hopefully done

2026-01-14 03:44:47 +00:00 · 2023-02-18 18:13:08 +00:00
parent 820a717665
commit 2b3ad0b217
9 changed files with 118 additions and 8 deletions
--- a/lib/phoenix_api_template_web/controllers/user_controller.ex
+++ b/lib/phoenix_api_template_web/controllers/user_controller.ex
@@ -1,8 +1,9 @@
 defmodule PhoenixApiTemplateWeb.UserController do
  use PhoenixApiTemplateWeb, :controller

-  alias PhoenixApiTemplateWeb.Auth.ErrorResponse
  alias PhoenixApiTemplateWeb.Auth.ErrorResponse.Unauthorized
+  alias PhoenixApiTemplateWeb.Auth.ErrorResponse.Forbidden
+  alias PhoenixApiTemplateWeb.Auth.ErrorResponse.NotFound
  alias PhoenixApiTemplateWeb.Auth.Guardian
  alias PhoenixApiTemplate.Accounts
  alias PhoenixApiTemplate.Accounts.User
@@ -20,7 +21,7 @@ defmodule PhoenixApiTemplateWeb.UserController do
    if conn.assigns.user.id == user.id do
      conn
    else
-      raise ErrorResponse.Forbidden
+      raise Forbidden
    end
  end

@@ -40,7 +41,11 @@ defmodule PhoenixApiTemplateWeb.UserController do
  end

  def sign_in(conn, %{"email" => email, "password" => password}) do
-    case Guardian.authenticate(email, password) do
+    authorize_account(conn, email, password)
+  end
+
+  defp authorize_account(conn, email, hash_password) do
+    case Guardian.authenticate(email, hash_password) do
      {:ok, user, token} ->
        conn
        |> Plug.Conn.put_session(:user_id, user.id)
@@ -52,6 +57,17 @@ defmodule PhoenixApiTemplateWeb.UserController do
    end
  end

+  def sign_out(conn, %{}) do
+    user = conn.assigns[:user]
+    token = Guardian.Plug.current_token(conn)
+    Guardian.revoke(token)
+
+    conn
+    |> Plug.Conn.clear_session()
+    |> put_status(:ok)
+    |> render("user_token.json", %{user: user, token: nil})
+  end
+
  def show(conn, %{"id" => id}) do
    user = Accounts.get_user!(id)
    render(conn, "show.json", user: user)
@@ -72,4 +88,27 @@ defmodule PhoenixApiTemplateWeb.UserController do
      send_resp(conn, :no_content, "")
    end
  end
+
+  def refresh_session(conn, %{}) do
+    old_token = Guardian.Plug.current_token(conn)
+
+    case Guardian.decode_and_verify(old_token) do
+      {:ok, claims} ->
+        case Guardian.resource_from_claims(claims) do
+          {:ok, user} ->
+            {:ok, _old, {new_token, _new_claims}} = Guardian.refresh(old_token)
+
+            conn
+            |> Plug.Conn.put_session(:user_id, user.id)
+            |> put_status(:ok)
+            |> render("user_token.json", %{user: user, token: new_token})
+
+          {:error, _reason} ->
+            raise NotFound
+        end
+
+      {:error, _reason} ->
+        raise NotFound
+    end
+  end
 end