You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
116 lines
3.8 KiB
Elixir
116 lines
3.8 KiB
Elixir
defmodule AsciinemaWeb.SessionController do
|
|
use AsciinemaWeb, :controller
|
|
import AsciinemaWeb.UserView, only: [profile_path: 1]
|
|
alias Asciinema.Users
|
|
alias AsciinemaWeb.Auth
|
|
alias Asciinema.Users.User
|
|
|
|
def new(conn, %{"t" => login_token}) do
|
|
conn
|
|
|> put_session(:login_token, login_token)
|
|
|> redirect(to: session_path(conn, :new))
|
|
end
|
|
def new(conn, _params) do
|
|
render(conn, "new.html")
|
|
end
|
|
|
|
def create(conn, %{"api_token" => api_token}) do
|
|
case Users.get_user_with_api_token(api_token) do
|
|
{:ok, user} ->
|
|
login_via_api_token(conn, user)
|
|
{:error, :token_invalid} ->
|
|
conn
|
|
|> put_rails_flash(:alert, "Invalid token. Make sure you pasted the URL correctly.")
|
|
|> redirect(to: "/")
|
|
{:error, :token_revoked} ->
|
|
conn
|
|
|> put_rails_flash(:alert, "This token has been revoked.")
|
|
|> redirect(to: "/")
|
|
end
|
|
end
|
|
|
|
def create(conn, _params) do
|
|
login_token = get_session(conn, :login_token)
|
|
conn = delete_session(conn, :login_token)
|
|
|
|
case Users.verify_login_token(login_token) do
|
|
{:ok, user} ->
|
|
conn
|
|
|> Auth.log_in(user)
|
|
|> put_rails_flash(:notice, "Welcome back!")
|
|
|> redirect_to_profile
|
|
{:error, :token_invalid} ->
|
|
conn
|
|
|> put_flash(:error, "Invalid login link.")
|
|
|> redirect(to: login_path(conn, :new))
|
|
{:error, :token_expired} ->
|
|
conn
|
|
|> put_flash(:error, "This login link has expired, sorry.")
|
|
|> redirect(to: login_path(conn, :new))
|
|
{:error, :user_not_found} ->
|
|
conn
|
|
|> put_flash(:error, "This account has been removed.")
|
|
|> redirect(to: login_path(conn, :new))
|
|
end
|
|
end
|
|
|
|
defp login_via_api_token(conn, logging_user) do
|
|
current_user = conn.assigns.current_user
|
|
|
|
case {current_user, logging_user} do
|
|
{nil, %User{email: nil}} ->
|
|
conn
|
|
|> Auth.log_in(logging_user)
|
|
|> put_rails_flash(:notice, "Welcome! Setting username and email will help you with logging in later.")
|
|
|> redirect_to_edit_profile
|
|
{nil, %User{}} ->
|
|
conn
|
|
|> Auth.log_in(logging_user)
|
|
|> put_rails_flash(:notice, "Welcome back!")
|
|
|> redirect_to_profile
|
|
{%User{id: id, email: nil}, %User{id: id}} ->
|
|
conn
|
|
|> put_rails_flash(:notice, "Setting username and email will help you with logging in later.")
|
|
|> redirect_to_edit_profile
|
|
{%User{email: nil}, %User{email: nil}} ->
|
|
Users.merge!(current_user, logging_user)
|
|
conn
|
|
|> put_rails_flash(:notice, "Setting username and email will help you with logging in later.")
|
|
|> redirect_to_edit_profile
|
|
{%User{email: nil}, %User{}} ->
|
|
Users.merge!(logging_user, current_user)
|
|
conn
|
|
|> Auth.log_in(logging_user)
|
|
|> put_rails_flash(:notice, "Recorder token has been added to your account.")
|
|
|> redirect_to_profile
|
|
{%User{}, %User{email: nil}} ->
|
|
Users.merge!(current_user, logging_user)
|
|
conn
|
|
|> put_rails_flash(:notice, "Recorder token has been added to your account.")
|
|
|> redirect_to_profile
|
|
{%User{id: id}, %User{id: id}} ->
|
|
conn
|
|
|> put_rails_flash(:notice, "You're already logged in.")
|
|
|> redirect_to_profile
|
|
{%User{}, %User{}} ->
|
|
conn
|
|
|> put_rails_flash(:alert, "This recorder token belongs to a different user.")
|
|
|> redirect_to_profile
|
|
# TODO offer merging
|
|
end
|
|
end
|
|
|
|
defp redirect_to_profile(conn) do
|
|
path = case conn.assigns.current_user do
|
|
%User{username: nil} -> "/username/new"
|
|
%User{} = user -> profile_path(user)
|
|
end
|
|
|
|
redirect(conn, to: path)
|
|
end
|
|
|
|
defp redirect_to_edit_profile(conn) do
|
|
redirect(conn, to: user_path(conn, :edit))
|
|
end
|
|
end
|