requested changes to mongoose_im_controller.ex

This commit is contained in:
fence 2020-04-27 19:11:03 +02:00
parent 5c7cc10917
commit cc1e2e8d0f

View File

@ -14,7 +14,7 @@ defmodule Pleroma.Web.MongooseIM.MongooseIMController do
plug(RateLimiter, [name: :authentication, params: ["user"]] when action == :check_password) plug(RateLimiter, [name: :authentication, params: ["user"]] when action == :check_password)
def user_exists(conn, %{"user" => username}) do def user_exists(conn, %{"user" => username}) do
with %User{} <- Repo.get_by(User, nickname: username, local: true) do with %User{} <- Repo.get_by(User, nickname: username, local: true, deactivated: false) do
conn conn
|> json(true) |> json(true)
else else
@ -26,41 +26,22 @@ defmodule Pleroma.Web.MongooseIM.MongooseIMController do
end end
def check_password(conn, %{"user" => username, "pass" => password}) do def check_password(conn, %{"user" => username, "pass" => password}) do
user = Repo.get_by(User, nickname: username, local: true) with %User{password_hash: password_hash, deactivated: false} <-
Repo.get_by(User, nickname: username, local: true),
state = case user do true <- Pbkdf2.checkpw(password, password_hash) do
nil -> nil conn
_ -> User.account_status(user) |> json(true)
end else
false ->
case state do
:deactivated ->
conn conn
|> put_status(:not_found) |> put_status(:forbidden)
|> json(false)
:confirmation_pending ->
conn
|> put_status(:not_found)
|> json(false) |> json(false)
_ -> _ ->
with %User{password_hash: password_hash} <- conn
user, |> put_status(:not_found)
true <- Pbkdf2.checkpw(password, password_hash) do |> json(false)
conn
|> json(true)
else
false ->
conn
|> put_status(:forbidden)
|> json(false)
_ ->
conn
|> put_status(:not_found)
|> json(false)
end
end end
end end
end end