Pbkdf2.verify_pass --> AuthenticationPlug.checkpw
This commit is contained in:
parent
9cbf17d59f
commit
5b0f27d23d
|
@ -4,6 +4,7 @@
|
||||||
|
|
||||||
defmodule Pleroma.BBS.Authenticator do
|
defmodule Pleroma.BBS.Authenticator do
|
||||||
use Sshd.PasswordAuthenticator
|
use Sshd.PasswordAuthenticator
|
||||||
|
alias Pleroma.Plugs.AuthenticationPlug
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
|
|
||||||
def authenticate(username, password) do
|
def authenticate(username, password) do
|
||||||
|
@ -11,7 +12,7 @@ def authenticate(username, password) do
|
||||||
password = to_string(password)
|
password = to_string(password)
|
||||||
|
|
||||||
with %User{} = user <- User.get_by_nickname(username) do
|
with %User{} = user <- User.get_by_nickname(username) do
|
||||||
Pbkdf2.verify_pass(password, user.password_hash)
|
AuthenticationPlug.checkpw(password, user.password_hash)
|
||||||
else
|
else
|
||||||
_e -> false
|
_e -> false
|
||||||
end
|
end
|
||||||
|
|
|
@ -41,7 +41,7 @@ def call(
|
||||||
} = conn,
|
} = conn,
|
||||||
_
|
_
|
||||||
) do
|
) do
|
||||||
if Pbkdf2.verify_pass(password, password_hash) do
|
if checkpw(password, password_hash) do
|
||||||
conn
|
conn
|
||||||
|> assign(:user, auth_user)
|
|> assign(:user, auth_user)
|
||||||
|> OAuthScopesPlug.skip_plug()
|
|> OAuthScopesPlug.skip_plug()
|
||||||
|
|
|
@ -5,6 +5,7 @@
|
||||||
defmodule Pleroma.Web.Auth.TOTPAuthenticator do
|
defmodule Pleroma.Web.Auth.TOTPAuthenticator do
|
||||||
alias Pleroma.MFA
|
alias Pleroma.MFA
|
||||||
alias Pleroma.MFA.TOTP
|
alias Pleroma.MFA.TOTP
|
||||||
|
alias Pleroma.Plugs.AuthenticationPlug
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
|
|
||||||
@doc "Verify code or check backup code."
|
@doc "Verify code or check backup code."
|
||||||
|
@ -30,7 +31,7 @@ def verify_recovery_code(
|
||||||
code
|
code
|
||||||
)
|
)
|
||||||
when is_list(codes) and is_binary(code) do
|
when is_list(codes) and is_binary(code) do
|
||||||
hash_code = Enum.find(codes, fn hash -> Pbkdf2.verify_pass(code, hash) end)
|
hash_code = Enum.find(codes, fn hash -> AuthenticationPlug.checkpw(code, hash) end)
|
||||||
|
|
||||||
if hash_code do
|
if hash_code do
|
||||||
MFA.invalidate_backup_code(user, hash_code)
|
MFA.invalidate_backup_code(user, hash_code)
|
||||||
|
|
|
@ -5,6 +5,7 @@
|
||||||
defmodule Pleroma.Web.MongooseIM.MongooseIMController do
|
defmodule Pleroma.Web.MongooseIM.MongooseIMController do
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
|
alias Pleroma.Plugs.AuthenticationPlug
|
||||||
alias Pleroma.Plugs.RateLimiter
|
alias Pleroma.Plugs.RateLimiter
|
||||||
alias Pleroma.Repo
|
alias Pleroma.Repo
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
|
@ -27,7 +28,7 @@ def user_exists(conn, %{"user" => username}) do
|
||||||
def check_password(conn, %{"user" => username, "pass" => password}) do
|
def check_password(conn, %{"user" => username, "pass" => password}) do
|
||||||
with %User{password_hash: password_hash, deactivated: false} <-
|
with %User{password_hash: password_hash, deactivated: false} <-
|
||||||
Repo.get_by(User, nickname: username, local: true),
|
Repo.get_by(User, nickname: username, local: true),
|
||||||
true <- Pbkdf2.verify_pass(password, password_hash) do
|
true <- AuthenticationPlug.checkpw(password, password_hash) do
|
||||||
conn
|
conn
|
||||||
|> json(true)
|
|> json(true)
|
||||||
else
|
else
|
||||||
|
|
Loading…
Reference in New Issue