This commit is contained in:
Chocobozzz 2019-08-13 08:43:37 +02:00 committed by Thomas Citharel
parent ac1dab0fc0
commit a007160480
No known key found for this signature in database
GPG key ID: A061B9DDE0CA0773
10 changed files with 85 additions and 93 deletions

View file

@ -19,7 +19,7 @@ config :mobilizon, MobilizonWeb.Endpoint,
config :logger, config :logger,
backends: [:console], backends: [:console],
compile_time_purge_level: :debug, compile_time_purge_level: :debug,
level: :debug level: :info
# Configure your database # Configure your database
config :mobilizon, Mobilizon.Repo, config :mobilizon, Mobilizon.Repo,

View file

@ -29,4 +29,4 @@ export function buildCurrentUserResolver(cache: ApolloCache<NormalizedCacheObjec
cache.writeData({ data }); cache.writeData({ data });
}, },
}; };
}; }

View file

@ -45,7 +45,7 @@ export default class AddressAutoComplete extends Vue {
this.data = result.data.searchAddress as IAddress[]; this.data = result.data.searchAddress as IAddress[];
} }
@Watch("selected") @Watch('selected')
updateSelected() { updateSelected() {
this.$emit('input', this.selected); this.$emit('input', this.selected);
} }

View file

@ -88,7 +88,7 @@
export default class NavBar extends Vue { export default class NavBar extends Vue {
notifications = [ notifications = [
{ header: 'Coucou' }, { header: 'Coucou' },
{ title: "T'as une notification", subtitle: 'Et elle est cool' }, { title: 'T\'as une notification', subtitle: 'Et elle est cool' },
]; ];
loggedPerson: IPerson | null = null; loggedPerson: IPerson | null = null;
config!: IConfig; config!: IConfig;

View file

@ -137,9 +137,9 @@ export default class CreateEvent extends Vue {
const obj = { const obj = {
organizerActorId: this.loggedPerson.id, organizerActorId: this.loggedPerson.id,
beginsOn: this.event.beginsOn.toISOString(), beginsOn: this.event.beginsOn.toISOString(),
tags: this.event.tags.map((tag: ITag) => tag.title) tags: this.event.tags.map((tag: ITag) => tag.title),
}; };
let res = Object.assign({}, this.event, obj); const res = Object.assign({}, this.event, obj);
if (this.event.physicalAddress) { if (this.event.physicalAddress) {
delete this.event.physicalAddress['__typename']; delete this.event.physicalAddress['__typename'];

View file

@ -64,7 +64,7 @@ export default class Validate extends Vue {
saveUserData({ validateUser: login }) { saveUserData({ validateUser: login }) {
localStorage.setItem(AUTH_USER_ID, login.user.id); localStorage.setItem(AUTH_USER_ID, login.user.id);
saveTokenData(login) saveTokenData(login);
} }
} }
</script> </script>

View file

@ -231,11 +231,11 @@ defmodule Mobilizon.Users do
""" """
def authenticate(%{user: user, password: password}) do def authenticate(%{user: user, password: password}) do
# Does password match the one stored in the database? # Does password match the one stored in the database?
case Argon2.verify_pass(password, user.password_hash) do with true <- Argon2.verify_pass(password, user.password_hash),
true ->
# Yes, create and return the token # Yes, create and return the token
with {:ok, tokens} <- generate_tokens(user), do: {:ok, tokens} {:ok, tokens} <- generate_tokens(user) do
{:ok, tokens}
else
_ -> _ ->
# No, return an error # No, return an error
{:error, :unauthorized} {:error, :unauthorized}
@ -252,22 +252,16 @@ defmodule Mobilizon.Users do
end end
end end
def generate_access_token(user) do defp generate_access_token(user) do
with {:ok, access_token, _claims} <- with {:ok, access_token, _claims} <-
MobilizonWeb.Guardian.encode_and_sign(user, %{}, MobilizonWeb.Guardian.encode_and_sign(user, %{}, token_type: "access") do
token_type: "access",
ttl: {5, :seconds}
) do
{:ok, access_token} {:ok, access_token}
end end
end end
def generate_refresh_token(user) do def generate_refresh_token(user) do
with {:ok, refresh_token, _claims} <- with {:ok, refresh_token, _claims} <-
MobilizonWeb.Guardian.encode_and_sign(user, %{}, MobilizonWeb.Guardian.encode_and_sign(user, %{}, token_type: "refresh") do
token_type: "refresh",
ttl: {30, :days}
) do
{:ok, refresh_token} {:ok, refresh_token}
end end
end end

View file

@ -89,9 +89,7 @@ defmodule MobilizonWeb.Resolvers.User do
) do ) do
with {:ok, user, _claims} <- MobilizonWeb.Guardian.resource_from_token(refresh_token), with {:ok, user, _claims} <- MobilizonWeb.Guardian.resource_from_token(refresh_token),
{:ok, _old, {exchanged_token, _claims}} <- {:ok, _old, {exchanged_token, _claims}} <-
MobilizonWeb.Guardian.exchange(refresh_token, ["access", "refresh"], "access", MobilizonWeb.Guardian.exchange(refresh_token, ["access", "refresh"], "access"),
ttl: {1, :days}
),
{:ok, refresh_token} <- Users.generate_refresh_token(user) do {:ok, refresh_token} <- Users.generate_refresh_token(user) do
{:ok, %{access_token: exchanged_token, refresh_token: refresh_token}} {:ok, %{access_token: exchanged_token, refresh_token: refresh_token}}
else else

View file

@ -68,7 +68,7 @@ defmodule Mobilizon.UsersTest do
test "authenticate/1 checks the user's password" do test "authenticate/1 checks the user's password" do
{:ok, %User{} = user} = Users.register(%{email: @email, password: @password}) {:ok, %User{} = user} = Users.register(%{email: @email, password: @password})
assert {:ok, _, _} = Users.authenticate(%{user: user, password: @password}) assert {:ok, _} = Users.authenticate(%{user: user, password: @password})
assert {:error, :unauthorized} == assert {:error, :unauthorized} ==
Users.authenticate(%{user: user, password: "bad password"}) Users.authenticate(%{user: user, password: "bad password"})