Packages
potionx
0.4.0
0.8.15
0.8.14
0.8.13
0.8.12
0.8.11
0.8.10
0.8.9
0.8.8
0.8.7
0.8.6
0.8.5
0.8.4
0.8.3
0.8.2
0.8.1
0.8.0
0.7.2
0.7.1
0.7.0
0.6.4
0.6.3
0.6.2
0.6.1
0.6.0
0.5.3
0.5.2
0.5.1
0.5.0
0.4.16
0.4.15
0.4.14
0.4.13
0.4.12
0.4.11
0.4.10
0.4.9
0.4.8
0.4.7
0.4.6
0.4.5
0.4.4
0.4.3
0.4.2
0.4.1
0.4.0
0.3.0
0.2.18
0.2.17
0.2.16
0.2.15
0.2.14
0.2.13
0.2.12
0.2.11
0.2.10
0.2.9
0.2.8
0.2.7
0.2.6
0.2.5
0.2.4
0.2.3
0.2.2
0.2.1
0.1.1
0.1.0
Potionx is a set of generators and functions that speeds up the process of setting up and deploying a full-stack application that uses Elixir with GraphQL for the server-side component and Vue for the frontend component.
Current section
Files
Jump to
Current section
Files
lib/potionx/auth/auth_plug.ex
defmodule Potionx.Plug.Auth do
@behaviour Plug
alias Potionx.Context.Service
def call(%{assigns: %{context: %Service{}}} = conn, opts) do
conn
|> Plug.Conn.fetch_cookies(
signed: Enum.map(Map.values(Potionx.Auth.token_config()), &(&1.name))
)
|> fetch_session_from_conn(opts)
|> maybe_allow(opts)
end
def fetch_session_from_conn(%{assigns: %{context: ctx}} = conn, %{session_service: session_service, uuid_key: key}) do
%{name: cookie_name} =
Enum.find(
Map.values(Potionx.Auth.token_config()),
fn s -> s.uuid_key === key end
)
conn
|> case do
%{cookies: %{^cookie_name => token}} ->
session_service.one_from_cache(
%Service{
filters: Map.put(%{}, key, token)
}
)
_ ->
{:error, "no_cookie"}
end
|> case do
%{id: _} = session ->
conn
|> Plug.Conn.assign(
:context, %{
ctx |
roles: (Map.get(session, :user) || %{roles: nil}).roles,
session: session,
user: session.user
}
)
_ ->
conn
end
end
def init(opts) do
if !Keyword.get(opts, :session_service) do
raise "Potionx.Auth.Plug requires a session service"
end
Keyword.merge(
[
login_path: "/login",
public_hosts: [],
session_optional: false,
session_service: false,
uuid_key: :uuid_access,
user_optional: false
],
opts
)
|> Enum.into(%{})
end
def maybe_allow(%{assigns: %{context: %{session: %{user: %{id: id}}}}} = conn, opts) when not is_nil(id) do
cond do
conn.request_path === opts.login_path ->
Phoenix.Controller.redirect(conn, to: "/")
|> Plug.Conn.halt
true ->
conn
end
end
def maybe_allow(%{assigns: %{context: %{session: %{id: id}}}} = conn, %{user_optional: true}) when not is_nil(id) do
conn
end
def maybe_allow(%Plug.Conn{host: host, method: method, request_path: path} = conn, opts) do
cond do
Enum.member?(opts.public_hosts, host) ->
conn
path === opts.login_path ->
conn
opts.session_optional and opts.user_optional ->
conn
method === "GET" ->
Phoenix.Controller.redirect(conn, to: opts.login_path)
|> Plug.Conn.halt
true ->
conn
|> Plug.Conn.put_status(401)
|> Plug.Conn.halt
end
end
end