diff options
Diffstat (limited to 'lib/matrix_app_service/auth_plug.ex')
-rw-r--r-- | lib/matrix_app_service/auth_plug.ex | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/lib/matrix_app_service/auth_plug.ex b/lib/matrix_app_service/auth_plug.ex index 0768caa..529cefd 100644 --- a/lib/matrix_app_service/auth_plug.ex +++ b/lib/matrix_app_service/auth_plug.ex @@ -9,18 +9,26 @@ defmodule MatrixAppService.AuthPlug do end @impl Plug - def call(%Plug.Conn{params: %{"access_token" => hs_token}} = conn, config_hs_token) - when hs_token == config_hs_token do - conn + def call(%Plug.Conn{params: %{"access_token" => hs_token}} = conn, config_hs_token) do + with ^config_hs_token <- hs_token do + conn + else + _ -> + Logger.warn("Received invalid homeserver token") + respond_error(conn, 403) + end end def call(conn, _config_hs_token) do - Logger.warn("Received invalid homeserver token") + Logger.warn("No homeserver token provided") + respond_error(conn, 401) + end + defp respond_error(conn, error_code) do conn - |> put_status(:unauthorized) + |> put_status(error_code) |> Phoenix.Controller.put_view(MatrixAppServiceWeb.ErrorView) - |> Phoenix.Controller.render("401.json") + |> Phoenix.Controller.render("#{error_code}.json") |> halt end end |