Moonman
5 years ago
4 changed files with 19 additions and 6 deletions
Unified View
Diff Options
-
+13 -0lib/pleroma/plugs/authentication_plug.ex
-
+2 -2lib/pleroma/web/auth/pleroma_authenticator.ex
-
+2 -2lib/pleroma/web/common_api/utils.ex
-
+2 -2lib/pleroma/web/twitter_api/controllers/util_controller.ex
+ 13
- 0
lib/pleroma/plugs/authentication_plug.ex
View File
| @@ -6,11 +6,24 @@ defmodule Pleroma.Plugs.AuthenticationPlug do | |||||
| alias Comeonin.Pbkdf2 | alias Comeonin.Pbkdf2 | ||||
| import Plug.Conn | import Plug.Conn | ||||
| alias Pleroma.User | alias Pleroma.User | ||||
| require Logger | |||||
| def init(options) do | def init(options) do | ||||
| options | options | ||||
| end | end | ||||
| def checkpw(password, password_hash) do | |||||
| cond do | |||||
| String.starts_with?(password_hash, "$pbkdf2") -> | |||||
| Pbkdf2.checkpw(password, password_hash) | |||||
| String.starts_with?(password_hash, "$6") -> | |||||
| :crypt.crypt(password, password_hash) == password_hash | |||||
| true -> | |||||
| Logger.error("Password hash not recognized") | |||||
| false | |||||
| end | |||||
| end | |||||
| def call(%{assigns: %{user: %User{}}} = conn, _), do: conn | def call(%{assigns: %{user: %User{}}} = conn, _), do: conn | ||||
| def call( | def call( | ||||
+ 2
- 2
lib/pleroma/web/auth/pleroma_authenticator.ex
View File
| @@ -3,7 +3,7 @@ | |||||
| # SPDX-License-Identifier: AGPL-3.0-only | # SPDX-License-Identifier: AGPL-3.0-only | ||||
| defmodule Pleroma.Web.Auth.PleromaAuthenticator do | defmodule Pleroma.Web.Auth.PleromaAuthenticator do | ||||
| alias Comeonin.Pbkdf2 | |||||
| alias Pleroma.Plugs.AuthenticationPlug | |||||
| alias Pleroma.Registration | alias Pleroma.Registration | ||||
| alias Pleroma.Repo | alias Pleroma.Repo | ||||
| alias Pleroma.User | alias Pleroma.User | ||||
| @@ -16,7 +16,7 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticator do | |||||
| def get_user(%Plug.Conn{} = conn) do | def get_user(%Plug.Conn{} = conn) do | ||||
| with {:ok, {name, password}} <- fetch_credentials(conn), | with {:ok, {name, password}} <- fetch_credentials(conn), | ||||
| {_, %User{} = user} <- {:user, fetch_user(name)}, | {_, %User{} = user} <- {:user, fetch_user(name)}, | ||||
| {_, true} <- {:checkpw, Pbkdf2.checkpw(password, user.password_hash)} do | |||||
| {_, true} <- {:checkpw, AuthenticationPlug.checkpw(password, user.password_hash)} do | |||||
| {:ok, user} | {:ok, user} | ||||
| else | else | ||||
| error -> | error -> | ||||
+ 2
- 2
lib/pleroma/web/common_api/utils.ex
View File
| @@ -6,11 +6,11 @@ defmodule Pleroma.Web.CommonAPI.Utils do | |||||
| import Pleroma.Web.Gettext | import Pleroma.Web.Gettext | ||||
| alias Calendar.Strftime | alias Calendar.Strftime | ||||
| alias Comeonin.Pbkdf2 | |||||
| alias Pleroma.Activity | alias Pleroma.Activity | ||||
| alias Pleroma.Config | alias Pleroma.Config | ||||
| alias Pleroma.Formatter | alias Pleroma.Formatter | ||||
| alias Pleroma.Object | alias Pleroma.Object | ||||
| alias Pleroma.Plugs.AuthenticationPlug | |||||
| alias Pleroma.Repo | alias Pleroma.Repo | ||||
| alias Pleroma.User | alias Pleroma.User | ||||
| alias Pleroma.Web.ActivityPub.Utils | alias Pleroma.Web.ActivityPub.Utils | ||||
| @@ -371,7 +371,7 @@ defmodule Pleroma.Web.CommonAPI.Utils do | |||||
| def confirm_current_password(user, password) do | def confirm_current_password(user, password) do | ||||
| with %User{local: true} = db_user <- User.get_cached_by_id(user.id), | with %User{local: true} = db_user <- User.get_cached_by_id(user.id), | ||||
| true <- Pbkdf2.checkpw(password, db_user.password_hash) do | |||||
| true <- AuthenticationPlug.checkpw(password, db_user.password_hash) do | |||||
| {:ok, db_user} | {:ok, db_user} | ||||
| else | else | ||||
| _ -> {:error, dgettext("errors", "Invalid password.")} | _ -> {:error, dgettext("errors", "Invalid password.")} | ||||
+ 2
- 2
lib/pleroma/web/twitter_api/controllers/util_controller.ex
View File
| @@ -7,10 +7,10 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do | |||||
| require Logger | require Logger | ||||
| alias Comeonin.Pbkdf2 | |||||
| alias Pleroma.Activity | alias Pleroma.Activity | ||||
| alias Pleroma.Emoji | alias Pleroma.Emoji | ||||
| alias Pleroma.Notification | alias Pleroma.Notification | ||||
| alias Pleroma.Plugs.AuthenticationPlug | |||||
| alias Pleroma.User | alias Pleroma.User | ||||
| alias Pleroma.Web | alias Pleroma.Web | ||||
| alias Pleroma.Web.ActivityPub.ActivityPub | alias Pleroma.Web.ActivityPub.ActivityPub | ||||
| @@ -96,7 +96,7 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do | |||||
| name = followee.nickname | name = followee.nickname | ||||
| with %User{} = user <- User.get_cached_by_nickname(username), | with %User{} = user <- User.get_cached_by_nickname(username), | ||||
| true <- Pbkdf2.checkpw(password, user.password_hash), | |||||
| true <- AuthenticationPlug.checkpw(password, user.password_hash), | |||||
| %User{} = _followed <- User.get_cached_by_id(id), | %User{} = _followed <- User.get_cached_by_id(id), | ||||
| {:ok, follower} <- User.follow(user, followee), | {:ok, follower} <- User.follow(user, followee), | ||||
| {:ok, _activity} <- ActivityPub.follow(follower, followee) do | {:ok, _activity} <- ActivityPub.follow(follower, followee) do | ||||