From 4f640c43edc237f4450cc0d42896b5e0a7b4a324 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Tue, 6 Nov 2018 15:19:11 +0100
Subject: [PATCH 1/3] Unify Mastodon Login with OAuth login.

This removes duplication in the login code.
---
 .../mastodon_api/mastodon_api_controller.ex   | 41 ++++++++++--------
 lib/pleroma/web/oauth/oauth_controller.ex     | 42 ++++++++++++-------
 .../mastodon_api/mastodon/login.html.eex      | 11 -----
 3 files changed, 49 insertions(+), 45 deletions(-)
 delete mode 100644 lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex

diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
index e92114f57..51a7ec2b2 100644
--- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
+++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
@@ -985,9 +985,30 @@ def put_settings(%{assigns: %{user: user}} = conn, %{"data" => settings} = _para
     end
   end
 
+  def login(conn, %{"code" => code}) do
+    with {:ok, app} <- get_or_make_app(),
+         %Authorization{} = auth <- Repo.get_by(Authorization, token: code, app_id: app.id),
+         {:ok, token} <- Token.exchange_token(app, auth) do
+
+      conn
+      |> put_session(:oauth_token, token.token)
+      |> redirect(to: "/web/getting-started")
+    end
+  end
+
   def login(conn, _) do
-    conn
-    |> render(MastodonView, "login.html", %{error: false})
+    with {:ok, app} <- get_or_make_app() do
+      path =
+        o_auth_path(conn, :authorize,
+          response_type: "code",
+          client_id: app.client_id,
+          redirect_uri: ".",
+          scope: app.scopes
+        )
+
+      conn
+      |> redirect(to: path)
+    end
   end
 
   defp get_or_make_app() do
@@ -1006,22 +1027,6 @@ defp get_or_make_app() do
     end
   end
 
-  def login_post(conn, %{"authorization" => %{"name" => name, "password" => password}}) do
-    with %User{} = user <- User.get_by_nickname_or_email(name),
-         true <- Pbkdf2.checkpw(password, user.password_hash),
-         {:ok, app} <- get_or_make_app(),
-         {:ok, auth} <- Authorization.create_authorization(app, user),
-         {:ok, token} <- Token.exchange_token(app, auth) do
-      conn
-      |> put_session(:oauth_token, token.token)
-      |> redirect(to: "/web/getting-started")
-    else
-      _e ->
-        conn
-        |> render(MastodonView, "login.html", %{error: "Wrong username or password"})
-    end
-  end
-
   def logout(conn, _) do
     conn
     |> clear_session
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex
index 5441ee0a8..35c158fbb 100644
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@@ -33,25 +33,35 @@ def create_authorization(conn, %{
          true <- Pbkdf2.checkpw(password, user.password_hash),
          %App{} = app <- Repo.get_by(App, client_id: client_id),
          {:ok, auth} <- Authorization.create_authorization(app, user) do
-      if redirect_uri == "urn:ietf:wg:oauth:2.0:oob" do
-        render(conn, "results.html", %{
-          auth: auth
-        })
-      else
-        connector = if String.contains?(redirect_uri, "?"), do: "&", else: "?"
-        url = "#{redirect_uri}#{connector}"
-        url_params = %{:code => auth.token}
+      # Special case: Local MastodonFE.
+      redirect_uri =
+        if redirect_uri == "." do
+          mastodon_api_url(conn, :login)
+        else
+          redirect_uri
+        end
 
-        url_params =
-          if params["state"] do
-            Map.put(url_params, :state, params["state"])
-          else
-            url_params
-          end
+      cond do
+        redirect_uri == "urn:ietf:wg:oauth:2.0:oob" ->
+          render(conn, "results.html", %{
+            auth: auth
+          })
 
-        url = "#{url}#{Plug.Conn.Query.encode(url_params)}"
+        true ->
+          connector = if String.contains?(redirect_uri, "?"), do: "&", else: "?"
+          url = "#{redirect_uri}#{connector}"
+          url_params = %{:code => auth.token}
 
-        redirect(conn, external: url)
+          url_params =
+            if params["state"] do
+              Map.put(url_params, :state, params["state"])
+            else
+              url_params
+            end
+
+          url = "#{url}#{Plug.Conn.Query.encode(url_params)}"
+
+          redirect(conn, external: url)
       end
     end
   end
diff --git a/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex b/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex
deleted file mode 100644
index 34cd7ed89..000000000
--- a/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex
+++ /dev/null
@@ -1,11 +0,0 @@
-<h2>Login to Mastodon Frontend</h2>
-<%= if @error do %>
-  <h2><%= @error %></h2>
-<% end %>
-<%= form_for @conn, mastodon_api_path(@conn, :login), [as: "authorization"], fn f -> %>
-<%= text_input f, :name, placeholder: "Username or email" %>
-<br>
-<%= password_input f, :password, placeholder: "Password" %>
-<br>
-<%= submit "Log in" %>
-<% end %>

From a8f1e30cb81fe17866e3ee33f5b3558dd5b33764 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Tue, 6 Nov 2018 16:05:58 +0100
Subject: [PATCH 2/3] Formatting.

---
 lib/pleroma/web/mastodon_api/mastodon_api_controller.ex | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
index 51a7ec2b2..5cb007740 100644
--- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
+++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
@@ -989,7 +989,6 @@ def login(conn, %{"code" => code}) do
     with {:ok, app} <- get_or_make_app(),
          %Authorization{} = auth <- Repo.get_by(Authorization, token: code, app_id: app.id),
          {:ok, token} <- Token.exchange_token(app, auth) do
-
       conn
       |> put_session(:oauth_token, token.token)
       |> redirect(to: "/web/getting-started")

From 236fd28aca4191617cf059ff0a536f6b2fef5d64 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Tue, 6 Nov 2018 16:12:09 +0100
Subject: [PATCH 3/3] use more modern elixir

---
 .gitlab-ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 46fa1c74c..c28468cd4 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,4 +1,4 @@
-image: elixir:1.6.4
+image: elixir:1.7.2
 
 services:
   - postgres:9.6.2