|
|
@ -31,7 +31,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
|
|
|
}) do
|
|
|
|
}) do
|
|
|
|
with %User{} = user <- User.get_by_nickname_or_email(name),
|
|
|
|
with %User{} = user <- User.get_by_nickname_or_email(name),
|
|
|
|
true <- Pbkdf2.checkpw(password, user.password_hash),
|
|
|
|
true <- Pbkdf2.checkpw(password, user.password_hash),
|
|
|
|
true <- User.auth_active?(user),
|
|
|
|
{:auth_active, true} <- {:auth_active, User.auth_active?(user)},
|
|
|
|
%App{} = app <- Repo.get_by(App, client_id: client_id),
|
|
|
|
%App{} = app <- Repo.get_by(App, client_id: client_id),
|
|
|
|
{:ok, auth} <- Authorization.create_authorization(app, user) do
|
|
|
|
{:ok, auth} <- Authorization.create_authorization(app, user) do
|
|
|
|
# Special case: Local MastodonFE.
|
|
|
|
# Special case: Local MastodonFE.
|
|
|
@ -64,6 +64,15 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
|
|
|
|
|
|
|
|
|
|
|
redirect(conn, external: url)
|
|
|
|
redirect(conn, external: url)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
else
|
|
|
|
|
|
|
|
{:auth_active, false} ->
|
|
|
|
|
|
|
|
conn
|
|
|
|
|
|
|
|
|> put_flash(:error, "Account confirmation pending")
|
|
|
|
|
|
|
|
|> put_status(:forbidden)
|
|
|
|
|
|
|
|
|> authorize(params)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
error ->
|
|
|
|
|
|
|
|
error
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
@ -102,7 +111,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
|
|
|
with %App{} = app <- get_app_from_request(conn, params),
|
|
|
|
with %App{} = app <- get_app_from_request(conn, params),
|
|
|
|
%User{} = user <- User.get_by_nickname_or_email(name),
|
|
|
|
%User{} = user <- User.get_by_nickname_or_email(name),
|
|
|
|
true <- Pbkdf2.checkpw(password, user.password_hash),
|
|
|
|
true <- Pbkdf2.checkpw(password, user.password_hash),
|
|
|
|
true <- User.auth_active?(user),
|
|
|
|
{:auth_active, true} <- {:auth_active, User.auth_active?(user)},
|
|
|
|
{:ok, auth} <- Authorization.create_authorization(app, user),
|
|
|
|
{:ok, auth} <- Authorization.create_authorization(app, user),
|
|
|
|
{:ok, token} <- Token.exchange_token(app, auth) do
|
|
|
|
{:ok, token} <- Token.exchange_token(app, auth) do
|
|
|
|
response = %{
|
|
|
|
response = %{
|
|
|
@ -115,6 +124,11 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
|
|
|
|
|
|
|
|
|
|
|
json(conn, response)
|
|
|
|
json(conn, response)
|
|
|
|
else
|
|
|
|
else
|
|
|
|
|
|
|
|
{:auth_active, false} ->
|
|
|
|
|
|
|
|
conn
|
|
|
|
|
|
|
|
|> put_status(:forbidden)
|
|
|
|
|
|
|
|
|> json(%{error: "Account confirmation pending"})
|
|
|
|
|
|
|
|
|
|
|
|
_error ->
|
|
|
|
_error ->
|
|
|
|
put_status(conn, 400)
|
|
|
|
put_status(conn, 400)
|
|
|
|
|> json(%{error: "Invalid credentials"})
|
|
|
|
|> json(%{error: "Invalid credentials"})
|
|
|
|