Clean up Fervor authentication plug

This commit is contained in:
Shadowfacts 2019-05-20 20:05:54 -04:00
parent 3e4e2d1831
commit 68280cea8e
Signed by: shadowfacts
GPG Key ID: 94A5AB95422746E5
1 changed files with 58 additions and 36 deletions

View File

@ -1,49 +1,71 @@
defmodule FrenzyWeb.Plug.FervorAuthenticate do defmodule FrenzyWeb.Plug.FervorAuthenticate do
import Plug.Conn import Plug.Conn
alias Frenzy.{Repo, ApprovedClient, User} alias Frenzy.{Repo, User, ApprovedClient}
alias FrenzyWeb.Router.Helpers, as: Routes
alias FrenzyWeb.Endpoint
def init(opts), do: opts def init(opts), do: opts
def call(conn, _opts) do def call(conn, _opts) do
with {conn, authorization} when authorization != nil <- get_auth_header(conn),
{conn, access_token} when access_token != nil <- get_access_token(conn, authorization),
{conn, approved_client} when approved_client != nil <-
get_approved_client(conn, access_token) do
assign(conn, :user, Repo.get(User, approved_client.user_id))
else
{conn, _} ->
conn
end
end
defp get_auth_header(conn) do
case get_req_header(conn, "authorization") do case get_req_header(conn, "authorization") do
[authorization | _] -> [authorization | _] ->
case authorization do {conn, authorization}
"Bearer " <> access_token ->
case Repo.get_by(ApprovedClient, access_token: access_token) do
nil ->
conn
|> put_status(401)
|> Phoenix.Controller.json(%{
error: "Invalid authorization",
error_description: "The provided access token is not valid."
})
|> halt()
approved_client ->
assign(conn, :user, Repo.get(User, approved_client.user_id))
end
_ ->
conn
|> put_status(401)
|> Phoenix.Controller.json(%{
error: "Invalid authorization",
error_description:
"The provided Authorization header does notmatc the expected format."
})
|> halt()
end
_ -> _ ->
conn =
conn conn
|> put_status(401) |> put_status(401)
|> Phoenix.Controller.json(%{ |> Phoenix.Controller.json(%{
error: "Missing authorization", error: "Missing authorization",
error_description: "No Authorization header was provided." error_description: "No Authorization header was provided"
}) })
|> halt() |> halt()
{conn, nil}
end
end
defp get_access_token(conn, "Bearer " <> access_token), do: {conn, access_token}
defp get_access_token(conn, _authorization) do
conn =
conn
|> put_status(401)
|> Phoenix.Controller.json(%{
error: "Invalid authorization",
error_description: "The provided Authorization header does not match the expected format"
})
|> halt()
{conn, nil}
end
defp get_approved_client(conn, access_token) do
case Repo.get_by(ApprovedClient, access_token: access_token) do
nil ->
conn =
conn
|> put_status(400)
|> Phoenix.Controller.json(%{
error: "Invalid authorization",
error_description: "The provided access token is not valid"
})
|> halt()
{conn, nil}
approved_client ->
{conn, approved_client}
end end
end end
end end