rdiedrich/something-erlang
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

auth via somethingawful cookie

Browse Source
This commit is contained in:
Rüdiger Diedrich
2024-03-29 15:54:42 +01:00
parent b26434b795
commit c111723740
21 changed files with 408 additions and 1134 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/something_erlang_web/live/thread_live.ex
View File

@ -73,7 +73,7 @@ defmodule SomethingErlangWeb.ThreadLive do
<%= for btn <- buttons(@thread) do %>
<.link
class={["btn btn-sm btn-ghost", btn.special]}
navigate={~p"/thread/#{@thread.id}?page=#{btn.page}"}
patch={~p"/thread/#{@thread.id}?page=#{btn.page}"}
>
<.label_button label={btn.label} page={btn.page} />
</.link>
@ -127,9 +127,11 @@ defmodule SomethingErlangWeb.ThreadLive do
]
end
def mount(params, session, socket) do
Grover.mount(socket.assigns.current_user)
session |> IO.inspect()
def mount(_params, session, socket) do
socket.assigns.current_user
|> Map.put(:bbpassword, session["bbpassword"])
|> Grover.mount()
{:ok, socket}
end

45
lib/something_erlang_web/live/user_confirmation_instructions_live.ex
View File

@ -1,45 +0,0 @@
defmodule SomethingErlangWeb.UserConfirmationInstructionsLive do
use SomethingErlangWeb, :live_view
alias SomethingErlang.Accounts
def render(assigns) do
~H"""
<.header>Resend confirmation instructions</.header>
<.simple_form :let={f} for={:user} id="resend_confirmation_form" phx-submit="send_instructions">
<.input field={{f, :email}} type="email" label="Email" required />
<:actions>
<.button phx-disable-with="Sending...">Resend confirmation instructions</.button>
</:actions>
</.simple_form>
<p>
<.link href={~p"/users/register"}>Register</.link>
|
<.link href={~p"/users/log_in"}>Log in</.link>
</p>
"""
end
def mount(_params, _session, socket) do
{:ok, socket}
end
def handle_event("send_instructions", %{"user" => %{"email" => email}}, socket) do
if user = Accounts.get_user_by_email(email) do
Accounts.deliver_user_confirmation_instructions(
user,
&url(~p"/users/confirm/#{&1}")
)
end
info =
"If your email is in our system and it has not been confirmed yet, you will receive an email with instructions shortly."
{:noreply,
socket
|> put_flash(:info, info)
|> redirect(to: ~p"/")}
end
end

58
lib/something_erlang_web/live/user_confirmation_live.ex
View File

@ -1,58 +0,0 @@
defmodule SomethingErlangWeb.UserConfirmationLive do
use SomethingErlangWeb, :live_view
alias SomethingErlang.Accounts
def render(%{live_action: :edit} = assigns) do
~H"""
<div class="mx-auto max-w-sm">
<.header class="text-center">Confirm Account</.header>
<.simple_form :let={f} for={:user} id="confirmation_form" phx-submit="confirm_account">
<.input field={{f, :token}} type="hidden" value={@token} />
<:actions>
<.button phx-disable-with="Confirming..." class="w-full">Confirm my account</.button>
</:actions>
</.simple_form>
<p class="text-center mt-4">
<.link href={~p"/users/register"}>Register</.link>
|
<.link href={~p"/users/log_in"}>Log in</.link>
</p>
</div>
"""
end
def mount(params, _session, socket) do
{:ok, assign(socket, token: params["token"]), temporary_assigns: [token: nil]}
end
# Do not log in the user after confirmation to avoid a
# leaked token giving the user access to the account.
def handle_event("confirm_account", %{"user" => %{"token" => token}}, socket) do
case Accounts.confirm_user(token) do
{:ok, _} ->
{:noreply,
socket
|> put_flash(:info, "User confirmed successfully.")
|> redirect(to: ~p"/")}
:error ->
# If there is a current user and the account was already confirmed,
# then odds are that the confirmation link was already visited, either
# by some automation or by the user themselves, so we redirect without
# a warning message.
case socket.assigns do
%{current_user: %{confirmed_at: confirmed_at}} when not is_nil(confirmed_at) ->
{:noreply, redirect(socket, to: ~p"/")}
%{} ->
{:noreply,
socket
|> put_flash(:error, "User confirmation link is invalid or it has expired.")
|> redirect(to: ~p"/")}
end
end
end
end

51
lib/something_erlang_web/live/user_forgot_password_live.ex
View File

@ -1,51 +0,0 @@
defmodule SomethingErlangWeb.UserForgotPasswordLive do
use SomethingErlangWeb, :live_view
alias SomethingErlang.Accounts
def render(assigns) do
~H"""
<div class="mx-auto max-w-sm">
<.header class="text-center">
Forgot your password?
<:subtitle>We'll send a password reset link to your inbox</:subtitle>
</.header>
<.simple_form :let={f} id="reset_password_form" for={:user} phx-submit="send_email">
<.input field={{f, :email}} type="email" placeholder="Email" required />
<:actions>
<.button phx-disable-with="Sending..." class="w-full">
Send password reset instructions
</.button>
</:actions>
</.simple_form>
<p class="text-center mt-4">
<.link href={~p"/users/register"}>Register</.link>
|
<.link href={~p"/users/log_in"}>Log in</.link>
</p>
</div>
"""
end
def mount(_params, _session, socket) do
{:ok, socket}
end
def handle_event("send_email", %{"user" => %{"email" => email}}, socket) do
if user = Accounts.get_user_by_email(email) do
Accounts.deliver_user_reset_password_instructions(
user,
&url(~p"/users/reset_password/#{&1}")
)
end
info =
"If your email is in our system, you will receive instructions to reset your password shortly."
{:noreply,
socket
|> put_flash(:info, info)
|> redirect(to: ~p"/")}
end
end

22
lib/something_erlang_web/live/user_login_live.ex
View File

@ -4,7 +4,7 @@ defmodule SomethingErlangWeb.UserLoginLive do
def render(assigns) do
~H"""
<div class="mx-auto max-w-sm">
<.header class="text-center">
<.header class="text-center text-neutral-content">
Sign in to account
<:subtitle>
Don't have an account?
@ -15,19 +15,12 @@ defmodule SomethingErlangWeb.UserLoginLive do
</:subtitle>
</.header>
<.simple_form
:let={f}
id="login_form"
for={:user}
action={~p"/users/log_in"}
as={:user}
phx-update="ignore"
>
<.input field={{f, :email}} type="email" label="Email" required />
<.input field={{f, :password}} type="password" label="Password" required />
<.simple_form for={@form} id="login_form" action={~p"/users/log_in"} phx-update="ignore">
<.input field={@form[:username]} type="text" label="Username" required />
<.input field={@form[:password]} type="password" label="Password" required />
<:actions :let={f}>
<.input field={{f, :remember_me}} type="checkbox" label="Keep me logged in" />
<:actions>
<.input field={@form[:remember_me]} type="checkbox" label="Keep me logged in" />
<.link href={~p"/users/reset_password"} class="text-sm font-semibold">
Forgot your password?
</.link>
@ -44,6 +37,7 @@ defmodule SomethingErlangWeb.UserLoginLive do
def mount(_params, _session, socket) do
email = live_flash(socket.assigns.flash, :email)
{:ok, assign(socket, email: email), temporary_assigns: [email: nil]}
form = to_form(%{"email" => email}, as: "user")
{:ok, assign(socket, form: form), temporary_assigns: [form: form]}
end
end

74
lib/something_erlang_web/live/user_registration_live.ex
View File

@ -1,74 +0,0 @@
defmodule SomethingErlangWeb.UserRegistrationLive do
use SomethingErlangWeb, :live_view
alias SomethingErlang.Accounts
alias SomethingErlang.Accounts.User
def render(assigns) do
~H"""
<div class="mx-auto max-w-sm">
<.header class="text-center">
Register for an account
<:subtitle>
Already registered?
<.link navigate={~p"/users/log_in"} class="font-semibold text-brand hover:underline">
Sign in
</.link>
to your account now.
</:subtitle>
</.header>
<.simple_form
:let={f}
id="registration_form"
for={@changeset}
phx-submit="save"
phx-change="validate"
phx-trigger-action={@trigger_submit}
action={~p"/users/log_in?_action=registered"}
method="post"
as={:user}
>
<.error :if={@changeset.action == :insert}>
Oops, something went wrong! Please check the errors below.
</.error>
<.input field={{f, :email}} type="email" label="Email" required />
<.input field={{f, :password}} type="password" label="Password" required />
<:actions>
<.button phx-disable-with="Creating account..." class="w-full">Create an account</.button>
</:actions>
</.simple_form>
</div>
"""
end
def mount(_params, _session, socket) do
changeset = Accounts.change_user_registration(%User{})
socket = assign(socket, changeset: changeset, trigger_submit: false)
{:ok, socket, temporary_assigns: [changeset: nil]}
end
def handle_event("save", %{"user" => user_params}, socket) do
case Accounts.register_user(user_params) do
{:ok, user} ->
{:ok, _} =
Accounts.deliver_user_confirmation_instructions(
user,
&url(~p"/users/confirm/#{&1}")
)
changeset = Accounts.change_user_registration(user)
{:noreply, assign(socket, trigger_submit: true, changeset: changeset)}
{:error, %Ecto.Changeset{} = changeset} ->
{:noreply, assign(socket, :changeset, changeset)}
end
end
def handle_event("validate", %{"user" => user_params}, socket) do
changeset = Accounts.change_user_registration(%User{}, user_params)
{:noreply, assign(socket, changeset: Map.put(changeset, :action, :validate))}
end
end

87
lib/something_erlang_web/live/user_reset_password_live.ex
View File

@ -1,87 +0,0 @@
defmodule SomethingErlangWeb.UserResetPasswordLive do
use SomethingErlangWeb, :live_view
alias SomethingErlang.Accounts
def render(assigns) do
~H"""
<div class="mx-auto max-w-sm">
<.header class="text-center">Reset Password</.header>
<.simple_form
:let={f}
for={@changeset}
id="reset_password_form"
phx-submit="reset_password"
phx-change="validate"
>
<.error :if={@changeset.action == :insert}>
Oops, something went wrong! Please check the errors below.
</.error>
<.input field={{f, :password}} type="password" label="New password" required />
<.input
field={{f, :password_confirmation}}
type="password"
label="Confirm new password"
required
/>
<:actions>
<.button phx-disable-with="Resetting..." class="w-full">Reset Password</.button>
</:actions>
</.simple_form>
<p class="text-center mt-4">
<.link href={~p"/users/register"}>Register</.link>
|
<.link href={~p"/users/log_in"}>Log in</.link>
</p>
</div>
"""
end
def mount(params, _session, socket) do
socket = assign_user_and_token(socket, params)
socket =
case socket.assigns do
%{user: user} ->
assign(socket, :changeset, Accounts.change_user_password(user))
_ ->
socket
end
{:ok, socket, temporary_assigns: [changeset: nil]}
end
# Do not log in the user after reset password to avoid a
# leaked token giving the user access to the account.
def handle_event("reset_password", %{"user" => user_params}, socket) do
case Accounts.reset_user_password(socket.assigns.user, user_params) do
{:ok, _} ->
{:noreply,
socket
|> put_flash(:info, "Password reset successfully.")
|> redirect(to: ~p"/users/log_in")}
{:error, changeset} ->
{:noreply, assign(socket, :changeset, Map.put(changeset, :action, :insert))}
end
end
def handle_event("validate", %{"user" => user_params}, socket) do
changeset = Accounts.change_user_password(socket.assigns.user, user_params)
{:noreply, assign(socket, changeset: Map.put(changeset, :action, :validate))}
end
defp assign_user_and_token(socket, %{"token" => token}) do
if user = Accounts.get_user_by_reset_password_token(token) do
assign(socket, user: user, token: token)
else
socket
|> put_flash(:error, "Reset password link is invalid or it has expired.")
|> redirect(to: ~p"/")
end
end
end

161
lib/something_erlang_web/live/user_settings_live.ex
View File

@ -1,161 +0,0 @@
defmodule SomethingErlangWeb.UserSettingsLive do
use SomethingErlangWeb, :live_view
alias SomethingErlang.Accounts
def render(assigns) do
~H"""
<.header>Change Email</.header>
<.simple_form
:let={f}
id="email_form"
for={@email_changeset}
phx-submit="update_email"
phx-change="validate_email"
>
<.error :if={@email_changeset.action == :insert}>
Oops, something went wrong! Please check the errors below.
</.error>
<.input field={{f, :email}} type="email" label="Email" required />
<.input
field={{f, :current_password}}
name="current_password"
id="current_password_for_email"
type="password"
label="Current password"
value={@email_form_current_password}
required
/>
<:actions>
<.button phx-disable-with="Changing...">Change Email</.button>
</:actions>
</.simple_form>
<.header>Change Password</.header>
<.simple_form
:let={f}
id="password_form"
for={@password_changeset}
action={~p"/users/log_in?_action=password_updated"}
method="post"
phx-change="validate_password"
phx-submit="update_password"
phx-trigger-action={@trigger_submit}
>
<.error :if={@password_changeset.action == :insert}>
Oops, something went wrong! Please check the errors below.
</.error>
<.input field={{f, :email}} type="hidden" value={@current_email} />
<.input field={{f, :password}} type="password" label="New password" required />
<.input field={{f, :password_confirmation}} type="password" label="Confirm new password" />
<.input
field={{f, :current_password}}
name="current_password"
type="password"
label="Current password"
id="current_password_for_password"
value={@current_password}
required
/>
<:actions>
<.button phx-disable-with="Changing...">Change Password</.button>
</:actions>
</.simple_form>
"""
end
def mount(%{"token" => token}, _session, socket) do
socket =
case Accounts.update_user_email(socket.assigns.current_user, token) do
:ok ->
put_flash(socket, :info, "Email changed successfully.")
:error ->
put_flash(socket, :error, "Email change link is invalid or it has expired.")
end
{:ok, push_navigate(socket, to: ~p"/users/settings")}
end
def mount(_params, _session, socket) do
user = socket.assigns.current_user
socket =
socket
|> assign(:current_password, nil)
|> assign(:email_form_current_password, nil)
|> assign(:current_email, user.email)
|> assign(:email_changeset, Accounts.change_user_email(user))
|> assign(:password_changeset, Accounts.change_user_password(user))
|> assign(:trigger_submit, false)
{:ok, socket}
end
def handle_event("validate_email", params, socket) do
%{"current_password" => password, "user" => user_params} = params
email_changeset = Accounts.change_user_email(socket.assigns.current_user, user_params)
socket =
assign(socket,
email_changeset: Map.put(email_changeset, :action, :validate),
email_form_current_password: password
)
{:noreply, socket}
end
def handle_event("update_email", params, socket) do
%{"current_password" => password, "user" => user_params} = params
user = socket.assigns.current_user
case Accounts.apply_user_email(user, password, user_params) do
{:ok, applied_user} ->
Accounts.deliver_user_update_email_instructions(
applied_user,
user.email,
&url(~p"/users/settings/confirm_email/#{&1}")
)
info = "A link to confirm your email change has been sent to the new address."
{:noreply, put_flash(socket, :info, info)}
{:error, changeset} ->
{:noreply, assign(socket, :email_changeset, Map.put(changeset, :action, :insert))}
end
end
def handle_event("validate_password", params, socket) do
%{"current_password" => password, "user" => user_params} = params
password_changeset = Accounts.change_user_password(socket.assigns.current_user, user_params)
{:noreply,
socket
|> assign(:password_changeset, Map.put(password_changeset, :action, :validate))
|> assign(:current_password, password)}
end
def handle_event("update_password", params, socket) do
%{"current_password" => password, "user" => user_params} = params
user = socket.assigns.current_user
case Accounts.update_user_password(user, password, user_params) do
{:ok, user} ->
socket =
socket
|> assign(:trigger_submit, true)
|> assign(:password_changeset, Accounts.change_user_password(user, user_params))
{:noreply, socket}
{:error, changeset} ->
{:noreply, assign(socket, :password_changeset, changeset)}
end
end
end