From a3f54fca4d67fd7938ae00752c2cd409b6cf15ae Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Wed, 5 Sep 2018 18:17:33 +0200
Subject: [PATCH] Add LegacyAuthenticationPlug

---
 .../plugs/legacy_authentication_plug.ex       | 31 ++++++++
 .../plugs/legacy_authentication_plug_test.exs | 72 +++++++++++++++++++
 2 files changed, 103 insertions(+)
 create mode 100644 lib/pleroma/plugs/legacy_authentication_plug.ex
 create mode 100644 test/plugs/legacy_authentication_plug_test.exs

diff --git a/lib/pleroma/plugs/legacy_authentication_plug.ex b/lib/pleroma/plugs/legacy_authentication_plug.ex
new file mode 100644
index 000000000..48c0aba88
--- /dev/null
+++ b/lib/pleroma/plugs/legacy_authentication_plug.ex
@@ -0,0 +1,31 @@
+defmodule Pleroma.Plugs.LegacyAuthenticationPlug do
+  import Plug.Conn
+  alias Pleroma.User
+
+  def init(options) do
+    options
+  end
+
+  def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
+
+  def call(
+        %{
+          assigns: %{
+            auth_user: %{password_hash: "$6$" <> _ = password_hash} = auth_user,
+            auth_credentials: %{password: password}
+          }
+        } = conn,
+        _
+      ) do
+    if :crypt.crypt(password, password_hash) == password_hash do
+      conn
+      |> assign(:user, auth_user)
+    else
+      conn
+    end
+  end
+
+  def call(conn, _) do
+    conn
+  end
+end
diff --git a/test/plugs/legacy_authentication_plug_test.exs b/test/plugs/legacy_authentication_plug_test.exs
new file mode 100644
index 000000000..90783f628
--- /dev/null
+++ b/test/plugs/legacy_authentication_plug_test.exs
@@ -0,0 +1,72 @@
+defmodule Pleroma.Plugs.LegacyAuthenticationPlugTest do
+  use Pleroma.Web.ConnCase, async: true
+
+  alias Pleroma.Plugs.LegacyAuthenticationPlug
+  alias Pleroma.User
+
+  setup do
+    # password is "password"
+    user = %User{
+      id: 1,
+      name: "dude",
+      password_hash:
+        "$6$9psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1"
+    }
+
+    %{user: user}
+  end
+
+  test "it does nothing if a user is assigned", %{conn: conn, user: user} do
+    conn =
+      conn
+      |> assign(:auth_credentials, %{username: "dude", password: "password"})
+      |> assign(:auth_user, user)
+      |> assign(:user, %User{})
+
+    ret_conn =
+      conn
+      |> LegacyAuthenticationPlug.call(%{})
+
+    assert ret_conn == conn
+  end
+
+  test "it authenticates the auth_user if present and password is correct", %{
+    conn: conn,
+    user: user
+  } do
+    conn =
+      conn
+      |> assign(:auth_credentials, %{username: "dude", password: "password"})
+      |> assign(:auth_user, user)
+
+    conn =
+      conn
+      |> LegacyAuthenticationPlug.call(%{})
+
+    assert conn.assigns.user == user
+  end
+
+  test "it does nothing if the password is wrong", %{
+    conn: conn,
+    user: user
+  } do
+    conn =
+      conn
+      |> assign(:auth_credentials, %{username: "dude", password: "wrong_password"})
+      |> assign(:auth_user, user)
+
+    ret_conn =
+      conn
+      |> LegacyAuthenticationPlug.call(%{})
+
+    assert conn == ret_conn
+  end
+
+  test "with no credentials or user it does nothing", %{conn: conn} do
+    ret_conn =
+      conn
+      |> LegacyAuthenticationPlug.call(%{})
+
+    assert ret_conn == conn
+  end
+end