Merge branch 'mongooseim-support' into 'develop'
MongooseIM: Add basic integration endpoints. See merge request pleroma/pleroma!1172
This commit is contained in:
commit
79c2cef2fb
|
@ -5,6 +5,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
|
|
||||||
## [unreleased]
|
## [unreleased]
|
||||||
### Added
|
### Added
|
||||||
|
- [MongooseIM](https://github.com/esl/MongooseIM) http authentication support.
|
||||||
- LDAP authentication
|
- LDAP authentication
|
||||||
- External OAuth provider authentication
|
- External OAuth provider authentication
|
||||||
- A [job queue](https://git.pleroma.social/pleroma/pleroma_job_queue) for federation, emails, web push, etc.
|
- A [job queue](https://git.pleroma.social/pleroma/pleroma_job_queue) for federation, emails, web push, etc.
|
||||||
|
|
|
@ -384,6 +384,7 @@
|
||||||
"activities",
|
"activities",
|
||||||
"api",
|
"api",
|
||||||
"auth",
|
"auth",
|
||||||
|
"check_password",
|
||||||
"dev",
|
"dev",
|
||||||
"friend-requests",
|
"friend-requests",
|
||||||
"inbox",
|
"inbox",
|
||||||
|
@ -404,6 +405,7 @@
|
||||||
"status",
|
"status",
|
||||||
"tag",
|
"tag",
|
||||||
"user-search",
|
"user-search",
|
||||||
|
"user_exists",
|
||||||
"users",
|
"users",
|
||||||
"web"
|
"web"
|
||||||
]
|
]
|
||||||
|
|
|
@ -0,0 +1,10 @@
|
||||||
|
# Configuring MongooseIM (XMPP Server) to use Pleroma for authentication
|
||||||
|
|
||||||
|
If you want to give your Pleroma users an XMPP (chat) account, you can configure [MongooseIM](https://github.com/esl/MongooseIM) to use your Pleroma server for user authentication, automatically giving every local user an XMPP account.
|
||||||
|
|
||||||
|
In general, you just have to follow the configuration described at [https://mongooseim.readthedocs.io/en/latest/authentication-backends/HTTP-authentication-module/](https://mongooseim.readthedocs.io/en/latest/authentication-backends/HTTP-authentication-module/) and do these changes to your mongooseim.cfg.
|
||||||
|
|
||||||
|
1. Set the auth_method to `{auth_method, http}`.
|
||||||
|
2. Add the http auth pool like this: `{http, global, auth, [{workers, 50}], [{server, "https://yourpleromainstance.com"}]}`
|
||||||
|
|
||||||
|
Restart your MongooseIM server, your users should now be able to connect with their Pleroma credentials.
|
|
@ -0,0 +1,41 @@
|
||||||
|
# Pleroma: A lightweight social networking server
|
||||||
|
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||||
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
|
defmodule Pleroma.Web.MongooseIM.MongooseIMController do
|
||||||
|
use Pleroma.Web, :controller
|
||||||
|
alias Comeonin.Pbkdf2
|
||||||
|
alias Pleroma.Repo
|
||||||
|
alias Pleroma.User
|
||||||
|
|
||||||
|
def user_exists(conn, %{"user" => username}) do
|
||||||
|
with %User{} <- Repo.get_by(User, nickname: username, local: true) do
|
||||||
|
conn
|
||||||
|
|> json(true)
|
||||||
|
else
|
||||||
|
_ ->
|
||||||
|
conn
|
||||||
|
|> put_status(:not_found)
|
||||||
|
|> json(false)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def check_password(conn, %{"user" => username, "pass" => password}) do
|
||||||
|
with %User{password_hash: password_hash} <-
|
||||||
|
Repo.get_by(User, nickname: username, local: true),
|
||||||
|
true <- Pbkdf2.checkpw(password, password_hash) do
|
||||||
|
conn
|
||||||
|
|> json(true)
|
||||||
|
else
|
||||||
|
false ->
|
||||||
|
conn
|
||||||
|
|> put_status(403)
|
||||||
|
|> json(false)
|
||||||
|
|
||||||
|
_ ->
|
||||||
|
conn
|
||||||
|
|> put_status(:not_found)
|
||||||
|
|> json(false)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
|
@ -707,6 +707,11 @@ defmodule Pleroma.Web.Router do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
scope "/", Pleroma.Web.MongooseIM do
|
||||||
|
get("/user_exists", MongooseIMController, :user_exists)
|
||||||
|
get("/check_password", MongooseIMController, :check_password)
|
||||||
|
end
|
||||||
|
|
||||||
scope "/", Fallback do
|
scope "/", Fallback do
|
||||||
get("/registration/:token", RedirectController, :registration_page)
|
get("/registration/:token", RedirectController, :registration_page)
|
||||||
get("/:maybe_nickname_or_id", RedirectController, :redirector_with_meta)
|
get("/:maybe_nickname_or_id", RedirectController, :redirector_with_meta)
|
||||||
|
|
|
@ -0,0 +1,59 @@
|
||||||
|
# Pleroma: A lightweight social networking server
|
||||||
|
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
||||||
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
|
defmodule Pleroma.Web.MongooseIMController do
|
||||||
|
use Pleroma.Web.ConnCase
|
||||||
|
import Pleroma.Factory
|
||||||
|
|
||||||
|
test "/user_exists", %{conn: conn} do
|
||||||
|
_user = insert(:user, nickname: "lain")
|
||||||
|
_remote_user = insert(:user, nickname: "alice", local: false)
|
||||||
|
|
||||||
|
res =
|
||||||
|
conn
|
||||||
|
|> get(mongoose_im_path(conn, :user_exists), user: "lain")
|
||||||
|
|> json_response(200)
|
||||||
|
|
||||||
|
assert res == true
|
||||||
|
|
||||||
|
res =
|
||||||
|
conn
|
||||||
|
|> get(mongoose_im_path(conn, :user_exists), user: "alice")
|
||||||
|
|> json_response(404)
|
||||||
|
|
||||||
|
assert res == false
|
||||||
|
|
||||||
|
res =
|
||||||
|
conn
|
||||||
|
|> get(mongoose_im_path(conn, :user_exists), user: "bob")
|
||||||
|
|> json_response(404)
|
||||||
|
|
||||||
|
assert res == false
|
||||||
|
end
|
||||||
|
|
||||||
|
test "/check_password", %{conn: conn} do
|
||||||
|
user = insert(:user, password_hash: Comeonin.Pbkdf2.hashpwsalt("cool"))
|
||||||
|
|
||||||
|
res =
|
||||||
|
conn
|
||||||
|
|> get(mongoose_im_path(conn, :check_password), user: user.nickname, pass: "cool")
|
||||||
|
|> json_response(200)
|
||||||
|
|
||||||
|
assert res == true
|
||||||
|
|
||||||
|
res =
|
||||||
|
conn
|
||||||
|
|> get(mongoose_im_path(conn, :check_password), user: user.nickname, pass: "uncool")
|
||||||
|
|> json_response(403)
|
||||||
|
|
||||||
|
assert res == false
|
||||||
|
|
||||||
|
res =
|
||||||
|
conn
|
||||||
|
|> get(mongoose_im_path(conn, :check_password), user: "nobody", pass: "cool")
|
||||||
|
|> json_response(404)
|
||||||
|
|
||||||
|
assert res == false
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in New Issue