API tools faq
paste
Guest User

Untitled

a guest
Apr 10th, 2018
106
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.77 KB | None | 0 0
raw download clone embed print report
  1. defmodule Auth.Router do
  2. use Auth.Web, :router
  3.  
  4. pipeline :browser do
  5. plug :accepts, ["html"]
  6. plug :fetch_session
  7. plug :fetch_flash
  8. plug :protect_from_forgery
  9. plug :put_secure_browser_headers
  10. plug Auth.Auth, repo: Auth.Repo
  11. end
  12.  
  13. pipeline :api do
  14. plug :accepts, ["json"]
  15. end
  16.  
  17. scope "/", Auth do
  18. pipe_through :browser # Use the default browser stack
  19.  
  20. get "/", PageController, :index
  21. resources "/users", UserController
  22. resources "/sessions", SessionController, only: [:new, :create, :delete]
  23. resources "/projects", ProjectController
  24. end
  25. end
  26.  
  27. defmodule Auth.UserController do
  28. use Auth.Web, :controller
  29.  
  30. plug :authenticate when action in [:index, :show]
  31.  
  32. alias Auth.User
  33.  
  34. plug :scrub_params, "user" when action in [:create, :update]
  35.  
  36. def index(conn, _params) do
  37. users = Repo.all(User)
  38. render(conn, "index.html", users: users)
  39. end
  40.  
  41. def new(conn, _params) do
  42. changeset = User.changeset(%User{})
  43. render(conn, "new.html", changeset: changeset)
  44. end
  45.  
  46. def create(conn, %{"user" => user_params}) do
  47. changeset = User.registration_changeset(%User{}, user_params)
  48.  
  49. case Repo.insert(changeset) do
  50. {:ok, user} ->
  51. conn
  52. |> Auth.Auth.login(user)
  53. |> put_flash(:info, "#{user.username} created successfully.")
  54. |> redirect(to: user_path(conn, :index))
  55. {:error, changeset} ->
  56. render(conn, "new.html", changeset: changeset)
  57. end
  58. end
  59.  
  60. def show(conn, %{"id" => id}) do
  61. user = Repo.get!(User, id)
  62. render(conn, "show.html", user: user)
  63. end
  64.  
  65. def edit(conn, %{"id" => id}) do
  66. user = Repo.get!(User, id)
  67. changeset = User.changeset(user)
  68. render(conn, "edit.html", user: user, changeset: changeset)
  69. end
  70.  
  71. def update(conn, %{"id" => id, "user" => user_params}) do
  72. user = Repo.get!(User, id)
  73. changeset = User.changeset(user, user_params)
  74.  
  75. case Repo.update(changeset) do
  76. {:ok, user} ->
  77. conn
  78. |> put_flash(:info, "User updated successfully.")
  79. |> redirect(to: user_path(conn, :show, user))
  80. {:error, changeset} ->
  81. render(conn, "edit.html", user: user, changeset: changeset)
  82. end
  83. end
  84.  
  85. def delete(conn, %{"id" => id}) do
  86. user = Repo.get!(User, id)
  87. Repo.delete!(user)
  88. conn
  89. |> put_flash(:info, "User deleted successfully.")
  90. |> redirect(to: user_path(conn, :index))
  91. end
  92.  
  93. defp authenticate(conn, _opts) do
  94. if conn.assigns.current_user do
  95. conn
  96. else
  97. conn
  98. |> put_flash(:error, "You must be login to access that page.")
  99. |> redirect(to: page_path(conn, :index))
  100. |> halt()
  101. end
  102. end
  103. end
  104.  
  105. defmodule Auth.User do
  106. use Auth.Web, :model
  107.  
  108. schema "users" do
  109. field :username, :string
  110. field :password_hash, :string
  111. field :password, :string, virtual: true
  112.  
  113. timestamps
  114. end
  115.  
  116. def changeset(model, params \ :empty) do
  117. model
  118. |> cast(params, ~w(username), [])
  119. |> validate_length(:username, min: 3, max: 20)
  120.  
  121. end
  122.  
  123. def registration_changeset(model, params) do
  124. model
  125. |> changeset(params)
  126. |> cast(params, ~w(password), [])
  127. |> validate_length(:password, min: 6, max: 100)
  128. |> put_pass_hash()
  129. end
  130.  
  131. defp put_pass_hash(changeset) do
  132. case changeset do
  133. %Ecto.Changeset{valid?: true, changes: %{password: pass}} ->
  134. put_change(changeset, :password_hash, Comeonin.Bcrypt.hashpwsalt(pass))
  135. _ ->
  136. changeset
  137. end
  138. end
  139. end
  140.  
  141. defmodule Auth.Auth do
  142. import Plug.Conn
  143. import Comeonin.Bcrypt, only: [checkpw: 2]
  144.  
  145. def init(opts) do
  146. Keyword.fetch!(opts, :repo)
  147. end
  148.  
  149. def call(conn, repo) do
  150. user_id = get_session(conn, :user_id)
  151. user = user_id && repo.get(Auth.User, user_id)
  152. assign(conn, :current_user, user)
  153. end
  154.  
  155. def login(conn, user) do
  156. conn
  157. |> assign(:current_user, user)
  158. |> put_session(:user_id, user.id)
  159. |> configure_session(renew: true)
  160. end
  161.  
  162. def login_by_username_and_pass(conn, username, given_pass, opts) do
  163. repo = Keyword.fetch!(opts, :repo)
  164. user = repo.get_by(Auth.User, username: username)
  165. cond do
  166. user && checkpw(given_pass, user.password_hash) ->
  167. {:ok, login(conn, user)}
  168. user ->
  169. {:error, :unauthorized, conn}
  170. true ->
  171. {:error, :not_found, conn}
  172. end
  173. end
  174.  
  175. def logout(conn) do
  176. # configure_session(conn, drop: true)
  177. delete_session(conn, :user_id)
  178. end
  179.  
  180. end
  181.  
  182. defmodule Auth.ProjectController do
  183. use Auth.Web, :controller
  184.  
  185. plug :authenticate when action in [:index, :new, :show]
  186.  
  187. alias Auth.Project
  188.  
  189. plug :scrub_params, "project" when action in [:create, :update]
  190.  
  191. def index(conn, _params) do
  192. projects = Repo.all(Project)
  193. render(conn, "index.html", projects: projects)
  194. end
  195.  
  196. def new(conn, _params) do
  197. changeset = Project.changeset(%Project{})
  198. render(conn, "new.html", changeset: changeset)
  199. end
  200.  
  201. def create(conn, %{"project" => project_params}) do
  202. changeset = Project.changeset(%Project{}, project_params)
  203.  
  204. case Repo.insert(changeset) do
  205. {:ok, _project} ->
  206. conn
  207. |> put_flash(:info, "Project created successfully.")
  208. |> redirect(to: project_path(conn, :index))
  209. {:error, changeset} ->
  210. render(conn, "new.html", changeset: changeset)
  211. end
  212. end
  213.  
  214. def show(conn, %{"id" => id}) do
  215. project = Repo.get!(Project, id)
  216. render(conn, "show.html", project: project)
  217. end
  218.  
  219. def edit(conn, %{"id" => id}) do
  220. project = Repo.get!(Project, id)
  221. changeset = Project.changeset(project)
  222. render(conn, "edit.html", project: project, changeset: changeset)
  223. end
  224.  
  225. def update(conn, %{"id" => id, "project" => project_params}) do
  226. project = Repo.get!(Project, id)
  227. changeset = Project.changeset(project, project_params)
  228.  
  229. case Repo.update(changeset) do
  230. {:ok, project} ->
  231. conn
  232. |> put_flash(:info, "Project updated successfully.")
  233. |> redirect(to: project_path(conn, :show, project))
  234. {:error, changeset} ->
  235. render(conn, "edit.html", project: project, changeset: changeset)
  236. end
  237. end
  238.  
  239. def delete(conn, %{"id" => id}) do
  240. project = Repo.get!(Project, id)
  241.  
  242. # Here we use delete! (with a bang) because we expect
  243. # it to always work (and if it does not, it will raise).
  244. Repo.delete!(project)
  245.  
  246. conn
  247. |> put_flash(:info, "Project deleted successfully.")
  248. |> redirect(to: project_path(conn, :index))
  249. end
  250.  
  251.  
  252. # defp authenticate(conn, _opts) do
  253. # if conn.assigns.current_user do
  254. # conn
  255. # else
  256. # conn
  257. # |> put_flash(:error, "You must be login to access that page.")
  258. # |> redirect(to: page_path(conn, :index))
  259. # |> halt()
  260. # end
  261. # end
  262. end
  263.  
  264. defmodule Auth.Plug.Authenticate do
  265. @behaviour Plug
  266. import Plug.Conn
  267. import Phoenix.Controller, only: [put_flash: 3, redirect: 2]
  268.  
  269. def init(opts), do: opts
  270.  
  271. def call(conn, _opts) do
  272. if conn.assigns.current_user do
  273. conn
  274. else
  275. conn
  276. |> put_flash(:error, "You must be login to access that page.")
  277. |> redirect(to: Auth.Router.Helpers.page_path(conn, :index))
  278. |> halt()
  279. end
  280. end
  281. end
  282.  
  283. defmodule Auth.Router do
  284. use Auth.Web, :router
  285.  
  286. pipeline :browser do
  287. plug :accepts, ["html"]
  288. plug :fetch_session
  289. plug :fetch_flash
  290. plug :protect_from_forgery
  291. plug :put_secure_browser_headers
  292. plug Auth.Auth, repo: Auth.Repo
  293. end
  294.  
  295. pipeline :authenticated do
  296. plug Auth.Plug.Authenticate, repo: Auth.Repo
  297. end
  298.  
  299. pipeline :api do
  300. plug :accepts, ["json"]
  301. end
  302.  
  303. scope "/", Auth do
  304. pipe_through :browser # Use the default browser stack
  305.  
  306. get "/", PageController, :index
  307. resources "/sessions", SessionController, only: [:new, :create]
  308. end
  309.  
  310. scope "/", Auth do
  311. pipe_through [:browser, :authenticated]
  312.  
  313. resources "/users", UserController
  314. resources "/sessions", SessionController, only: [:delete]
  315. resources "/projects", ProjectController
  316. end
  317. end
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!