diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
index e92114f57..51a7ec2b2 100644
--- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
+++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
@@ -985,9 +985,30 @@ def put_settings(%{assigns: %{user: user}} = conn, %{"data" => settings} = _para
end
end
+ def login(conn, %{"code" => code}) do
+ with {:ok, app} <- get_or_make_app(),
+ %Authorization{} = auth <- Repo.get_by(Authorization, token: code, app_id: app.id),
+ {:ok, token} <- Token.exchange_token(app, auth) do
+
+ conn
+ |> put_session(:oauth_token, token.token)
+ |> redirect(to: "/web/getting-started")
+ end
+ end
+
def login(conn, _) do
- conn
- |> render(MastodonView, "login.html", %{error: false})
+ with {:ok, app} <- get_or_make_app() do
+ path =
+ o_auth_path(conn, :authorize,
+ response_type: "code",
+ client_id: app.client_id,
+ redirect_uri: ".",
+ scope: app.scopes
+ )
+
+ conn
+ |> redirect(to: path)
+ end
end
defp get_or_make_app() do
@@ -1006,22 +1027,6 @@ defp get_or_make_app() do
end
end
- def login_post(conn, %{"authorization" => %{"name" => name, "password" => password}}) do
- with %User{} = user <- User.get_by_nickname_or_email(name),
- true <- Pbkdf2.checkpw(password, user.password_hash),
- {:ok, app} <- get_or_make_app(),
- {:ok, auth} <- Authorization.create_authorization(app, user),
- {:ok, token} <- Token.exchange_token(app, auth) do
- conn
- |> put_session(:oauth_token, token.token)
- |> redirect(to: "/web/getting-started")
- else
- _e ->
- conn
- |> render(MastodonView, "login.html", %{error: "Wrong username or password"})
- end
- end
-
def logout(conn, _) do
conn
|> clear_session
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex
index 5441ee0a8..35c158fbb 100644
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@@ -33,25 +33,35 @@ def create_authorization(conn, %{
true <- Pbkdf2.checkpw(password, user.password_hash),
%App{} = app <- Repo.get_by(App, client_id: client_id),
{:ok, auth} <- Authorization.create_authorization(app, user) do
- if redirect_uri == "urn:ietf:wg:oauth:2.0:oob" do
- render(conn, "results.html", %{
- auth: auth
- })
- else
- connector = if String.contains?(redirect_uri, "?"), do: "&", else: "?"
- url = "#{redirect_uri}#{connector}"
- url_params = %{:code => auth.token}
+ # Special case: Local MastodonFE.
+ redirect_uri =
+ if redirect_uri == "." do
+ mastodon_api_url(conn, :login)
+ else
+ redirect_uri
+ end
- url_params =
- if params["state"] do
- Map.put(url_params, :state, params["state"])
- else
- url_params
- end
+ cond do
+ redirect_uri == "urn:ietf:wg:oauth:2.0:oob" ->
+ render(conn, "results.html", %{
+ auth: auth
+ })
- url = "#{url}#{Plug.Conn.Query.encode(url_params)}"
+ true ->
+ connector = if String.contains?(redirect_uri, "?"), do: "&", else: "?"
+ url = "#{redirect_uri}#{connector}"
+ url_params = %{:code => auth.token}
- redirect(conn, external: url)
+ url_params =
+ if params["state"] do
+ Map.put(url_params, :state, params["state"])
+ else
+ url_params
+ end
+
+ url = "#{url}#{Plug.Conn.Query.encode(url_params)}"
+
+ redirect(conn, external: url)
end
end
end
diff --git a/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex b/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex
deleted file mode 100644
index 34cd7ed89..000000000
--- a/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex
+++ /dev/null
@@ -1,11 +0,0 @@
-Login to Mastodon Frontend
-<%= if @error do %>
- <%= @error %>
-<% end %>
-<%= form_for @conn, mastodon_api_path(@conn, :login), [as: "authorization"], fn f -> %>
-<%= text_input f, :name, placeholder: "Username or email" %>
-
-<%= password_input f, :password, placeholder: "Password" %>
-
-<%= submit "Log in" %>
-<% end %>