Add logging out

lib/frenzy/user.ex

@@ -29,17 +29,39 @@ defmodule Frenzy.User do
     |> validate_length(:password, min: 8)
     |> validate_length(:fever_password, min: 8)
     |> put_password_hash()
+    |> put_fever_token()
+  end
+
+  def change_password_changeset(user, attrs) do
+    user
+    |> cast(attrs, [:password])
+    |> validate_length(:password, min: 8)
+    |> put_password_hash()
+  end
+
+  def change_fever_password_changeset(user, attrs) do
+    user
+    |> cast(attrs, [:username, :fever_password])
+    |> validate_length(:fever_password, min: 8)
+    |> put_fever_token()
   end
 
   defp put_password_hash(
+         %Ecto.Changeset{valid?: true, changes: %{password: password}} = changeset
+       ) do
+    change(changeset, Bcrypt.add_hash(password))
+  end
+
+  defp put_fever_token(
          %Ecto.Changeset{
            valid?: true,
-           changes: %{username: username, password: password, fever_password: fever_password}
+           changes: %{fever_password: fever_password}
          } = changeset
        ) do
-    changeset
+    username = Map.get(changeset.changes, "username") || changeset.data.username
-    |> change(Bcrypt.add_hash(password))
+    IO.inspect(username)
-    |> change(%{
+
+    change(changeset, %{
       fever_auth_token:
         :crypto.hash(:md5, "#{username}:#{fever_password}") |> Base.encode16(case: :lower)
     })

lib/frenzy_web/controllers/account_controller.ex

@@ -0,0 +1,105 @@
+defmodule FrenzyWeb.AccountController do
+  use FrenzyWeb, :controller
+  alias Frenzy.{Repo, User, FervorClient}
+  alias FrenzyWeb.Router.Helpers, as: Routes
+  alias FrenzyWeb.Endpoint
+
+  def show(conn, _params) do
+    user = conn.assigns[:user] |> Repo.preload(:approved_clients)
+
+    clients =
+      user.approved_clients
+      |> Enum.map(fn approved_client ->
+        fervor_client = Repo.get_by(FervorClient, client_id: approved_client.client_id)
+        {approved_client, fervor_client}
+      end)
+
+    render(conn, "show.html", %{
+      user: user,
+      clients: clients
+    })
+  end
+
+  def change_password(conn, _params) do
+    render(conn, "change_password.html")
+  end
+
+  def do_change_password(conn, %{
+        "old_password" => old,
+        "new_password" => new,
+        "confirm_new_password" => confirm
+      }) do
+    user = conn.assigns[:user] |> Repo.preload([:approved_clients, :groups])
+
+    case Bcrypt.check_pass(user, old) do
+      {:ok, user} ->
+        case new do
+          ^old ->
+            conn
+            |> put_flash(:error, "New password cannot be the same as old password.")
+            |> redirect(to: Routes.account_path(Endpoint, :change_password))
+
+          ^confirm ->
+            changeset = User.change_password_changeset(user, %{password: new})
+
+            {:ok, user} = Repo.update(changeset)
+
+            conn
+            |> put_flash(:info, "Password changed.")
+            |> redirect(to: Routes.account_path(Endpoint, :show))
+
+          _ ->
+            conn
+            |> put_flash(:error, "New password and confirmation did not match.")
+            |> redirect(to: Routes.account_path(Endpoint, :change_password))
+        end
+
+      {:error, _reason} ->
+        conn
+        |> put_flash(:error, "Invalid old password.")
+        |> redirect(to: Routes.account_path(Endpoint, :change_password))
+    end
+  end
+
+  def do_change_password(conn, _params) do
+    redirect(conn, to: Routes.account_path(Endpoint, :change_password))
+  end
+
+  def change_fever_password(conn, _params) do
+    render(conn, "change_fever_password.html")
+  end
+
+  def do_change_fever_password(conn, %{
+        "new_password" => new
+      }) do
+    user = conn.assigns[:user] |> Repo.preload([:approved_clients, :groups])
+
+    changeset =
+      User.change_fever_password_changeset(user, %{
+        username: user.username,
+        fever_password: new
+      })
+
+    {:ok, user} = Repo.update(changeset)
+
+    conn
+    |> put_flash(:info, "Fever password changed.")
+    |> redirect(to: Routes.account_path(Endpoint, :show))
+  end
+
+  def do_change_fever_password(conn, _params) do
+    redirect(conn, to: Routes.account_path(Endpoint, :change_fever_password))
+  end
+
+  def remove_client(conn, %{"client_id" => client_id}) do
+    user = conn.assigns[:user] |> Repo.preload(:approved_clients)
+
+    approved_client = Enum.find(user.approved_clients, fn c -> c.client_id == client_id end)
+
+    unless is_nil(approved_client) do
+      {:ok, _} = Repo.delete(approved_client)
+    end
+
+    redirect(conn, to: Routes.account_path(Endpoint, :show))
+  end
+end

lib/frenzy_web/controllers/feed_controller.ex

@@ -26,7 +26,7 @@ defmodule FrenzyWeb.FeedController do
   defp user_owns_feed(conn, _opts), do: conn
 
   def show(conn, %{"id" => id}) do
-    feed = conn.assigns[:feed]
+    feed = conn.assigns[:feed] |> Repo.preload(:filter)
     items = Repo.all(from Item, where: [feed_id: ^id, tombstone: false], order_by: [desc: :date])
 
     render(conn, "show.html", %{

lib/frenzy_web/controllers/login_controller.ex

@@ -11,8 +11,6 @@ defmodule FrenzyWeb.LoginController do
     })
   end
 
-  @error_message "Invalid username or password"
-
   def login_post(conn, %{"username" => username, "password" => password} = params) do
     user = Repo.get_by(User, username: username)
 
@@ -26,8 +24,15 @@ defmodule FrenzyWeb.LoginController do
 
       {:error, _reason} ->
         conn
-        |> put_flash(:error, @error_message)
+        |> put_flash(:error, "Invalid username or password.")
         |> redirect(to: Routes.login_path(Endpoint, :login))
     end
   end
+
+  def logout(conn, params) do
+    conn
+    |> put_flash(:info, "Logged out.")
+    |> clear_session()
+    |> redirect(to: "/")
+  end
 end

lib/frenzy_web/controllers/page_controller.ex

@@ -1,7 +0,0 @@
-defmodule FrenzyWeb.PageController do
-  use FrenzyWeb, :controller
-
-  def index(conn, _params) do
-    render(conn, "index.html")
-  end
-end

lib/frenzy_web/router.ex

@@ -27,6 +27,8 @@ defmodule FrenzyWeb.Router do
     get "/login", LoginController, :login
     post "/login", LoginController, :login_post
 
+    get "/logout", LoginController, :logout
+
     get "/oauth/authorize", Fervor.OauthController, :authorize_get
     post "/oauth/authorize", Fervor.OauthController, :authorize_post
   end
@@ -35,6 +37,13 @@ defmodule FrenzyWeb.Router do
     pipe_through :browser
     pipe_through :browser_authenticate
 
+    get "/account", AccountController, :show
+    get "/account/change_password", AccountController, :change_password
+    post "/account/change_password", AccountController, :do_change_password
+    get "/account/change_fever_password", AccountController, :change_fever_password
+    post "/account/change_fever_password", AccountController, :do_change_fever_password
+    post "/account/remove_client", AccountController, :remove_client
+
     get "/", GroupController, :index
     resources "/groups", GroupController, except: [:edit, :update]
 

lib/frenzy_web/templates/account/change_fever_password.html.eex

@@ -0,0 +1,11 @@
+<h2>Change Fever Password</h2>
+
+<%= form_tag Routes.account_path(@conn, :do_change_fever_password), method: :post do %>
+  <div class="form-group">
+    <label for="new_password">New Fever Password</label>
+    <input type="password" name="new_password" id="new_password" minlength="8">
+  </div>
+  <div class="form-group">
+    <%= submit "Change Fever Password" %>
+  </div>
+<% end %>

lib/frenzy_web/templates/account/change_password.html.eex

@@ -0,0 +1,19 @@
+<h2>Change Password</h2>
+
+<%= form_tag Routes.account_path(@conn, :do_change_password), method: :post do %>
+  <div class="form-group">
+    <label for="old_password">Old Password</label>
+    <input type="password" name="old_password" id="old_password" minlength="8">
+  </div>
+  <div class="form-group">
+    <label for="new_password">New Password</label>
+    <input type="password" name="new_password" id="new_password" minlength="8">
+  </div>
+  <div class="form-group">
+    <label for="confirm_new_password">Confirm New Password</label>
+    <input type="password" name="confirm_new_password" id="confirm_new_password" minlength="8">
+  </div>
+  <div class="form-group">
+    <%= submit "Change Password" %>
+  </div>
+<% end %>

lib/frenzy_web/templates/account/show.html.eex

@@ -0,0 +1,32 @@
+<h1>User Settings</h1>
+<h2><%= @user.username %></h2>
+
+<a href="<%= Routes.account_path(@conn, :change_password) %>" class="button">Change Password</a>
+
+<a href="<%= Routes.account_path(@conn, :change_fever_password) %>" class="button">Change Fever Password</a>
+
+<h2>Approved Clients</h2>
+
+<table>
+  <tr>
+    <th>Client</th>
+    <th>Revoke Access</th>
+  </tr>
+  <%= for {approved, fervor} <- @clients do %>
+    <tr>
+      <td>
+        <%= if fervor.website do %>
+          <a href="<%= fervor.website %>"><%= fervor.client_name %></a>
+        <% else %>
+          <%= fervor.client_name %>
+        <% end %>
+      </td>
+      <td>
+        <%= form_tag Routes.account_path(@conn, :remove_client), method: :post do %>
+          <input type="hidden" name="client_id" value="<%= approved.client_id %>">
+          <%= submit "Revoke" %>
+        <% end %>
+      </td>
+    </tr>
+  <% end %>
+</table>

lib/frenzy_web/templates/layout/app.html.eex

@@ -13,6 +13,10 @@
         <nav role="navigation">
           <ul>
             <li><a href="/">Frenzy</a></li>
+            <%= unless is_nil(@conn.assigns[:user]) do %>
+              <li><a href="<%= Routes.account_path(@conn, :show) %>">Account</a></li>
+              <li><a href="<%= Routes.login_path(@conn, :logout) %>">Log Out</a></li>
+            <% end %>
           </ul>
         </nav>
       </section>

lib/frenzy_web/templates/page/index.html.eex

@@ -1,35 +0,0 @@
-<section class="phx-hero">
-  <h1><%= gettext "Welcome to %{name}!", name: "Phoenix" %></h1>
-  <p>A productive web framework that<br/>does not compromise speed and maintainability.</p>
-</section>
-
-<section class="row">
-  <article class="column">
-    <h2>Resources</h2>
-    <ul>
-      <li>
-        <a href="https://hexdocs.pm/phoenix/overview.html">Guides &amp; Docs</a>
-      </li>
-      <li>
-        <a href="https://github.com/phoenixframework/phoenix">Source</a>
-      </li>
-      <li>
-        <a href="https://github.com/phoenixframework/phoenix/blob/v1.4/CHANGELOG.md">v1.4 Changelog</a>
-      </li>
-    </ul>
-  </article>
-  <article class="column">
-    <h2>Help</h2>
-    <ul>
-      <li>
-        <a href="https://elixirforum.com/c/phoenix-forum">Forum</a>
-      </li>
-      <li>
-        <a href="https://webchat.freenode.net/?channels=elixir-lang">#elixir-lang on Freenode IRC</a>
-      </li>
-      <li>
-        <a href="https://twitter.com/elixirphoenix">Twitter @elixirphoenix</a>
-      </li>
-    </ul>
-  </article>
-</section>

lib/frenzy_web/views/account_view.ex

@@ -0,0 +1,3 @@
+defmodule FrenzyWeb.AccountView do
+  use FrenzyWeb, :view
+end

lib/frenzy_web/views/page_view.ex

@@ -1,3 +0,0 @@
-defmodule FrenzyWeb.PageView do
-  use FrenzyWeb, :view
-end