Page Menu
Home
Phorge
Search
Configure Global Search
Log In
Files
F21907299
admin_secret_authentication_plug.ex
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Award Token
Flag For Later
Size
1 KB
Referenced Files
None
Subscribers
None
admin_secret_authentication_plug.ex
View Options
# Pleroma: A lightweight social networking server
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule
Pleroma.Web.Plugs.AdminSecretAuthenticationPlug
do
import
Plug.Conn
alias
Pleroma.Helpers.AuthHelper
alias
Pleroma.User
alias
Pleroma.Web.Plugs.RateLimiter
def
init
(
options
)
do
options
end
def
call
(%{
assigns
:
%{
user
:
%
User
{}}}
=
conn
,
_
),
do
:
conn
def
call
(
conn
,
_
)
do
if
secret_token
()
do
authenticate
(
conn
)
else
conn
end
end
defp
authenticate
(%{
params
:
%{
"admin_token"
=>
admin_token
}}
=
conn
)
do
if
admin_token
==
secret_token
()
do
assign_admin_user
(
conn
)
else
handle_bad_token
(
conn
)
end
end
defp
authenticate
(
conn
)
do
token
=
secret_token
()
case
get_req_header
(
conn
,
"x-admin-token"
)
do
blank
when
blank
in
[[],
[
""
]]
->
conn
[
^
token
]
->
assign_admin_user
(
conn
)
_
->
handle_bad_token
(
conn
)
end
end
defp
secret_token
do
case
Pleroma.Config
.
get
(
:admin_token
)
do
blank
when
blank
in
[
nil
,
""
]
->
nil
token
->
token
end
end
defp
assign_admin_user
(
conn
)
do
conn
|>
assign
(
:user
,
%
User
{
is_admin
:
true
})
|>
AuthHelper
.
skip_oauth
()
end
defp
handle_bad_token
(
conn
)
do
RateLimiter
.
call
(
conn
,
name
:
:authentication
)
end
end
File Metadata
Details
Attached
Mime Type
text/x-ruby
Expires
Sun, Dec 28, 1:41 AM (15 h, 12 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
688451
Default Alt Text
admin_secret_authentication_plug.ex (1 KB)
Attached To
Mode
rPUBE pleroma-upstream
Attached
Detach File
Event Timeline
Log In to Comment