livebook-dev/livebook
1
1
Fork 0
mirror of https://github.com/livebook-dev/livebook.git synced 2025-09-11 23:44:23 +08:00
Code Issues Projects Releases Packages Wiki Activity

Apply review comments

Browse source
This commit is contained in:
Alexandre de Souza 2025-05-02 13:42:50 -03:00
parent dbe52058c9
commit 4527af5153
No known key found for this signature in database
GPG key ID: E39228FFBA346545
3 changed files with 13 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/livebook_web/live/hooks/auth_hook.ex
View file

@ -6,7 +6,7 @@ defmodule LivebookWeb.AuthHook do
def on_mount(:default, _params, session, socket) do
uri = get_connect_info(socket, :uri)
if LivebookWeb.AuthPlug.authenticated?(session || %{}, uri.port) do
if LivebookWeb.AuthPlug.authorized?(session || %{}, uri.port) do
{:cont, socket}
else
{:halt, redirect(socket, to: ~p"/")}

23
lib/livebook_web/plugs/auth_plug.ex
View file

@ -40,11 +40,7 @@ defmodule LivebookWeb.AuthPlug do
authenticated?(get_session(conn), conn.port)
end
@doc """
Checks if the given session is authenticated.
"""
@spec authenticated?(map(), non_neg_integer()) :: boolean()
def authenticated?(session, port) do
defp authenticated?(session, port) do
case authentication(session) do
%{mode: :disabled} ->
true
@ -60,14 +56,15 @@ defmodule LivebookWeb.AuthPlug do
"""
@spec authorized?(Plug.Conn.t()) :: boolean()
def authorized?(%Plug.Conn{} = conn) do
# User has access only to specific app pages, so they do not have
# access to any pages guarded by this plug.
LivebookWeb.UserPlug.build_current_user(
get_session(conn),
conn.assigns.identity_data,
conn.assigns.user_data
).restricted_apps_groups == nil
# Note that if the user has access restricted to specific app pages,
# they are not authorized and have no access to any pages guarded
# by this plug.
authenticated?(conn) and
LivebookWeb.UserPlug.build_current_user(
get_session(conn),
conn.assigns.identity_data,
conn.assigns.user_data
).restricted_apps_groups == nil
end
@doc """

4
lib/livebook_web/router.ex
View file

@ -59,7 +59,7 @@ defmodule LivebookWeb.Router do
end
live_session :default,
on_mount: [LivebookWeb.AuthHook, LivebookWeb.UserHook, LivebookWeb.Confirm],
on_mount: [LivebookWeb.UserHook, LivebookWeb.AuthHook, LivebookWeb.Confirm],
session: {LivebookWeb.UserPlug, :extra_lv_session, []} do
scope "/", LivebookWeb do
pipe_through [:browser, :auth]
@ -139,7 +139,7 @@ defmodule LivebookWeb.Router do
end
live_session :apps,
on_mount: [LivebookWeb.AppAuthHook, LivebookWeb.UserHook, LivebookWeb.Confirm],
on_mount: [LivebookWeb.UserHook, LivebookWeb.AppAuthHook, LivebookWeb.Confirm],
session: {LivebookWeb.UserPlug, :extra_lv_session, []} do
scope "/", LivebookWeb do
pipe_through [:browser, :user]