logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://hacktivis.me/git/pleroma.git

ensure_authenticated_plug.ex (1025B)

    

  1. # Pleroma: A lightweight social networking server
  2. # Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
  3. # SPDX-License-Identifier: AGPL-3.0-only
  5. defmodule Pleroma.Web.Plugs.EnsureAuthenticatedPlug do
  6.   @moduledoc """
  7.   Ensures _user_ authentication (app-bound user-unbound tokens are not accepted).
  8.   """
  10.   import Plug.Conn
  11.   import Pleroma.Web.TranslationHelpers
  13.   alias Pleroma.User
  15.   use Pleroma.Web, :plug
  17.   def init(options) do
  18.     options
  19.   end
  21.   @impl true
  22.   def perform(
  23.         %{
  24.           assigns: %{
  25.             auth_credentials: %{password: _},
  26.             user: %User{multi_factor_authentication_settings: %{enabled: true}}
  27.           }
  28.         } = conn,
  29.         _
  30.       ) do
  31.     conn
  32.     |> render_error(:forbidden, "Two-factor authentication enabled, you must use a access token.")
  33.     |> halt()
  34.   end
  36.   def perform(%{assigns: %{user: %User{}}} = conn, _) do
  37.     conn
  38.   end
  40.   def perform(conn, _) do
  41.     conn
  42.     |> render_error(:forbidden, "Invalid credentials.")
  43.     |> halt()
  44.   end
  45. end