From 66107c0523ddef8e239ccd2532c0a68851031ed4 Mon Sep 17 00:00:00 2001 From: Silas Date: Tue, 22 Feb 2022 00:43:16 -0500 Subject: [PATCH] add support for username authentication --- assets/js/pages/AuthPage.tsx | 2 ++ lib/entendu/user_from_auth.ex | 22 ++++++++++++++----- .../controllers/auth_controller.ex | 2 +- .../controllers/link_controller.ex | 4 ++-- lib/entendu_web/plugs/authorize_link.ex | 2 +- 5 files changed, 23 insertions(+), 9 deletions(-) diff --git a/assets/js/pages/AuthPage.tsx b/assets/js/pages/AuthPage.tsx index 82cff5d..e3eda6c 100644 --- a/assets/js/pages/AuthPage.tsx +++ b/assets/js/pages/AuthPage.tsx @@ -84,6 +84,8 @@ const AuthPage = (props: AuthPageProps) => { } else { key = fragmentData[0]; iv = fragmentData[1]; + sessionStorage.setItem("link_key", key); + sessionStorage.setItem("link_iv", iv); } if (key && iv) { diff --git a/lib/entendu/user_from_auth.ex b/lib/entendu/user_from_auth.ex index a94c71d..6831212 100644 --- a/lib/entendu/user_from_auth.ex +++ b/lib/entendu/user_from_auth.ex @@ -33,12 +33,21 @@ defmodule Entendu.UserFromAuth do defp emails_from_auth(_auth), do: [] + defp username_from_auth(%Auth{info: %{nickname: username}}), do: username + + defp username_from_auth(auth) do + Logger.warn("#{auth.provider} needs to be configured for accessing their username!") + IO.inspect(auth, label: "username_from_auth") + nil + end + defp basic_info(auth) do %{ id: auth.uid, name: name_from_auth(auth), avatar: avatar_from_auth(auth), - emails: emails_from_auth(auth) + emails: emails_from_auth(auth), + username: username_from_auth(auth) } end @@ -58,8 +67,11 @@ defmodule Entendu.UserFromAuth do end end - def can_access?(recipient, emails) do - emails - |> Enum.any?(&(&1["verified"] == true and &1["email"] == recipient)) - end + def can_access?(recipient, %{emails: emails, username: username}), + do: email_matches?(recipient, emails) || username_matches?(recipient, username) + + defp email_matches?(recipient, emails), + do: emails |> Enum.any?(&(&1["verified"] == true and &1["email"] == recipient)) + + defp username_matches?(recipient, username), do: String.trim(username) === recipient end diff --git a/lib/entendu_web/controllers/auth_controller.ex b/lib/entendu_web/controllers/auth_controller.ex index c439f77..b53a03d 100644 --- a/lib/entendu_web/controllers/auth_controller.ex +++ b/lib/entendu_web/controllers/auth_controller.ex @@ -29,7 +29,7 @@ defmodule EntenduWeb.AuthController do with %{id: link_id, recipient: recipient} <- link, {:ok, user} <- UserFromAuth.find_or_create(auth), - true <- UserFromAuth.can_access?(recipient, user.emails) do + true <- UserFromAuth.can_access?(recipient, user) do # TODO: send over encrypted data that the frontend can decrypt conn diff --git a/lib/entendu_web/controllers/link_controller.ex b/lib/entendu_web/controllers/link_controller.ex index e6f33de..9d3596a 100644 --- a/lib/entendu_web/controllers/link_controller.ex +++ b/lib/entendu_web/controllers/link_controller.ex @@ -55,7 +55,7 @@ defmodule EntenduWeb.LinkController do def text(conn, %{"id" => link_id}) do with user = get_session(conn, :current_user), %Link{recipient: recipient} = link <- Links.get_link(link_id), - true <- UserFromAuth.can_access?(recipient, user.emails) do + true <- UserFromAuth.can_access?(recipient, user) do path = EncryptedLink.url({link.text_content, link}) send_file(conn, 200, path) end @@ -64,7 +64,7 @@ defmodule EntenduWeb.LinkController do def file(conn, %{"id" => link_id}) do with user = get_session(conn, :current_user), %Link{recipient: recipient} = link <- Links.get_link(link_id), - true <- UserFromAuth.can_access?(recipient, user.emails) do + true <- UserFromAuth.can_access?(recipient, user) do path = EncryptedLink.url({link.file_content, link}) send_file(conn, 200, path) end diff --git a/lib/entendu_web/plugs/authorize_link.ex b/lib/entendu_web/plugs/authorize_link.ex index 0f6c683..feba3d8 100644 --- a/lib/entendu_web/plugs/authorize_link.ex +++ b/lib/entendu_web/plugs/authorize_link.ex @@ -25,7 +25,7 @@ defmodule EntenduWeb.Plugs.AuthorizeLink do else with {:ok, user} <- get_user_from_path(conn), %Link{recipient: recipient} = link <- Links.get_link(link_id), - true <- UserFromAuth.can_access?(recipient, user.emails) do + true <- UserFromAuth.can_access?(recipient, user) do conn |> assign(:link, link) else