2017-09-06 17:06:25 +00:00
|
|
|
defmodule Pleroma.Plugs.OAuthPlug do
|
|
|
|
import Plug.Conn
|
|
|
|
alias Pleroma.User
|
|
|
|
alias Pleroma.Repo
|
|
|
|
alias Pleroma.Web.OAuth.Token
|
|
|
|
|
|
|
|
def init(options) do
|
|
|
|
options
|
|
|
|
end
|
|
|
|
|
|
|
|
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
|
2018-03-30 13:01:53 +00:00
|
|
|
|
2017-11-19 01:22:07 +00:00
|
|
|
def call(conn, _) do
|
2018-03-30 13:01:53 +00:00
|
|
|
token =
|
|
|
|
case get_req_header(conn, "authorization") do
|
|
|
|
["Bearer " <> header] -> header
|
|
|
|
_ -> get_session(conn, :oauth_token)
|
|
|
|
end
|
|
|
|
|
2017-11-12 13:23:05 +00:00
|
|
|
with token when not is_nil(token) <- token,
|
|
|
|
%Token{user_id: user_id} <- Repo.get_by(Token, token: token),
|
2017-12-07 16:41:34 +00:00
|
|
|
%User{} = user <- Repo.get(User, user_id),
|
|
|
|
false <- !!user.info["deactivated"] do
|
2017-09-06 17:06:25 +00:00
|
|
|
conn
|
|
|
|
|> assign(:user, user)
|
|
|
|
else
|
|
|
|
_ -> conn
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|