/#{followee.id}")
|
redirect(conn, to: "/users/#{followee.id}")
|
||||||
|
|
|
@ -5,38 +5,38 @@
|
||||||
defmodule Pleroma.Web.Auth.AuthenticatorTest do
|
defmodule Pleroma.Web.Auth.AuthenticatorTest do
|
||||||
use Pleroma.Web.ConnCase, async: true
|
use Pleroma.Web.ConnCase, async: true
|
||||||
|
|
||||||
alias Pleroma.Web.Auth.Authenticator
|
alias Pleroma.Web.Auth.Helpers
|
||||||
import Pleroma.Factory
|
import Pleroma.Factory
|
||||||
|
|
||||||
describe "fetch_user/1" do
|
describe "fetch_user/1" do
|
||||||
test "returns user by name" do
|
test "returns user by name" do
|
||||||
user = insert(:user)
|
user = insert(:user)
|
||||||
assert Authenticator.fetch_user(user.nickname) == user
|
assert Helpers.fetch_user(user.nickname) == user
|
||||||
end
|
end
|
||||||
|
|
||||||
test "returns user by email" do
|
test "returns user by email" do
|
||||||
user = insert(:user)
|
user = insert(:user)
|
||||||
assert Authenticator.fetch_user(user.email) == user
|
assert Helpers.fetch_user(user.email) == user
|
||||||
end
|
end
|
||||||
|
|
||||||
test "returns nil" do
|
test "returns nil" do
|
||||||
assert Authenticator.fetch_user("email") == nil
|
assert Helpers.fetch_user("email") == nil
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "fetch_credentials/1" do
|
describe "fetch_credentials/1" do
|
||||||
test "returns name and password from authorization params" do
|
test "returns name and password from authorization params" do
|
||||||
params = %{"authorization" => %{"name" => "test", "password" => "test-pass"}}
|
params = %{"authorization" => %{"name" => "test", "password" => "test-pass"}}
|
||||||
assert Authenticator.fetch_credentials(params) == {:ok, {"test", "test-pass"}}
|
assert Helpers.fetch_credentials(params) == {:ok, {"test", "test-pass"}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "returns name and password with grant_type 'password'" do
|
test "returns name and password with grant_type 'password'" do
|
||||||
params = %{"grant_type" => "password", "username" => "test", "password" => "test-pass"}
|
params = %{"grant_type" => "password", "username" => "test", "password" => "test-pass"}
|
||||||
assert Authenticator.fetch_credentials(params) == {:ok, {"test", "test-pass"}}
|
assert Helpers.fetch_credentials(params) == {:ok, {"test", "test-pass"}}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "returns error" do
|
test "returns error" do
|
||||||
assert Authenticator.fetch_credentials(%{}) == {:error, :invalid_credentials}
|
assert Helpers.fetch_credentials(%{}) == {:error, :invalid_credentials}
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue