Add a way to use the admin api without a user.

2018-12-18 21:08:52 +01:00 · 2018-12-18 21:08:52 +01:00 · f3eb414e28
commit f3eb414e28
parent 443d59baa0
4 changed files with 78 additions and 1 deletions
--- a/lib/pleroma/plugs/admin_secret_authentication_plug.ex
+++ b/lib/pleroma/plugs/admin_secret_authentication_plug.ex
@ -0,0 +1,25 @@
+defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
+  import Plug.Conn
+  alias Pleroma.User
+
+  def init(options) do
+    options
+  end
+
+  def secret_token do
+    Pleroma.Config.get(:admin_token)
+  end
+
+  def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
+
+  def call(%{params: %{"admin_token" => admin_token}} = conn, _) do
+    if secret_token() && admin_token == secret_token() do
+      conn
+      |> assign(:user, %User{info: %{is_admin: true}})
+    else
+      conn
+    end
+  end
+
+  def call(conn, _), do: conn
+end
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@ -38,6 +38,7 @@ defmodule Pleroma.Web.Router do
    plug(Pleroma.Plugs.SessionAuthenticationPlug)
    plug(Pleroma.Plugs.LegacyAuthenticationPlug)
    plug(Pleroma.Plugs.AuthenticationPlug)
+    plug(Pleroma.Plugs.AdminSecretAuthenticationPlug)
    plug(Pleroma.Plugs.UserEnabledPlug)
    plug(Pleroma.Plugs.SetUserSessionIdPlug)
    plug(Pleroma.Plugs.EnsureAuthenticatedPlug)