2019-12-23 19:57:14 +01:00
|
|
|
defmodule PhilomenaWeb.TorPlug do
|
|
|
|
|
@moduledoc """
|
|
|
|
|
This plug ensures that a Tor user is authenticated.
|
|
|
|
|
|
|
|
|
|
## Example
|
|
|
|
|
|
|
|
|
|
plug PhilomenaWeb.TorPlug
|
|
|
|
|
"""
|
2024-04-28 04:58:43 +02:00
|
|
|
use PhilomenaWeb, :verified_routes
|
|
|
|
|
|
2019-12-23 19:57:14 +01:00
|
|
|
alias Phoenix.Controller
|
|
|
|
|
alias Plug.Conn
|
|
|
|
|
|
|
|
|
|
@doc false
|
|
|
|
|
@spec init(any()) :: any()
|
|
|
|
|
def init(opts), do: opts
|
|
|
|
|
|
|
|
|
|
@doc false
|
|
|
|
|
@spec call(Conn.t(), any()) :: Conn.t()
|
|
|
|
|
def call(conn, _opts) do
|
|
|
|
|
onion? = onion?(conn.host)
|
|
|
|
|
user = conn.assigns.current_user
|
|
|
|
|
|
2023-03-30 18:44:12 +02:00
|
|
|
maybe_redirect(conn, user, onion?)
|
2019-12-23 19:57:14 +01:00
|
|
|
end
|
|
|
|
|
|
2023-03-30 18:44:12 +02:00
|
|
|
def maybe_redirect(conn, nil, true) do
|
2019-12-23 19:57:14 +01:00
|
|
|
conn
|
2024-04-29 02:55:27 +02:00
|
|
|
|> Controller.redirect(to: ~p"/sessions/new")
|
2019-12-23 19:57:14 +01:00
|
|
|
|> Conn.halt()
|
|
|
|
|
end
|
2020-01-11 05:20:19 +01:00
|
|
|
|
2023-03-30 18:44:12 +02:00
|
|
|
def maybe_redirect(conn, _user, _onion?), do: conn
|
2019-12-23 19:57:14 +01:00
|
|
|
|
|
|
|
|
# This is allowed, because nginx won't forward the request
|
|
|
|
|
# to the appserver if the hostname isn't in a specific list
|
|
|
|
|
# of allowed hostnames.
|
|
|
|
|
def onion?(host), do: String.ends_with?(host, ".onion")
|
|
|
|
|
end
|
