mirror of
https://github.com/plausible/analytics.git
synced 2024-12-25 10:33:01 +03:00
755345f4ba
* Implement Plugins API Token schema * Work with domain change grace period * Do not cast internal data, extend schema with hints * Implement Plugins API authorization * Test no authorization header passed * Preload authorized site * Fixup typespecs
39 lines
922 B
Elixir
39 lines
922 B
Elixir
defmodule PlausibleWeb.Plugs.AuthorizePluginsAPI do
|
|
@moduledoc """
|
|
Plug for Basic HTTP Authentication using
|
|
Plugins API Tokens lookup.
|
|
"""
|
|
|
|
alias PlausibleWeb.Plugins.API.Errors
|
|
alias Plausible.Plugins.API.Tokens
|
|
|
|
def init(opts), do: opts
|
|
|
|
def call(conn, _opts \\ []) do
|
|
with {:ok, domain, token} <- extract_token(conn),
|
|
{:ok, conn} <- authorize(conn, domain, token) do
|
|
conn
|
|
end
|
|
end
|
|
|
|
defp authorize(conn, domain, token_value) do
|
|
case Tokens.find(domain, token_value) do
|
|
{:ok, token} ->
|
|
{:ok, Plug.Conn.assign(conn, :authorized_site, token.site)}
|
|
|
|
{:error, :not_found} ->
|
|
Errors.unauthorized(conn)
|
|
end
|
|
end
|
|
|
|
defp extract_token(conn) do
|
|
case Plug.BasicAuth.parse_basic_auth(conn) do
|
|
{token_identifier, token_value} ->
|
|
{:ok, token_identifier, token_value}
|
|
|
|
:error ->
|
|
Errors.unauthorized(conn)
|
|
end
|
|
end
|
|
end
|