hopefully done

2026-01-14 20:04:41 +00:00 · 2023-02-18 18:13:08 +00:00
parent 820a717665
commit 2b3ad0b217
9 changed files with 118 additions and 8 deletions
--- a/lib/phoenix_api_template_web/auth/error_response.ex
+++ b/lib/phoenix_api_template_web/auth/error_response.ex
@@ -5,3 +5,7 @@ end
 defmodule PhoenixApiTemplateWeb.Auth.ErrorResponse.Forbidden do
  defexception message: "Forbidden", plug_status: 403
 end
+
+defmodule PhoenixApiTemplateWeb.Auth.ErrorResponse.NotFound do
+  defexception message: "Not Found", plug_status: 404
+end
--- a/lib/phoenix_api_template_web/auth/guardian.ex
+++ b/lib/phoenix_api_template_web/auth/guardian.ex
@@ -29,18 +29,58 @@ defmodule PhoenixApiTemplateWeb.Auth.Guardian do

      user ->
        case validate_password(password, user.hashed_password) do
-          true -> create_token(user)
+          true -> create_token(user, :access)
          false -> {:error, :unauthorized}
        end
    end
  end

+  def authenticate(token) do
+    with {:ok, claims} <- decode_and_verify(token),
+         {:ok, user} <- resource_from_claims(claims),
+         {:ok, _old, {new_token, _claims}} <- refresh(token) do
+      {:ok, user, new_token}
+    end
+  end
+
  defp validate_password(password, hashed_password) do
    Bcrypt.verify_pass(password, hashed_password)
  end

-  defp create_token(user) do
-    {:ok, token, _claims} = encode_and_sign(user)
+  defp create_token(user, type) do
+    {:ok, token, _claims} = encode_and_sign(user, %{}, token_options(type))
    {:ok, user, token}
  end
+
+  defp token_options(type) do
+    case type do
+      :access -> [token_type: "access", ttl: {2, :hour}]
+      :reset -> [token_type: "reset", ttl: {15, :minute}]
+      :admin -> [token_type: "admin", ttl: {90, :day}]
+    end
+  end
+
+  def after_encode_and_sign(resource, claims, token, _options) do
+    with {:ok, _} <- Guardian.DB.after_encode_and_sign(resource, claims["typ"], claims, token) do
+      {:ok, token}
+    end
+  end
+
+  def on_verify(claims, token, _options) do
+    with {:ok, _} <- Guardian.DB.on_verify(claims, token) do
+      {:ok, claims}
+    end
+  end
+
+  def on_revoke(claims, token, _options) do
+    with {:ok, _} <- Guardian.DB.on_revoke(claims, token) do
+      {:ok, claims}
+    end
+  end
+
+  def on_refresh({old_token, old_claims}, {new_token, new_claims}, _options) do
+    with {:ok, _, _} <- Guardian.DB.on_refresh({old_token, old_claims}, {new_token, new_claims}) do
+      {:ok, {old_token, old_claims}, {new_token, new_claims}}
+    end
+  end
 end