From f3eb414e282dd0e3bd5c60838e45c69cf21541e4 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Tue, 18 Dec 2018 21:08:52 +0100
Subject: Add a way to use the admin api without a user.

---
 .../plugs/admin_secret_authentication_plug.ex      | 25 ++++++++++++++++++++++
 lib/pleroma/web/router.ex                          |  1 +
 2 files changed, 26 insertions(+)
 create mode 100644 lib/pleroma/plugs/admin_secret_authentication_plug.ex

(limited to 'lib')

diff --git a/lib/pleroma/plugs/admin_secret_authentication_plug.ex b/lib/pleroma/plugs/admin_secret_authentication_plug.ex
new file mode 100644
index 000000000..f61a6ee24
--- /dev/null
+++ b/lib/pleroma/plugs/admin_secret_authentication_plug.ex
@@ -0,0 +1,25 @@
+defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
+  import Plug.Conn
+  alias Pleroma.User
+
+  def init(options) do
+    options
+  end
+
+  def secret_token do
+    Pleroma.Config.get(:admin_token)
+  end
+
+  def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
+
+  def call(%{params: %{"admin_token" => admin_token}} = conn, _) do
+    if secret_token() && admin_token == secret_token() do
+      conn
+      |> assign(:user, %User{info: %{is_admin: true}})
+    else
+      conn
+    end
+  end
+
+  def call(conn, _), do: conn
+end
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
index dd1985d6e..e988f1088 100644
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -38,6 +38,7 @@ defmodule Pleroma.Web.Router do
     plug(Pleroma.Plugs.SessionAuthenticationPlug)
     plug(Pleroma.Plugs.LegacyAuthenticationPlug)
     plug(Pleroma.Plugs.AuthenticationPlug)
+    plug(Pleroma.Plugs.AdminSecretAuthenticationPlug)
     plug(Pleroma.Plugs.UserEnabledPlug)
     plug(Pleroma.Plugs.SetUserSessionIdPlug)
     plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
-- 
cgit v1.2.3