mirror of
https://github.com/team-alembic/ash_authentication.git
synced 2024-09-19 12:52:55 +12:00
fix(Confirmation): correctly generate confirmation token subjects. (#124)
This commit is contained in:
parent
947a4c7283
commit
500ea353a8
5 changed files with 17 additions and 16 deletions
|
@ -97,7 +97,7 @@ defmodule AshAuthentication.AddOn.Confirmation do
|
|||
provider: :confirmation,
|
||||
name: :confirm
|
||||
|
||||
alias Ash.Changeset
|
||||
alias Ash.{Changeset, Resource}
|
||||
alias AshAuthentication.{AddOn.Confirmation, Jwt}
|
||||
|
||||
@type t :: %Confirmation{
|
||||
|
@ -120,14 +120,14 @@ defmodule AshAuthentication.AddOn.Confirmation do
|
|||
This will generate a token with the `"act"` claim set to the confirmation
|
||||
action for the strategy, and the `"chg"` claim will contain any changes.
|
||||
"""
|
||||
@spec confirmation_token(Confirmation.t(), Changeset.t()) ::
|
||||
@spec confirmation_token(Confirmation.t(), Changeset.t(), Resource.record()) ::
|
||||
{:ok, String.t()} | :error | {:error, any}
|
||||
def confirmation_token(strategy, changeset) do
|
||||
def confirmation_token(strategy, changeset, user) do
|
||||
claims = %{"act" => strategy.confirm_action_name}
|
||||
token_lifetime = strategy.token_lifetime * 3600
|
||||
|
||||
with {:ok, token, _claims} <-
|
||||
Jwt.token_for_user(changeset.data, claims, token_lifetime: token_lifetime),
|
||||
Jwt.token_for_user(user, claims, token_lifetime: token_lifetime),
|
||||
:ok <- Confirmation.Actions.store_changes(strategy, token, changeset) do
|
||||
{:ok, token}
|
||||
end
|
||||
|
|
|
@ -74,7 +74,7 @@ defmodule AshAuthentication.AddOn.Confirmation.ConfirmationHookChange do
|
|||
changeset
|
||||
|> Changeset.after_action(fn _changeset, user ->
|
||||
strategy
|
||||
|> Confirmation.confirmation_token(original_changeset)
|
||||
|> Confirmation.confirmation_token(original_changeset, user)
|
||||
|> case do
|
||||
{:ok, token} ->
|
||||
{sender, send_opts} = strategy.sender
|
||||
|
|
|
@ -16,7 +16,7 @@ defmodule AshAuthentication.AddOn.Confirmation.ActionsTest do
|
|||
user
|
||||
|> Changeset.for_update(:update, %{"username" => username()})
|
||||
|
||||
{:ok, token} = Confirmation.confirmation_token(strategy, changeset)
|
||||
{:ok, token} = Confirmation.confirmation_token(strategy, changeset, user)
|
||||
|
||||
Example.Repo.delete!(user)
|
||||
|
||||
|
@ -40,7 +40,7 @@ defmodule AshAuthentication.AddOn.Confirmation.ActionsTest do
|
|||
user
|
||||
|> Changeset.for_update(:update, %{"username" => new_username})
|
||||
|
||||
{:ok, token} = Confirmation.confirmation_token(strategy, changeset)
|
||||
{:ok, token} = Confirmation.confirmation_token(strategy, changeset, user)
|
||||
|
||||
assert {:ok, confirmed_user} = Actions.confirm(strategy, %{"confirm" => token}, [])
|
||||
|
||||
|
|
|
@ -7,7 +7,7 @@ defmodule AshAuthentication.AddOn.ConfirmationTest do
|
|||
|
||||
doctest Confirmation
|
||||
|
||||
describe "confirmation_token/2" do
|
||||
describe "confirmation_token/3" do
|
||||
test "it generates a confirmation token" do
|
||||
{:ok, strategy} = Info.strategy(Example.User, :confirm)
|
||||
user = build_user()
|
||||
|
@ -15,9 +15,10 @@ defmodule AshAuthentication.AddOn.ConfirmationTest do
|
|||
new_username = username()
|
||||
changeset = Changeset.for_update(user, :update, %{"username" => new_username})
|
||||
|
||||
assert {:ok, token} = Confirmation.confirmation_token(strategy, changeset)
|
||||
assert {:ok, token} = Confirmation.confirmation_token(strategy, changeset, user)
|
||||
assert {:ok, claims} = Jwt.peek(token)
|
||||
assert claims["act"] == to_string(strategy.confirm_action_name)
|
||||
assert claims["sub"] == to_string("user?id=#{user.id}")
|
||||
end
|
||||
|
||||
test "it stores changes in the token resource" do
|
||||
|
@ -27,10 +28,9 @@ defmodule AshAuthentication.AddOn.ConfirmationTest do
|
|||
new_username = username()
|
||||
changeset = Changeset.for_update(user, :update, %{"username" => new_username})
|
||||
|
||||
assert {:ok, token} = Confirmation.confirmation_token(strategy, changeset)
|
||||
assert {:ok, token} = Confirmation.confirmation_token(strategy, changeset, user)
|
||||
assert {:ok, claims} = Jwt.peek(token)
|
||||
assert {:ok, changes} = Confirmation.Actions.get_changes(strategy, claims["jti"])
|
||||
|
||||
assert [{"username", new_username}] == Enum.to_list(changes)
|
||||
end
|
||||
|
||||
|
@ -41,9 +41,8 @@ defmodule AshAuthentication.AddOn.ConfirmationTest do
|
|||
new_username = username()
|
||||
changeset = Changeset.for_update(user, :update, %{"username" => new_username})
|
||||
|
||||
assert {:ok, token} = Confirmation.confirmation_token(strategy, changeset)
|
||||
assert {:ok, token} = Confirmation.confirmation_token(strategy, changeset, user)
|
||||
assert {:ok, claims} = Jwt.peek(token)
|
||||
|
||||
refute Map.has_key?(claims, "chg")
|
||||
end
|
||||
end
|
||||
|
@ -55,7 +54,7 @@ defmodule AshAuthentication.AddOn.ConfirmationTest do
|
|||
new_username = username()
|
||||
changeset = Changeset.for_update(user, :update, %{"username" => new_username})
|
||||
|
||||
assert {:ok, token} = Confirmation.confirmation_token(strategy, changeset)
|
||||
assert {:ok, token} = Confirmation.confirmation_token(strategy, changeset, user)
|
||||
token
|
||||
end
|
||||
|
||||
|
|
|
@ -20,7 +20,8 @@ defmodule AshAuthentication.AddOn.Confirmation.PlugTest do
|
|||
{:ok, token} =
|
||||
Confirmation.confirmation_token(
|
||||
strategy,
|
||||
Changeset.for_update(user, :update, %{"username" => username()})
|
||||
Changeset.for_update(user, :update, %{"username" => username()}),
|
||||
user
|
||||
)
|
||||
|
||||
Example.Repo.delete!(user)
|
||||
|
@ -63,7 +64,8 @@ defmodule AshAuthentication.AddOn.Confirmation.PlugTest do
|
|||
{:ok, token} =
|
||||
Confirmation.confirmation_token(
|
||||
strategy,
|
||||
Changeset.for_update(user, :update, %{"username" => username()})
|
||||
Changeset.for_update(user, :update, %{"username" => username()}),
|
||||
user
|
||||
)
|
||||
|
||||
params = %{
|
||||
|
|
Loading…
Reference in a new issue