Introduce application tokens
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel
@@ -6,6 +6,8 @@ defmodule Mobilizon.Web.Auth.Context do
|
||||
|
||||
import Plug.Conn
|
||||
|
||||
alias Mobilizon.Applications.Application, as: AuthApplication
|
||||
alias Mobilizon.Applications.ApplicationToken
|
||||
alias Mobilizon.Users.User
|
||||
|
||||
@spec init(Plug.opts()) :: Plug.opts()
|
||||
@@ -28,18 +30,13 @@ defmodule Mobilizon.Web.Auth.Context do
|
||||
|
||||
{conn, context} =
|
||||
case Guardian.Plug.current_resource(conn) do
|
||||
%User{id: user_id, email: user_email} = user ->
|
||||
if Application.get_env(:sentry, :dsn) != nil do
|
||||
Sentry.Context.set_user_context(%{
|
||||
id: user_id,
|
||||
email: user_email,
|
||||
ip_address: context.ip
|
||||
})
|
||||
end
|
||||
%User{} = user ->
|
||||
set_user_context({conn, context}, user)
|
||||
|
||||
context = Map.put(context, :current_user, user)
|
||||
conn = assign(conn, :user_locale, user.locale)
|
||||
{conn, context}
|
||||
%ApplicationToken{user: %User{} = user} = app_token ->
|
||||
conn
|
||||
|> set_app_token_context(context, app_token)
|
||||
|> set_user_context(user)
|
||||
|
||||
nil ->
|
||||
{conn, context}
|
||||
@@ -49,4 +46,35 @@ defmodule Mobilizon.Web.Auth.Context do
|
||||
|
||||
put_private(conn, :absinthe, %{context: context})
|
||||
end
|
||||
|
||||
defp set_user_context({conn, context}, %User{id: user_id, email: user_email} = user) do
|
||||
if Application.get_env(:sentry, :dsn) != nil do
|
||||
Sentry.Context.set_user_context(%{
|
||||
id: user_id,
|
||||
email: user_email,
|
||||
ip_address: context.ip
|
||||
})
|
||||
end
|
||||
|
||||
context = Map.put(context, :current_user, user)
|
||||
conn = assign(conn, :user_locale, user.locale)
|
||||
{conn, context}
|
||||
end
|
||||
|
||||
defp set_app_token_context(
|
||||
conn,
|
||||
context,
|
||||
%ApplicationToken{application: %AuthApplication{client_id: client_id} = app} = app_token
|
||||
) do
|
||||
if Application.get_env(:sentry, :dsn) != nil do
|
||||
Sentry.Context.set_user_context(%{
|
||||
app_token_client_id: client_id
|
||||
})
|
||||
end
|
||||
|
||||
context =
|
||||
context |> Map.put(:current_auth_app_token, app_token) |> Map.put(:current_auth_app, app)
|
||||
|
||||
{conn, context}
|
||||
end
|
||||
end
|
||||
|
||||
@@ -10,14 +10,19 @@ defmodule Mobilizon.Web.Auth.Guardian do
|
||||
user: [:base]
|
||||
}
|
||||
|
||||
alias Mobilizon.Users
|
||||
alias Mobilizon.{Applications, Users}
|
||||
alias Mobilizon.Applications.ApplicationToken
|
||||
alias Mobilizon.Users.User
|
||||
|
||||
require Logger
|
||||
|
||||
@spec subject_for_token(any(), any()) :: {:ok, String.t()} | {:error, :unknown_resource}
|
||||
def subject_for_token(%User{} = user, _claims) do
|
||||
{:ok, "User:" <> to_string(user.id)}
|
||||
def subject_for_token(%User{id: user_id}, _claims) do
|
||||
{:ok, "User:" <> to_string(user_id)}
|
||||
end
|
||||
|
||||
def subject_for_token(%ApplicationToken{id: app_token_id}, _claims) do
|
||||
{:ok, "AppToken:" <> to_string(app_token_id)}
|
||||
end
|
||||
|
||||
def subject_for_token(_, _) do
|
||||
@@ -42,6 +47,25 @@ defmodule Mobilizon.Web.Auth.Guardian do
|
||||
end
|
||||
end
|
||||
|
||||
def resource_from_claims(%{"sub" => "AppToken:" <> id_str}) do
|
||||
Logger.debug(fn -> "Receiving claim for app token #{id_str}" end)
|
||||
|
||||
try do
|
||||
case Integer.parse(id_str) do
|
||||
{id, ""} ->
|
||||
application_token = Applications.get_application_token!(id)
|
||||
user = Users.get_user_with_actors!(application_token.user_id)
|
||||
application = Applications.get_application!(application_token.application_id)
|
||||
{:ok, application_token |> Map.put(:user, user) |> Map.put(:application, application)}
|
||||
|
||||
_ ->
|
||||
{:error, :invalid_id}
|
||||
end
|
||||
rescue
|
||||
Ecto.NoResultsError -> {:error, :no_result}
|
||||
end
|
||||
end
|
||||
|
||||
def resource_from_claims(_) do
|
||||
{:error, :no_claims}
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user