ash-project/ash_hq
1
0
Fork 0
mirror of https://github.com/ash-project/ash_hq.git synced 2024-09-19 12:53:49 +12:00
Code Issues Projects Releases Packages Wiki Activity

improvement: wrap up authentication changes

Browse source
This commit is contained in:
Zach Daniel 2023-01-13 15:14:14 -05:00
parent 0b548f609c
commit 619f43e88b
10 changed files with 205 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
Dockerfile
View file

@ -6,7 +6,11 @@ RUN apt-get install -y wget
RUN wget https://packages.erlang-solutions.com/erlang-solutions_2.0_all.deb
RUN dpkg -i erlang-solutions_2.0_all.deb
RUN apt-get update
RUN apt-get install -y git gcc g++ make curl
RUN apt-get install -y git
RUN apt-get install -y gcc
RUN apt-get install -y g++
RUN apt-get install -y make
RUN apt-get install -y curl
RUN apt-get install -y build-essential
RUN apt-get install -y esl-erlang
RUN curl -sL https://deb.nodesource.com/setup_16.x | bash -

15
config/runtime.exs
View file

@ -13,21 +13,14 @@ if System.get_env("PHX_SERVER") && System.get_env("RELEASE_NAME") do
end
config :ash_hq, :github,
client_id: System.fetch_env("GITHUB_CLIENT_ID"),
client_secret: System.fetch_env("GITHUB_CLIENT_SECRET"),
redirect_uri: System.fetch_env("GITHUB_REDIRECT_URI")
client_id: System.get_env("GITHUB_CLIENT_ID"),
client_secret: System.get_env("GITHUB_CLIENT_SECRET"),
redirect_uri: System.get_env("GITHUB_REDIRECT_URI")
host = System.get_env("PHX_HOST") || "localhost"
port = String.to_integer(System.get_env("PORT") || "4000")
ash_hq_url =
case port do
443 -> "https://#{host}"
80 -> "http://#{host}"
port -> "http://#{host}:#{port}"
end
config :ash_hq, url: ash_hq_url
config :ash_hq, url: System.get_env("ASH_HQ_URL") || "http://localhost:4000"
if config_env() == :prod do
database_url =

22
lib/ash_hq/accounts/resources/user/senders/send_confirmation_email.ex
View file

@ -6,16 +6,18 @@ defmodule AshHq.Accounts.User.Senders.SendConfirmationEmail do
use AshHqWeb, :verified_routes
def send(user, token, opts) do
if opts[:changeset] && opts[:changeset].action.name == :update_email do
AshHq.Accounts.Emails.deliver_update_email_instructions(
%{user | email: Ash.Changeset.get_attribute(opts[:changeset], :email)},
AshHqWeb.Routes.url(~p"/auth/user/confirm?confirm=#{token}")
)
else
AshHq.Accounts.Emails.deliver_confirmation_instructions(
user,
AshHqWeb.Routes.url(~p"/auth/user/confirm?confirm=#{token}")
)
unless user.confirmed_at do
if opts[:changeset] && opts[:changeset].action.name == :update_email do
AshHq.Accounts.Emails.deliver_update_email_instructions(
%{user | email: Ash.Changeset.get_attribute(opts[:changeset], :email)},
url(~p"/auth/user/confirm?confirm=#{token}")
)
else
AshHq.Accounts.Emails.deliver_confirmation_instructions(
user,
url(~p"/auth/user/confirm?confirm=#{token}")
)
end
end
end
end

21
lib/ash_hq/accounts/resources/user/user.ex
View file

@ -59,9 +59,10 @@ defmodule AshHq.Accounts.User do
attribute(:hashed_password, :string, private?: true, sensitive?: true)
attribute(:encrypted_name, AshHq.Types.EncryptedString)
attribute(:encrypted_address, AshHq.Types.EncryptedString)
attribute(:shirt_size, :string)
attribute :encrypted_name, AshHq.Types.EncryptedString
attribute :encrypted_address, AshHq.Types.EncryptedString
attribute :shirt_size, :string
attribute :github_info, :map
create_timestamp(:created_at)
update_timestamp(:updated_at)
@ -126,15 +127,19 @@ defmodule AshHq.Accounts.User do
changeset =
if user_info["email_verified"] do
Ash.Changeset.change_new_attribute_lazy(changeset, :confirmed_at, fn ->
DateTime.utc_now()
end)
Ash.Changeset.force_change_attribute(
changeset,
:confirmed_at,
Ash.Changeset.get_attribute(changeset, :confirmed_at) || DateTime.utc_now()
)
else
changeset
end
Ash.Changeset.change_attributes(changeset, Map.take(user_info, ["email"]))
end)
changeset
|> Ash.Changeset.change_attribute(:email, Map.get(user_info, "email"))
|> Ash.Changeset.change_attribute(:github_info, user_info)
end
change(AshAuthentication.GenerateTokenChange)
upsert?(true)

16
lib/ash_hq/accounts/resources/user/validations/validate_current_password.ex
View file

@ -11,12 +11,22 @@ defmodule AshHq.Accounts.User.Validations.ValidateCurrentPassword do
def validate(changeset, opts) do
strategy = AshAuthentication.Info.strategy!(changeset.resource, :password)
plaintext_password = Ash.Changeset.get_argument(changeset, opts[:argument])
hashed_password = Map.get(changeset.data, strategy.hashed_password_field)
if strategy.hash_provider.valid?(plaintext_password, hashed_password) do
:ok
if hashed_password do
if strategy.hash_provider.valid?(plaintext_password, hashed_password) do
:ok
else
{:error, [field: opts[:argument], message: "is incorrect"]}
end
else
{:error, [field: opts[:argument], message: "is incorrect"]}
{:error,
[
field: opts[:argument],
message:
"has not been set. If you logged in with github and would like to set a password, please log out and use the forgot password flow."
]}
end
end
end

5
mix.exs
View file

@ -45,7 +45,10 @@ defmodule AshHq.MixProject do
{:ash_phoenix, github: "ash-project/ash_phoenix", override: true},
{:ash_graphql, github: "ash-project/ash_graphql"},
{:ash_json_api, github: "ash-project/ash_json_api"},
{:ash_authentication, github: "team-alembic/ash_authentication", override: true},
{:ash_authentication,
branch: "set-confirmed-field-to-nil",
github: "team-alembic/ash_authentication",
override: true},
{:ash_authentication_phoenix, github: "team-alembic/ash_authentication_phoenix"},
{:absinthe_plug, "~> 1.5"},
{:ash_blog, github: "ash-project/ash_blog"},

2
mix.lock
View file

@ -3,7 +3,7 @@
"absinthe_plug": {:hex, :absinthe_plug, "1.5.8", "38d230641ba9dca8f72f1fed2dfc8abd53b3907d1996363da32434ab6ee5d6ab", [:mix], [{:absinthe, "~> 1.5", [hex: :absinthe, repo: "hexpm", optional: false]}, {:plug, "~> 1.4", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "bbb04176647b735828861e7b2705465e53e2cf54ccf5a73ddd1ebd855f996e5a"},
"ash": {:git, "https://github.com/ash-project/ash.git", "1eaeacc7486e50d70138baaf65133cef5e8b5869", []},
"ash_admin": {:git, "https://github.com/ash-project/ash_admin.git", "cdb3b469abeeadddda884e7cfcf67c6fea10f9ef", []},
"ash_authentication": {:git, "https://github.com/team-alembic/ash_authentication.git", "161c8ab7e8a9bb38955b6c1872246e065327ce62", []},
"ash_authentication": {:git, "https://github.com/team-alembic/ash_authentication.git", "5acbaeeb9c53f9953f5018dd59aff8176561460f", [branch: "set-confirmed-field-to-nil"]},
"ash_authentication_phoenix": {:git, "https://github.com/team-alembic/ash_authentication_phoenix.git", "fbe5272f874532b3119033ddb1dfb49d71f7b571", []},
"ash_blog": {:git, "https://github.com/ash-project/ash_blog.git", "9254773dfedabfc7987af6326a62885c24c3655b", []},
"ash_csv": {:git, "https://github.com/ash-project/ash_csv.git", "77187f6e4505ed4d88598bf87e56983a6a74a456", []},

4
priv/repo/migrations/20230110202444_migrate_resources36.exs
View file

@ -12,6 +12,10 @@ defmodule AshHq.Repo.Migrations.MigrateResources36 do
modify(:hashed_password, :text, null: false)
end
execute("""
DELETE FROM user_tokens
""")
alter table(:user_tokens) do
remove(:sent_to)
remove(:context)

21
priv/repo/migrations/20230113172048_migrate_resources39.exs Normal file
View file

@ -0,0 +1,21 @@
defmodule AshHq.Repo.Migrations.MigrateResources39 do
@moduledoc """
Updates resources based on their most recent snapshots.
This file was autogenerated with `mix ash_postgres.generate_migrations`
"""
use Ecto.Migration
def up do
alter table(:users) do
add :github_info, :map
end
end
def down do
alter table(:users) do
remove :github_info
end
end
end

128
priv/resource_snapshots/repo/users/20230113172048.json Normal file
View file

@ -0,0 +1,128 @@
{
"attributes": [
{
"allow_nil?": true,
"default": "nil",
"generated?": false,
"primary_key?": false,
"references": null,
"size": null,
"source": "confirmed_at",
"type": "utc_datetime_usec"
},
{
"allow_nil?": false,
"default": "fragment(\"uuid_generate_v4()\")",
"generated?": false,
"primary_key?": true,
"references": null,
"size": null,
"source": "id",
"type": "uuid"
},
{
"allow_nil?": false,
"default": "nil",
"generated?": false,
"primary_key?": false,
"references": null,
"size": null,
"source": "email",
"type": "citext"
},
{
"allow_nil?": true,
"default": "nil",
"generated?": false,
"primary_key?": false,
"references": null,
"size": null,
"source": "hashed_password",
"type": "text"
},
{
"allow_nil?": true,
"default": "nil",
"generated?": false,
"primary_key?": false,
"references": null,
"size": null,
"source": "encrypted_name",
"type": "binary"
},
{
"allow_nil?": true,
"default": "nil",
"generated?": false,
"primary_key?": false,
"references": null,
"size": null,
"source": "encrypted_address",
"type": "binary"
},
{
"allow_nil?": true,
"default": "nil",
"generated?": false,
"primary_key?": false,
"references": null,
"size": null,
"source": "shirt_size",
"type": "text"
},
{
"allow_nil?": true,
"default": "nil",
"generated?": false,
"primary_key?": false,
"references": null,
"size": null,
"source": "github_info",
"type": "map"
},
{
"allow_nil?": false,
"default": "fragment(\"now()\")",
"generated?": false,
"primary_key?": false,
"references": null,
"size": null,
"source": "created_at",
"type": "utc_datetime_usec"
},
{
"allow_nil?": false,
"default": "fragment(\"now()\")",
"generated?": false,
"primary_key?": false,
"references": null,
"size": null,
"source": "updated_at",
"type": "utc_datetime_usec"
}
],
"base_filter": null,
"check_constraints": [],
"custom_indexes": [],
"custom_statements": [],
"has_create_action": true,
"hash": "CB7522839475CBE799813743839F72DE5C1E50FDAFD2838663B6585BDCD79CDD",
"identities": [
{
"base_filter": null,
"index_name": "users_unique_email_index",
"keys": [
"email"
],
"name": "unique_email"
}
],
"multitenancy": {
"attribute": null,
"global": null,
"strategy": null
},
"repo": "Elixir.AshHq.Repo",
"schema": null,
"table": "users"
}