Merge branch 'cycles-authenticator' into 'develop'

Recompilation speedup: create WrapperAuthenticator and simplify Authenticator behaviour

See merge request pleroma/pleroma!3454
This commit is contained in:
feld 2021-06-08 17:45:10 +00:00
commit ac2ed19e4f
9 changed files with 91 additions and 75 deletions

View file

@ -3,68 +3,11 @@
# SPDX-License-Identifier: AGPL-3.0-only # SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Auth.Authenticator do defmodule Pleroma.Web.Auth.Authenticator do
alias Pleroma.Registration @callback get_user(Plug.Conn.t()) :: {:ok, user :: struct()} | {:error, any()}
alias Pleroma.User @callback create_from_registration(Plug.Conn.t(), registration :: struct()) ::
def implementation do
Pleroma.Config.get(
Pleroma.Web.Auth.Authenticator,
Pleroma.Web.Auth.PleromaAuthenticator
)
end
@callback get_user(Plug.Conn.t()) :: {:ok, User.t()} | {:error, any()}
def get_user(plug), do: implementation().get_user(plug)
@callback create_from_registration(Plug.Conn.t(), Registration.t()) ::
{:ok, User.t()} | {:error, any()} {:ok, User.t()} | {:error, any()}
def create_from_registration(plug, registration), @callback get_registration(Plug.Conn.t()) :: {:ok, registration :: struct()} | {:error, any()}
do: implementation().create_from_registration(plug, registration)
@callback get_registration(Plug.Conn.t()) :: {:ok, Registration.t()} | {:error, any()}
def get_registration(plug), do: implementation().get_registration(plug)
@callback handle_error(Plug.Conn.t(), any()) :: any() @callback handle_error(Plug.Conn.t(), any()) :: any()
def handle_error(plug, error),
do: implementation().handle_error(plug, error)
@callback auth_template() :: String.t() | nil @callback auth_template() :: String.t() | nil
def auth_template do
# Note: `config :pleroma, :auth_template, "..."` support is deprecated
implementation().auth_template() ||
Pleroma.Config.get([:auth, :auth_template], Pleroma.Config.get(:auth_template)) ||
"show.html"
end
@callback oauth_consumer_template() :: String.t() | nil @callback oauth_consumer_template() :: String.t() | nil
def oauth_consumer_template do
implementation().oauth_consumer_template() ||
Pleroma.Config.get([:auth, :oauth_consumer_template], "consumer.html")
end
@doc "Gets user by nickname or email for auth."
@spec fetch_user(String.t()) :: User.t() | nil
def fetch_user(name) do
User.get_by_nickname_or_email(name)
end
# Gets name and password from conn
#
@spec fetch_credentials(Plug.Conn.t() | map()) ::
{:ok, {name :: any, password :: any}} | {:error, :invalid_credentials}
def fetch_credentials(%Plug.Conn{params: params} = _),
do: fetch_credentials(params)
def fetch_credentials(params) do
case params do
%{"authorization" => %{"name" => name, "password" => password}} ->
{:ok, {name, password}}
%{"grant_type" => "password", "username" => name, "password" => password} ->
{:ok, {name, password}}
_ ->
{:error, :invalid_credentials}
end
end
end end

View file

@ -0,0 +1,33 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Auth.Helpers do
alias Pleroma.User
@doc "Gets user by nickname or email for auth."
@spec fetch_user(String.t()) :: User.t() | nil
def fetch_user(name) do
User.get_by_nickname_or_email(name)
end
# Gets name and password from conn
#
@spec fetch_credentials(Plug.Conn.t() | map()) ::
{:ok, {name :: any, password :: any}} | {:error, :invalid_credentials}
def fetch_credentials(%Plug.Conn{params: params} = _),
do: fetch_credentials(params)
def fetch_credentials(params) do
case params do
%{"authorization" => %{"name" => name, "password" => password}} ->
{:ok, {name, password}}
%{"grant_type" => "password", "username" => name, "password" => password} ->
{:ok, {name, password}}
_ ->
{:error, :invalid_credentials}
end
end
end

View file

@ -7,8 +7,7 @@ defmodule Pleroma.Web.Auth.LDAPAuthenticator do
require Logger require Logger
import Pleroma.Web.Auth.Authenticator, import Pleroma.Web.Auth.Helpers, only: [fetch_credentials: 1, fetch_user: 1]
only: [fetch_credentials: 1, fetch_user: 1]
@behaviour Pleroma.Web.Auth.Authenticator @behaviour Pleroma.Web.Auth.Authenticator
@base Pleroma.Web.Auth.PleromaAuthenticator @base Pleroma.Web.Auth.PleromaAuthenticator

View file

@ -8,8 +8,7 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticator do
alias Pleroma.User alias Pleroma.User
alias Pleroma.Web.Plugs.AuthenticationPlug alias Pleroma.Web.Plugs.AuthenticationPlug
import Pleroma.Web.Auth.Authenticator, import Pleroma.Web.Auth.Helpers, only: [fetch_credentials: 1, fetch_user: 1]
only: [fetch_credentials: 1, fetch_user: 1]
@behaviour Pleroma.Web.Auth.Authenticator @behaviour Pleroma.Web.Auth.Authenticator

View file

@ -0,0 +1,42 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Auth.WrapperAuthenticator do
@behaviour Pleroma.Web.Auth.Authenticator
defp implementation do
Pleroma.Config.get(
Pleroma.Web.Auth.Authenticator,
Pleroma.Web.Auth.PleromaAuthenticator
)
end
@impl true
def get_user(plug), do: implementation().get_user(plug)
@impl true
def create_from_registration(plug, registration),
do: implementation().create_from_registration(plug, registration)
@impl true
def get_registration(plug), do: implementation().get_registration(plug)
@impl true
def handle_error(plug, error),
do: implementation().handle_error(plug, error)
@impl true
def auth_template do
# Note: `config :pleroma, :auth_template, "..."` support is deprecated
implementation().auth_template() ||
Pleroma.Config.get([:auth, :auth_template], Pleroma.Config.get(:auth_template)) ||
"show.html"
end
@impl true
def oauth_consumer_template do
implementation().oauth_consumer_template() ||
Pleroma.Config.get([:auth, :oauth_consumer_template], "consumer.html")
end
end

View file

@ -12,7 +12,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
alias Pleroma.Registration alias Pleroma.Registration
alias Pleroma.Repo alias Pleroma.Repo
alias Pleroma.User alias Pleroma.User
alias Pleroma.Web.Auth.Authenticator alias Pleroma.Web.Auth.WrapperAuthenticator, as: Authenticator
alias Pleroma.Web.ControllerHelper alias Pleroma.Web.ControllerHelper
alias Pleroma.Web.OAuth.App alias Pleroma.Web.OAuth.App
alias Pleroma.Web.OAuth.Authorization alias Pleroma.Web.OAuth.Authorization

View file

@ -61,5 +61,5 @@
<% end %> <% end %>
<%= if Pleroma.Config.oauth_consumer_enabled?() do %> <%= if Pleroma.Config.oauth_consumer_enabled?() do %>
<%= render @view_module, Pleroma.Web.Auth.Authenticator.oauth_consumer_template(), assigns %> <%= render @view_module, Pleroma.Web.Auth.WrapperAuthenticator.oauth_consumer_template(), assigns %>
<% end %> <% end %>

View file

@ -11,8 +11,8 @@ defmodule Pleroma.Web.TwitterAPI.RemoteFollowController do
alias Pleroma.MFA alias Pleroma.MFA
alias Pleroma.Object.Fetcher alias Pleroma.Object.Fetcher
alias Pleroma.User alias Pleroma.User
alias Pleroma.Web.Auth.Authenticator
alias Pleroma.Web.Auth.TOTPAuthenticator alias Pleroma.Web.Auth.TOTPAuthenticator
alias Pleroma.Web.Auth.WrapperAuthenticator
alias Pleroma.Web.CommonAPI alias Pleroma.Web.CommonAPI
@status_types ["Article", "Event", "Note", "Video", "Page", "Question"] @status_types ["Article", "Event", "Note", "Video", "Page", "Question"]
@ -88,7 +88,7 @@ defmodule Pleroma.Web.TwitterAPI.RemoteFollowController do
# #
def do_follow(conn, %{"authorization" => %{"name" => _, "password" => _, "id" => id}}) do def do_follow(conn, %{"authorization" => %{"name" => _, "password" => _, "id" => id}}) do
with {_, %User{} = followee} <- {:fetch_user, User.get_cached_by_id(id)}, with {_, %User{} = followee} <- {:fetch_user, User.get_cached_by_id(id)},
{_, {:ok, user}, _} <- {:auth, Authenticator.get_user(conn), followee}, {_, {:ok, user}, _} <- {:auth, WrapperAuthenticator.get_user(conn), followee},
{_, _, _, false} <- {:mfa_required, followee, user, MFA.require?(user)}, {_, _, _, false} <- {:mfa_required, followee, user, MFA.require?(user)},
{:ok, _, _, _} <- CommonAPI.follow(user, followee) do {:ok, _, _, _} <- CommonAPI.follow(user, followee) do
redirect(conn, to: "/users/#{followee.id}") redirect(conn, to: "/users/#{followee.id}")

View file

@ -5,38 +5,38 @@
defmodule Pleroma.Web.Auth.AuthenticatorTest do defmodule Pleroma.Web.Auth.AuthenticatorTest do
use Pleroma.Web.ConnCase, async: true use Pleroma.Web.ConnCase, async: true
alias Pleroma.Web.Auth.Authenticator alias Pleroma.Web.Auth.Helpers
import Pleroma.Factory import Pleroma.Factory
describe "fetch_user/1" do describe "fetch_user/1" do
test "returns user by name" do test "returns user by name" do
user = insert(:user) user = insert(:user)
assert Authenticator.fetch_user(user.nickname) == user assert Helpers.fetch_user(user.nickname) == user
end end
test "returns user by email" do test "returns user by email" do
user = insert(:user) user = insert(:user)
assert Authenticator.fetch_user(user.email) == user assert Helpers.fetch_user(user.email) == user
end end
test "returns nil" do test "returns nil" do
assert Authenticator.fetch_user("email") == nil assert Helpers.fetch_user("email") == nil
end end
end end
describe "fetch_credentials/1" do describe "fetch_credentials/1" do
test "returns name and password from authorization params" do test "returns name and password from authorization params" do
params = %{"authorization" => %{"name" => "test", "password" => "test-pass"}} params = %{"authorization" => %{"name" => "test", "password" => "test-pass"}}
assert Authenticator.fetch_credentials(params) == {:ok, {"test", "test-pass"}} assert Helpers.fetch_credentials(params) == {:ok, {"test", "test-pass"}}
end end
test "returns name and password with grant_type 'password'" do test "returns name and password with grant_type 'password'" do
params = %{"grant_type" => "password", "username" => "test", "password" => "test-pass"} params = %{"grant_type" => "password", "username" => "test", "password" => "test-pass"}
assert Authenticator.fetch_credentials(params) == {:ok, {"test", "test-pass"}} assert Helpers.fetch_credentials(params) == {:ok, {"test", "test-pass"}}
end end
test "returns error" do test "returns error" do
assert Authenticator.fetch_credentials(%{}) == {:error, :invalid_credentials} assert Helpers.fetch_credentials(%{}) == {:error, :invalid_credentials}
end end
end end
end end