From 3a4773c3c2bd0bbef244eb519b07208da9108e49 Mon Sep 17 00:00:00 2001
From: dcc <dcc@logografos.com>
Date: Sat, 2 Sep 2023 00:52:52 -0700
Subject: First

---
 lib/pleroma/web/plugs/basic_auth_decoder_plug.ex | 31 ++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 lib/pleroma/web/plugs/basic_auth_decoder_plug.ex

(limited to 'lib/pleroma/web/plugs/basic_auth_decoder_plug.ex')

diff --git a/lib/pleroma/web/plugs/basic_auth_decoder_plug.ex b/lib/pleroma/web/plugs/basic_auth_decoder_plug.ex
new file mode 100644
index 0000000..3eb13f9
--- /dev/null
+++ b/lib/pleroma/web/plugs/basic_auth_decoder_plug.ex
@@ -0,0 +1,31 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.Plugs.BasicAuthDecoderPlug do
+  @moduledoc """
+  Decodes HTTP Basic Auth information and assigns `:auth_credentials`.
+
+  NOTE: no checks are performed at this step, auth_credentials/username could be easily faked.
+  """
+
+  import Plug.Conn
+
+  def init(options) do
+    options
+  end
+
+  def call(conn, _opts) do
+    with ["Basic " <> header] <- get_req_header(conn, "authorization"),
+         {:ok, userinfo} <- Base.decode64(header),
+         [username, password] <- String.split(userinfo, ":", parts: 2) do
+      conn
+      |> assign(:auth_credentials, %{
+        username: username,
+        password: password
+      })
+    else
+      _ -> conn
+    end
+  end
+end
-- 
cgit v1.2.3