Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
Pleroma
pleroma
Commits
e32dbfc9
Commit
e32dbfc9
authored
Mar 20, 2017
by
lain
Browse files
Add basic auth.
parent
a93f3421
Changes
5
Hide whitespace changes
Inline
Side-by-side
config/test.exs
View file @
e32dbfc9
...
...
@@ -17,3 +17,7 @@
database:
"pleroma_test"
,
hostname:
"localhost"
,
pool:
Ecto
.
Adapters
.
SQL
.
Sandbox
# Reduce hash rounds for testing
config
:comeonin
,
:pbkdf2_rounds
,
1
lib/pleroma/plugs/authentication_plug.ex
0 → 100644
View file @
e32dbfc9
defmodule
Pleroma
.
Plugs
.
AuthenticationPlug
do
import
Plug
.
Conn
def
init
(
options
)
do
options
end
def
call
(
conn
,
opts
)
do
with
{
:ok
,
username
,
password
}
<-
decode_header
(
conn
),
{
:ok
,
user
}
<-
opts
[
:fetcher
]
.
(
username
),
{
:ok
,
verified_user
}
<-
verify
(
user
,
password
)
do
conn
|>
assign
(
:user
,
verified_user
)
else
_
->
conn
|>
halt_or_continue
(
opts
)
end
end
defp
verify
(
nil
,
_password
)
do
Comeonin
.
Pbkdf2
.
dummy_checkpw
:error
end
defp
verify
(
user
,
password
)
do
if
Comeonin
.
Pbkdf2
.
checkpw
(
password
,
user
[
:password_hash
])
do
{
:ok
,
user
}
else
:error
end
end
defp
decode_header
(
conn
)
do
with
[
"Basic "
<>
header
]
<-
get_req_header
(
conn
,
"authorization"
),
{
:ok
,
userinfo
}
<-
Base
.
decode64
(
header
),
[
username
,
password
]
<-
String
.
split
(
userinfo
,
":"
)
do
{
:ok
,
username
,
password
}
end
end
defp
halt_or_continue
(
conn
,
%{
optional:
true
})
do
conn
|>
assign
(
:user
,
nil
)
end
defp
halt_or_continue
(
conn
,
_
)
do
conn
|>
put_resp_content_type
(
"application/json"
)
|>
send_resp
(
403
,
Poison
.
encode!
(%{
error:
"Invalid credentials."
}))
|>
halt
end
end
mix.exs
View file @
e32dbfc9
...
...
@@ -17,7 +17,7 @@ def project do
# Type `mix help compile.app` for more information.
def
application
do
[
mod:
{
Pleroma
.
Application
,
[]},
extra_applications:
[
:logger
,
:runtime_tools
]]
extra_applications:
[
:logger
,
:runtime_tools
,
:comeonin
]]
end
# Specifies which paths to compile per environment.
...
...
@@ -33,7 +33,9 @@ defp deps do
{
:phoenix_ecto
,
"~> 3.2"
},
{
:postgrex
,
">= 0.0.0"
},
{
:gettext
,
"~> 0.11"
},
{
:cowboy
,
"~> 1.0"
}]
{
:cowboy
,
"~> 1.0"
},
{
:comeonin
,
"~> 3.0"
},
{
:mix_test_watch
,
"~> 0.2"
,
only:
:dev
}]
end
# Aliases are shortcuts or tasks specific to the current project.
...
...
mix.lock
View file @
e32dbfc9
%{"connection": {:hex, :connection, "1.0.4", "a1cae72211f0eef17705aaededacac3eb30e6625b04a6117c1b2db6ace7d5976", [:mix], []},
%{"comeonin": {:hex, :comeonin, "3.0.2", "8b213268a6634bd2e31a8035a963e974681d13ccc1f73f2ae664b6ac4e993c96", [:make, :mix], [{:elixir_make, "~> 0.4", [hex: :elixir_make, optional: false]}]},
"connection": {:hex, :connection, "1.0.4", "a1cae72211f0eef17705aaededacac3eb30e6625b04a6117c1b2db6ace7d5976", [:mix], []},
"cowboy": {:hex, :cowboy, "1.1.2", "61ac29ea970389a88eca5a65601460162d370a70018afe6f949a29dca91f3bb0", [:rebar3], [{:cowlib, "~> 1.0.2", [hex: :cowlib, optional: false]}, {:ranch, "~> 1.3.2", [hex: :ranch, optional: false]}]},
"cowlib": {:hex, :cowlib, "1.0.2", "9d769a1d062c9c3ac753096f868ca121e2730b9a377de23dec0f7e08b1df84ee", [:make], []},
"db_connection": {:hex, :db_connection, "1.1.2", "2865c2a4bae0714e2213a0ce60a1b12d76a6efba0c51fbda59c9ab8d1accc7a8", [:mix], [{:connection, "~> 1.0.2", [hex: :connection, optional: false]}, {:poolboy, "~> 1.5", [hex: :poolboy, optional: true]}, {:sbroker, "~> 1.0", [hex: :sbroker, optional: true]}]},
"decimal": {:hex, :decimal, "1.3.1", "157b3cedb2bfcb5359372a7766dd7a41091ad34578296e951f58a946fcab49c6", [:mix], []},
"ecto": {:hex, :ecto, "2.1.4", "d1ba932813ec0e0d9db481ef2c17777f1cefb11fc90fa7c142ff354972dfba7e", [:mix], [{:db_connection, "~> 1.1", [hex: :db_connection, optional: true]}, {:decimal, "~> 1.2", [hex: :decimal, optional: false]}, {:mariaex, "~> 0.8.0", [hex: :mariaex, optional: true]}, {:poison, "~> 2.2 or ~> 3.0", [hex: :poison, optional: true]}, {:poolboy, "~> 1.5", [hex: :poolboy, optional: false]}, {:postgrex, "~> 0.13.0", [hex: :postgrex, optional: true]}, {:sbroker, "~> 1.0", [hex: :sbroker, optional: true]}]},
"elixir_make": {:hex, :elixir_make, "0.4.0", "992f38fabe705bb45821a728f20914c554b276838433349d4f2341f7a687cddf", [:mix], []},
"fs": {:hex, :fs, "2.12.0", "ad631efacc9a5683c8eaa1b274e24fa64a1b8eb30747e9595b93bec7e492e25e", [:rebar3], []},
"gettext": {:hex, :gettext, "0.13.1", "5e0daf4e7636d771c4c71ad5f3f53ba09a9ae5c250e1ab9c42ba9edccc476263", [:mix], []},
"mime": {:hex, :mime, "1.1.0", "01c1d6f4083d8aa5c7b8c246ade95139620ef8effb009edde934e0ec3b28090a", [:mix], []},
"mix_test_watch": {:hex, :mix_test_watch, "0.3.3", "70859889a8d1d43d1b75d69d87258a301f43209a17787cdb2bd9cab42adf271d", [:mix], [{:fs, "~> 2.12", [hex: :fs, optional: false]}]},
"phoenix": {:hex, :phoenix, "1.3.0-rc.1", "0d04948a4bd24823f101024c07b6a4d35e58f1fd92a465c1bc75dd37acd1041a", [:mix], [{:cowboy, "~> 1.0", [hex: :cowboy, optional: true]}, {:phoenix_pubsub, "~> 1.0", [hex: :phoenix_pubsub, optional: false]}, {:plug, "~> 1.3.2 or ~> 1.4", [hex: :plug, optional: false]}, {:poison, "~> 2.2 or ~> 3.0", [hex: :poison, optional: false]}]},
"phoenix_ecto": {:hex, :phoenix_ecto, "3.2.3", "450c749876ff1de4a78fdb305a142a76817c77a1cd79aeca29e5fc9a6c630b26", [:mix], [{:ecto, "~> 2.1", [hex: :ecto, optional: false]}, {:phoenix_html, "~> 2.9", [hex: :phoenix_html, optional: true]}, {:plug, "~> 1.0", [hex: :plug, optional: false]}]},
"phoenix_pubsub": {:hex, :phoenix_pubsub, "1.0.1", "c10ddf6237007c804bf2b8f3c4d5b99009b42eca3a0dfac04ea2d8001186056a", [:mix], []},
...
...
test/plugs/authentication_plug_test.exs
0 → 100644
View file @
e32dbfc9
defmodule
Pleroma
.
Plugs
.
AuthenticationPlugTest
do
use
Pleroma
.
Web
.
ConnCase
,
async:
true
alias
Pleroma
.
Plugs
.
AuthenticationPlug
defp
fetch_nil
(
_name
)
do
{
:ok
,
nil
}
end
@user
%{
id:
1
,
name:
"dude"
,
password_hash:
Comeonin
.
Pbkdf2
.
hashpwsalt
(
"guy"
)
}
defp
fetch_user
(
_name
)
do
{
:ok
,
@user
}
end
defp
basic_auth_enc
(
username
,
password
)
do
"Basic "
<>
Base
.
encode64
(
"
#{
username
}
:
#{
password
}
"
)
end
describe
"without an authorization header"
do
test
"it halts the application"
do
conn
=
build_conn
()
|>
AuthenticationPlug
.
call
(%{})
assert
conn
.
status
==
403
assert
conn
.
halted
==
true
end
test
"it assigns a nil user if the 'optional' option is used"
do
conn
=
build_conn
()
|>
AuthenticationPlug
.
call
(%{
optional:
true
})
assert
%{
user:
nil
}
==
conn
.
assigns
end
end
describe
"with an authorization header for a nonexisting user"
do
test
"it halts the application"
do
conn
=
build_conn
()
|>
AuthenticationPlug
.
call
(%{
fetcher:
&
fetch_nil
/
1
})
assert
conn
.
status
==
403
assert
conn
.
halted
==
true
end
test
"it assigns a nil user if the 'optional' option is used"
do
conn
=
build_conn
()
|>
AuthenticationPlug
.
call
(%{
optional:
true
,
fetcher:
&
fetch_nil
/
1
})
assert
%{
user:
nil
}
==
conn
.
assigns
end
end
describe
"with an incorrect authorization header for a enxisting user"
do
test
"it halts the application"
do
opts
=
%{
fetcher:
&
fetch_user
/
1
}
header
=
basic_auth_enc
(
"dude"
,
"man"
)
conn
=
build_conn
()
|>
put_req_header
(
"authorization"
,
header
)
|>
AuthenticationPlug
.
call
(
opts
)
assert
conn
.
status
==
403
assert
conn
.
halted
==
true
end
test
"it assigns a nil user if the 'optional' option is used"
do
opts
=
%{
optional:
true
,
fetcher:
&
fetch_user
/
1
}
header
=
basic_auth_enc
(
"dude"
,
"man"
)
conn
=
build_conn
()
|>
put_req_header
(
"authorization"
,
header
)
|>
AuthenticationPlug
.
call
(
opts
)
assert
%{
user:
nil
}
==
conn
.
assigns
end
end
describe
"with a correct authorization header for an existing user"
do
test
"it assigns the user"
do
opts
=
%{
optional:
true
,
fetcher:
&
fetch_user
/
1
}
header
=
basic_auth_enc
(
"dude"
,
"guy"
)
conn
=
build_conn
()
|>
put_req_header
(
"authorization"
,
header
)
|>
AuthenticationPlug
.
call
(
opts
)
assert
%{
user:
@user
}
==
conn
.
assigns
assert
conn
.
halted
==
false
end
end
end
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment