Session-based OAuth auth fixes (token expiration check), refactoring, tweaks.

2020-11-21 19:47:25 +03:00 · 2020-11-21 19:47:25 +03:00 · ccc2cf0e87
commit ccc2cf0e87
parent 73e66fd31f
11 changed files with 164 additions and 196 deletions
--- a/lib/pleroma/helpers/auth_helper.ex
+++ b/lib/pleroma/helpers/auth_helper.ex
@ -5,13 +5,21 @@
 defmodule Pleroma.Helpers.AuthHelper do
  alias Pleroma.Web.Plugs.OAuthScopesPlug

+  import Plug.Conn
+
  @doc """
  Skips OAuth permissions (scopes) checks, assigns nil `:token`.
  Intended to be used with explicit authentication and only when OAuth token cannot be determined.
  """
  def skip_oauth(conn) do
    conn
-    |> Plug.Conn.assign(:token, nil)
+    |> assign(:token, nil)
    |> OAuthScopesPlug.skip_plug()
  end
+
+  def drop_auth_info(conn) do
+    conn
+    |> assign(:user, nil)
+    |> assign(:token, nil)
+  end
 end