commit: a68c18f0ad6befe432e961bd348744b305492524
parent: 0f3e78addb4a88106120737f2eb603ec136d99f9
Author: kaniini <nenolod@gmail.com>
Date: Tue, 6 Nov 2018 16:18:12 +0000
Merge branch 'unify-mastodon-oauth' into 'develop'
Unify Mastodon Login with OAuth login.
See merge request pleroma/pleroma!429
Diffstat:
4 files changed, 52 insertions(+), 49 deletions(-)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -1,4 +1,4 @@
-image: elixir:1.6.4
+image: elixir:1.7.2
services:
- postgres:9.6.2
diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
@@ -985,9 +985,29 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
end
end
+ def login(conn, %{"code" => code}) do
+ with {:ok, app} <- get_or_make_app(),
+ %Authorization{} = auth <- Repo.get_by(Authorization, token: code, app_id: app.id),
+ {:ok, token} <- Token.exchange_token(app, auth) do
+ conn
+ |> put_session(:oauth_token, token.token)
+ |> redirect(to: "/web/getting-started")
+ end
+ end
+
def login(conn, _) do
- conn
- |> render(MastodonView, "login.html", %{error: false})
+ with {:ok, app} <- get_or_make_app() do
+ path =
+ o_auth_path(conn, :authorize,
+ response_type: "code",
+ client_id: app.client_id,
+ redirect_uri: ".",
+ scope: app.scopes
+ )
+
+ conn
+ |> redirect(to: path)
+ end
end
defp get_or_make_app() do
@@ -1006,22 +1026,6 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
end
end
- def login_post(conn, %{"authorization" => %{"name" => name, "password" => password}}) do
- with %User{} = user <- User.get_by_nickname_or_email(name),
- true <- Pbkdf2.checkpw(password, user.password_hash),
- {:ok, app} <- get_or_make_app(),
- {:ok, auth} <- Authorization.create_authorization(app, user),
- {:ok, token} <- Token.exchange_token(app, auth) do
- conn
- |> put_session(:oauth_token, token.token)
- |> redirect(to: "/web/getting-started")
- else
- _e ->
- conn
- |> render(MastodonView, "login.html", %{error: "Wrong username or password"})
- end
- end
-
def logout(conn, _) do
conn
|> clear_session
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex
@@ -33,25 +33,35 @@ defmodule Pleroma.Web.OAuth.OAuthController do
true <- Pbkdf2.checkpw(password, user.password_hash),
%App{} = app <- Repo.get_by(App, client_id: client_id),
{:ok, auth} <- Authorization.create_authorization(app, user) do
- if redirect_uri == "urn:ietf:wg:oauth:2.0:oob" do
- render(conn, "results.html", %{
- auth: auth
- })
- else
- connector = if String.contains?(redirect_uri, "?"), do: "&", else: "?"
- url = "#{redirect_uri}#{connector}"
- url_params = %{:code => auth.token}
-
- url_params =
- if params["state"] do
- Map.put(url_params, :state, params["state"])
- else
- url_params
- end
-
- url = "#{url}#{Plug.Conn.Query.encode(url_params)}"
-
- redirect(conn, external: url)
+ # Special case: Local MastodonFE.
+ redirect_uri =
+ if redirect_uri == "." do
+ mastodon_api_url(conn, :login)
+ else
+ redirect_uri
+ end
+
+ cond do
+ redirect_uri == "urn:ietf:wg:oauth:2.0:oob" ->
+ render(conn, "results.html", %{
+ auth: auth
+ })
+
+ true ->
+ connector = if String.contains?(redirect_uri, "?"), do: "&", else: "?"
+ url = "#{redirect_uri}#{connector}"
+ url_params = %{:code => auth.token}
+
+ url_params =
+ if params["state"] do
+ Map.put(url_params, :state, params["state"])
+ else
+ url_params
+ end
+
+ url = "#{url}#{Plug.Conn.Query.encode(url_params)}"
+
+ redirect(conn, external: url)
end
end
end
diff --git a/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex b/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex
@@ -1,11 +0,0 @@
-<h2>Login to Mastodon Frontend</h2>
-<%= if @error do %>
- <h2><%= @error %></h2>
-<% end %>
-<%= form_for @conn, mastodon_api_path(@conn, :login), [as: "authorization"], fn f -> %>
-<%= text_input f, :name, placeholder: "Username or email" %>
-<br>
-<%= password_input f, :password, placeholder: "Password" %>
-<br>
-<%= submit "Log in" %>
-<% end %>
