Browse Source

Add authentication for web frontend

master
Shadowfacts 2 years ago
parent
commit
13d7f832fe
Signed by: shadowfacts GPG Key ID: 94A5AB95422746E5
8 changed files with 121 additions and 3 deletions
  1. +2
    -2
      lib/clacks/actor.ex
  2. +5
    -0
      lib/clacks/user.ex
  3. +42
    -0
      lib/clacks_web/controllers/login_controller.ex
  4. +41
    -0
      lib/clacks_web/plug/web_authenticate.ex
  5. +14
    -0
      lib/clacks_web/router.ex
  6. +13
    -0
      lib/clacks_web/templates/login/login.html.eex
  7. +3
    -0
      lib/clacks_web/views/login_view.ex
  8. +1
    -1
      lib/clacks_web/views/page_view.ex

+ 2
- 2
lib/clacks/actor.ex View File

@ -29,7 +29,7 @@ defmodule Clacks.Actor do
@spec get_by_nickname(nickname :: String.t()) :: t() | nil
def get_by_nickname(nickname) do
Repo.one(from a in __MODULE__, where: a.nickname == ^nickname)
Repo.get_by(__MODULE__, nickname: nickname)
end
@spec get_by_ap_id(ap_id :: String.t(), force_refetch :: boolean()) :: t() | nil
@ -43,7 +43,7 @@ defmodule Clacks.Actor do
@spec get_cached_by_ap_id(ap_id :: String.t()) :: t() | nil
def get_cached_by_ap_id(ap_id) do
Repo.one(from a in __MODULE__, where: a.ap_id == ^ap_id)
Repo.get_by(__MODULE__, ap_id: ap_id)
end
@spec fetch(ap_id :: String.t()) :: t() | nil


+ 5
- 0
lib/clacks/user.ex View File

@ -1,6 +1,7 @@
defmodule Clacks.User do
use Ecto.Schema
import Ecto.Changeset
alias Clacks.Repo
@type t() :: %__MODULE__{}
@ -40,4 +41,8 @@ defmodule Clacks.User do
) do
change(changeset, Bcrypt.add_hash(password))
end
def get_by_username(username) do
Repo.get_by(__MODULE__, username: username)
end
end

+ 42
- 0
lib/clacks_web/controllers/login_controller.ex View File

@ -0,0 +1,42 @@
defmodule ClacksWeb.LoginController do
use ClacksWeb, :controller
alias Clacks.User
alias ClacksWeb.Router.Helpers, as: Routes
alias ClacksWeb.Endpoint
def login(conn, params) do
render(conn, "login.html", %{
continue: Map.get(params, "continue")
})
end
def login_post(conn, %{"username" => username, "password" => password} = params) do
user = User.get_by_username(username)
case Bcrypt.check_pass(user, password) do
{:ok, user} ->
user_token = Phoenix.Token.sign(Endpoint, "user token", user.id)
redirect_uri = Map.get(params, "continue") || "/"
conn
|> put_session(:user_token, user_token)
|> redirect(to: redirect_uri)
{:error, _reason} ->
conn
|> put_flash(:error, "Invalid username or password.")
|> redirect(to: Routes.login_path(Endpoint, :login))
end
end
def login_post(conn, _params) do
redirect(conn, to: Routes.login_path(Endpoint, :login))
end
def logout(conn, _params) do
conn
|> clear_session()
|> put_flash(:info, "Logged out.")
|> redirect(to: "/")
end
end

+ 41
- 0
lib/clacks_web/plug/web_authenticate.ex View File

@ -0,0 +1,41 @@
defmodule ClacksWeb.Plug.WebAuthenticate do
import Plug.Conn
alias Clacks.{Repo, User}
alias ClacksWeb.Router.Helpers, as: Routes
alias ClacksWeb.Endpoint
def init(%{on_failure: on_failure_action} = opts)
when on_failure_action in [:redirect_to_login, :pass],
do: opts
def init(_), do: %{on_failure: :redirect_to_login}
def call(conn, %{on_failure: on_failure_action}) do
user_token = get_session(conn, :user_token)
case Phoenix.Token.verify(Endpoint, "user token", user_token, max_age: 7 * 24 * 60 * 60) do
{:error, _reason} ->
on_failure(conn, on_failure_action)
{:ok, user_id} ->
case Repo.get(User, user_id) do
nil ->
on_failure(conn, on_failure_action)
user ->
user = Repo.preload(user, :actor)
assign(conn, :user, user)
end
end
end
defp on_failure(conn, :redirect_to_login) do
conn
|> Phoenix.Controller.redirect(to: Routes.login_path(Endpoint, :login))
|> halt()
end
defp on_failure(conn, :pass) do
conn
end
end

+ 14
- 0
lib/clacks_web/router.ex View File

@ -7,6 +7,11 @@ defmodule ClacksWeb.Router do
plug :fetch_flash
plug :protect_from_forgery
plug :put_secure_browser_headers
plug ClacksWeb.Plug.WebAuthenticate, on_failure: :pass
end
pipeline :browser_authenticated do
plug ClacksWeb.Plug.WebAuthenticate, on_failure: :redirect_to_login
end
pipeline :activitypub do
@ -15,6 +20,15 @@ defmodule ClacksWeb.Router do
scope "/", ClacksWeb do
pipe_through :browser
get "/login", LoginController, :login
post "/login", LoginController, :login_post
post "/logout", LoginController, :logout_post
end
scope "/", ClacksWeb do
pipe_through :browser
pipe_through :browser_authenticated
end
scope "/", ClacksWeb do


+ 13
- 0
lib/clacks_web/templates/login/login.html.eex View File

@ -0,0 +1,13 @@
<%= form_tag Routes.login_path(@conn, :login_post), method: :post do %>
<%= if @continue do %>
<input type="hidden" name="continue" value="<%= @continue %>">
<% end %>
<label for="username">Username</label>
<input id="username" type="text" name="username">
<br>
<label for="password">Password</label>
<input id="password" type="password" name="password">
<br>
<%= submit "Log In" %>
<% end %>

+ 3
- 0
lib/clacks_web/views/login_view.ex View File

@ -0,0 +1,3 @@
defmodule ClacksWeb.PageView do
use ClacksWeb, :view
end

+ 1
- 1
lib/clacks_web/views/page_view.ex View File

@ -1,3 +1,3 @@
defmodule ClacksWeb.PageView do
defmodule ClacksWeb.LoginView do
use ClacksWeb, :view
end

Loading…
Cancel
Save