MastoAPI and OAuth: allow login with either email or username.

This commit is contained in:
eal 2018-04-18 13:13:57 +03:00
parent e153b364a7
commit 947431e9aa
5 changed files with 11 additions and 4 deletions

View File

@ -250,6 +250,13 @@ def get_by_nickname(nickname) do
Repo.get_by(User, nickname: nickname) Repo.get_by(User, nickname: nickname)
end end
def get_by_nickname_or_email(nickname_or_email) do
case user = Repo.get_by(User, nickname: nickname_or_email) do
%User{} -> user
nil -> Repo.get_by(User, email: nickname_or_email)
end
end
def get_cached_user_info(user) do def get_cached_user_info(user) do
key = "user_info:#{user.id}" key = "user_info:#{user.id}"
Cachex.get!(:user_cache, key, fallback: fn _ -> user_info(user) end) Cachex.get!(:user_cache, key, fallback: fn _ -> user_info(user) end)

View File

@ -693,7 +693,7 @@ defp get_or_make_app() do
end end
def login_post(conn, %{"authorization" => %{"name" => name, "password" => password}}) do def login_post(conn, %{"authorization" => %{"name" => name, "password" => password}}) do
with %User{} = user <- User.get_cached_by_nickname(name), with %User{} = user <- User.get_by_nickname_or_email(name),
true <- Pbkdf2.checkpw(password, user.password_hash), true <- Pbkdf2.checkpw(password, user.password_hash),
{:ok, app} <- get_or_make_app(), {:ok, app} <- get_or_make_app(),
{:ok, auth} <- Authorization.create_authorization(app, user), {:ok, auth} <- Authorization.create_authorization(app, user),

View File

@ -29,7 +29,7 @@ def create_authorization(conn, %{
"redirect_uri" => redirect_uri "redirect_uri" => redirect_uri
} = params } = params
}) do }) do
with %User{} = user <- User.get_cached_by_nickname(name), with %User{} = user <- User.get_by_nickname_or_email(name),
true <- Pbkdf2.checkpw(password, user.password_hash), true <- Pbkdf2.checkpw(password, user.password_hash),
%App{} = app <- Repo.get_by(App, client_id: client_id), %App{} = app <- Repo.get_by(App, client_id: client_id),
{:ok, auth} <- Authorization.create_authorization(app, user) do {:ok, auth} <- Authorization.create_authorization(app, user) do

View File

@ -3,7 +3,7 @@
<h2><%= @error %></h2> <h2><%= @error %></h2>
<% end %> <% end %>
<%= form_for @conn, mastodon_api_path(@conn, :login), [as: "authorization"], fn f -> %> <%= form_for @conn, mastodon_api_path(@conn, :login), [as: "authorization"], fn f -> %>
<%= text_input f, :name, placeholder: "Username" %> <%= text_input f, :name, placeholder: "Username or email" %>
<br> <br>
<%= password_input f, :password, placeholder: "Password" %> <%= password_input f, :password, placeholder: "Password" %>
<br> <br>

View File

@ -2,7 +2,7 @@
<p class="alert alert-danger" role="alert"><%= get_flash(@conn, :error) %></p> <p class="alert alert-danger" role="alert"><%= get_flash(@conn, :error) %></p>
<h2>OAuth Authorization</h2> <h2>OAuth Authorization</h2>
<%= form_for @conn, o_auth_path(@conn, :authorize), [as: "authorization"], fn f -> %> <%= form_for @conn, o_auth_path(@conn, :authorize), [as: "authorization"], fn f -> %>
<%= label f, :name, "Name" %> <%= label f, :name, "Name or email" %>
<%= text_input f, :name %> <%= text_input f, :name %>
<br> <br>
<%= label f, :password, "Password" %> <%= label f, :password, "Password" %>