67 lines
1.8 KiB
Elixir
67 lines
1.8 KiB
Elixir
defmodule PhoenixPasskeysWeb.UserResetPasswordController do
|
|
use PhoenixPasskeysWeb, :controller
|
|
|
|
alias PhoenixPasskeys.Accounts
|
|
|
|
plug :get_user_by_reset_password_token when action in [:edit, :update]
|
|
|
|
def new(conn, _params) do
|
|
render(conn, :new)
|
|
end
|
|
|
|
def create(conn, %{"user" => %{"email" => email}}) do
|
|
if user = Accounts.get_user_by_email(email) do
|
|
Accounts.deliver_user_reset_password_instructions(
|
|
user,
|
|
&url(~p"/users/reset_password/#{&1}")
|
|
)
|
|
end
|
|
|
|
conn
|
|
|> put_flash(
|
|
:info,
|
|
"If your email is in our system, you will receive instructions to reset your passkey shortly."
|
|
)
|
|
|> redirect(to: ~p"/")
|
|
end
|
|
|
|
def edit(conn, _params) do
|
|
render(conn, :edit)
|
|
end
|
|
|
|
# Do not log in the user after reset password to avoid a
|
|
# leaked token giving the user access to the account.
|
|
def update(conn, %{
|
|
"credential_id" => credential_id,
|
|
"public_key_spki" => public_key_spki
|
|
}) do
|
|
credential_id = Base.decode64!(credential_id)
|
|
public_key_spki = Base.decode64!(public_key_spki)
|
|
|
|
case Accounts.reset_user_credentials(conn.assigns.user, credential_id, public_key_spki) do
|
|
:ok ->
|
|
conn
|
|
|> put_flash(:info, "Passkey reset successfully.")
|
|
|> json(%{status: :ok})
|
|
|
|
{:error, _} ->
|
|
conn
|
|
|> put_flash(:error, "Error resetting passkey")
|
|
|> json(%{status: :error})
|
|
end
|
|
end
|
|
|
|
defp get_user_by_reset_password_token(conn, _opts) do
|
|
%{"token" => token} = conn.params
|
|
|
|
if user = Accounts.get_user_by_reset_password_token(token) do
|
|
conn |> assign(:user, user) |> assign(:token, token)
|
|
else
|
|
conn
|
|
|> put_flash(:error, "Reset password link is invalid or it has expired.")
|
|
|> redirect(to: ~p"/")
|
|
|> halt()
|
|
end
|
|
end
|
|
end
|