Packages
guard
0.16.0
0.19.1
0.19.0
0.18.0
0.17.2
0.17.1
0.17.0
0.16.3
0.16.2
0.16.1
0.16.0
0.15.3
0.15.2
0.15.1
0.15.0
0.14.9
0.14.8
0.14.7
0.14.6
0.14.5
0.14.4
0.14.3
0.14.2
0.14.1
0.14.0
0.13.1
0.13.0
0.12.9
0.12.8
0.12.7
0.12.6
0.12.5
0.12.4
0.12.3
0.12.2
0.12.1
0.12.0
0.11.3
0.11.2
0.11.1
0.11.0
0.10.4
0.10.3
0.10.2
0.10.1
0.10.0
0.9.0
0.8.0
0.7.1
0.7.0
0.6.1
0.6.0
0.5.0
0.4.1
0.4.0
0.3.0
0.2.0
0.1.0
Useful package for dealing with user authentication and signup
Current section
Files
Jump to
Current section
Files
lib/guard/controller/session.ex
defmodule Guard.Controller.Session do
@moduledoc false
use Guard.Controller
alias Guard.{Session, Authenticator, User, UserApiKey}
@claim_whitelist ["usr", "ctx"]
@refresh_token "refresh"
defp remember_user?(_conn) do
Application.get_env(:guard, Guard.Jwt)[:remember_user]
end
defp remember_me(conn, %User{} = user, claims, opts) do
if remember_user?(conn) do
conn
|> Guard.Jwt.Plug.remember_me(user, claims, opts)
else
conn
end
end
defp output_new_session(conn, user, claims) do
with {:ok, session} <- Session.current_session(conn) do
conn
|> remember_me(user, claims, token_type: @refresh_token)
|> put_status(:created)
|> json(session)
end
end
defp process_session(conn, {:ok, %User{} = user}) do
process_session(conn, {:ok, user, %{}})
end
defp process_session(conn, {:ok, %User{} = user, claims}) do
conn
|> Authenticator.sign_in(user, claims |> Map.take(@claim_whitelist))
|> output_new_session(user, claims)
end
defp process_session(conn, {:error, message}) do
conn
|> put_status(:unauthorized)
|> json(%{error: message})
end
defp process_session(conn, {:ok, jwt, claims}) do
case Guard.Jwt.resource_from_claims(claims) do
{:ok, user} ->
root_user = claims["usr"]
context = claims["ctx"]
extra =
%{root_user: root_user, context: context}
|> Enum.filter(fn {_k, v} -> v end)
|> Enum.into(%{})
conn
|> put_status(:created)
|> json(
Map.merge(%{jwt: jwt, user: user, perms: user.perms, root_user: root_user}, extra)
)
{:error, error} ->
send_error(conn, error)
end
end
def set_context(conn, %{"context" => context}) do
process_session(conn, Session.set_context(conn, context))
end
def set_context(conn, context) do
process_session(conn, Session.set_context(conn, context))
end
def clear_context(conn, _) do
process_session(conn, Session.clear_context(conn))
end
def restore(conn, %{"token" => token}) do
process_session(conn, Session.authenticate({:jwt, token}))
end
def create(conn, %{"session" => session_params}) do
process_session(conn, Session.authenticate(session_params))
end
def create(conn, params) do
process_session(conn, Session.authenticate(conn, params))
end
def delete(conn, _) do
conn
|> Guardian.Plug.current_resource()
|> case do
%User{} ->
conn
|> Guard.Jwt.Plug.sign_out(clear_remember_me: remember_user?(conn))
%UserApiKey{} ->
conn
|> Guardian.Plug.current_token()
|> Guard.ApiKey.revoke()
conn
_any ->
conn
end
|> json(%{ok: true})
end
def switch_user(conn, %{"id" => id}) do
user = Guard.Users.get!(id)
process_session(conn, Authenticator.switch_user(conn, user))
end
def switch_user(conn, %{"username" => username}) do
user = Guard.Users.get_by_username!(username)
process_session(conn, Authenticator.switch_user(conn, user))
end
def switch_user(conn, %{"mobile" => mobile}) do
user = Guard.Users.get_by_mobile!(mobile)
process_session(conn, Authenticator.switch_user(conn, user))
end
def switch_user(conn, %{"email" => email}) do
user = Guard.Users.get_by_email!(email)
process_session(conn, Authenticator.switch_user(conn, user))
end
def reset_user(conn, _params) do
process_session(conn, Authenticator.reset_user(conn))
end
end