Skip to content
Permalink
Browse files

verify auth domain

  • Loading branch information...
myfreeweb committed Sep 4, 2015
1 parent 77e65cb commit f52cad820cfd80de7a1d18482339595e9fde7d69
Showing with 9 additions and 3 deletions.
  1. +6 −2 library/Sweetroll/Auth.hs
  2. +3 −1 templates/entry.ejs
@@ -23,6 +23,7 @@ import Web.JWT hiding (header)
import Network.HTTP.Types
import qualified Network.HTTP.Client as HC
import qualified Network.Wai as Wai
import Network.URI
import Servant
import Servant.Server.Internal (succeedWith)
import Servant.Server.Internal.Enter
@@ -93,10 +94,13 @@ postLogin params = do
resp withSuccessfulRequest req $ \resp liftM readForm $ HC.responseBody resp $$ C.sinkLazy Sweetroll (Maybe [(Text, Text)]) -- TODO: check content-type
case resp of
Just indieAuthRespParams do
domain getConfOpt domainName
let me = fromMaybe "" $ lookup "me" indieAuthRespParams
guardBool err401 $ Just domain == (fmap (cs . uriRegName) $ uriAuthority $ fromMaybe nullURI $ parseURI $ cs me)
putStrLn $ cs $ "Authenticated a client: " ++ fromMaybe "unknown" (lookup "client_id" params)
makeAccessToken (fromMaybe "" $ lookup "me" indieAuthRespParams)
makeAccessToken me
(fromMaybe "post" $ lookup "scope" indieAuthRespParams)
(fromMaybe "example.com" $ lookup "client_id" indieAuthRespParams)
(fromMaybe "example.com" $ lookup "client_id" params)
Nothing do
putStrLn $ cs $ "Authentication error: " ++ show params
throwError err401
@@ -26,7 +26,9 @@
<% } %>
</time>
<% if (!_.isEmpty(properties['client-id'])) { %>
using <a href="${ _.head(properties['client-id']) }" class="u-client-id"><%= _.head(properties['client-id']).replace('http://', '').replace('https://', '') %></a>
using <a href="${ _.head(properties['client-id']) }" class="u-client-id">
<%= _.trimRight(_.head(properties['client-id']).replace('http://', '').replace('https://', ''), '/') %>
</a>
<% } %>
<% if (!_.isEmpty(properties.updated) && (_.head(properties.updated) != _.head(properties.published))) { %>
and updated on

0 comments on commit f52cad8

Please sign in to comment.
You can’t perform that action at this time.