chore(AshAuthenticationPhoenix): added library and updated ressources testing password strategy

2025-06-03 08:39:28 +02:00 · 2025-06-03 08:39:28 +02:00 · 192ceaed45
commit 192ceaed45
parent f154eea055
24 changed files with 682 additions and 25 deletions
--- a/lib/mv_web/auth_overrides.ex
+++ b/lib/mv_web/auth_overrides.ex
@ -0,0 +1,20 @@
+defmodule MvWeb.AuthOverrides do
+  use AshAuthentication.Phoenix.Overrides
+
+  # configure your UI overrides here
+
+  # First argument to `override` is the component name you are overriding.
+  # The body contains any number of configurations you wish to override
+  # Below are some examples
+
+  # For a complete reference, see https://hexdocs.pm/ash_authentication_phoenix/ui-overrides.html
+
+  # override AshAuthentication.Phoenix.Components.Banner do
+  #   set :image_url, "https://media.giphy.com/media/g7GKcSzwQfugw/giphy.gif"
+  #   set :text_class, "bg-red-500"
+  # end
+
+  # override AshAuthentication.Phoenix.Components.SignIn do
+  #  set :show_banner, false
+  # end
+end
--- a/lib/mv_web/controllers/auth_controller.ex
+++ b/lib/mv_web/controllers/auth_controller.ex
@ -0,0 +1,55 @@
+defmodule MvWeb.AuthController do
+  use MvWeb, :controller
+  use AshAuthentication.Phoenix.Controller
+
+  def success(conn, activity, user, _token) do
+    return_to = get_session(conn, :return_to) || ~p"/"
+
+    message =
+      case activity do
+        {:confirm_new_user, :confirm} -> "Your email address has now been confirmed"
+        {:password, :reset} -> "Your password has successfully been reset"
+        _ -> "You are now signed in"
+      end
+
+    conn
+    |> delete_session(:return_to)
+    |> store_in_session(user)
+    # If your resource has a different name, update the assign name here (i.e :current_admin)
+    |> assign(:current_user, user)
+    |> put_flash(:info, message)
+    |> redirect(to: return_to)
+  end
+
+  def failure(conn, activity, reason) do
+    message =
+      case {activity, reason} do
+        {_,
+         %AshAuthentication.Errors.AuthenticationFailed{
+           caused_by: %Ash.Error.Forbidden{
+             errors: [%AshAuthentication.Errors.CannotConfirmUnconfirmedUser{}]
+           }
+         }} ->
+          """
+          You have already signed in another way, but have not confirmed your account.
+          You can confirm your account using the link we sent to you, or by resetting your password.
+          """
+
+        _ ->
+          "Incorrect email or password"
+      end
+
+    conn
+    |> put_flash(:error, message)
+    |> redirect(to: ~p"/sign-in")
+  end
+
+  def sign_out(conn, _params) do
+    return_to = get_session(conn, :return_to) || ~p"/"
+
+    conn
+    |> clear_session()
+    |> put_flash(:info, "You are now signed out")
+    |> redirect(to: return_to)
+  end
+end
--- a/lib/mv_web/live_user_auth.ex
+++ b/lib/mv_web/live_user_auth.ex
@ -0,0 +1,44 @@
+defmodule MvWeb.LiveUserAuth do
+  @moduledoc """
+  Helpers for authenticating users in LiveViews.
+  """
+
+  import Phoenix.Component
+  use MvWeb, :verified_routes
+
+  # This is used for nested liveviews to fetch the current user.
+  # To use, place the following at the top of that liveview:
+  # on_mount {MvWeb.LiveUserAuth, :current_user}
+  def on_mount(:current_user, _params, session, socket) do
+    return_to = session[:return_to]
+    socket =
+      socket
+      |> assign(:return_to, return_to)
+      |> AshAuthentication.Phoenix.LiveSession.assign_new_resources(session)
+    {:cont, session, socket}
+  end
+
+  def on_mount(:live_user_optional, _params, _session, socket) do
+    if socket.assigns[:current_user] do
+      {:cont, socket}
+    else
+      {:cont, assign(socket, :current_user, nil)}
+    end
+  end
+
+  def on_mount(:live_user_required, _params, _session, socket) do
+    if socket.assigns[:current_user] do
+      {:cont, socket}
+    else
+      {:halt, Phoenix.LiveView.redirect(socket, to: ~p"/sign-in")}
+    end
+  end
+
+  def on_mount(:live_no_user, _params, _session, socket) do
+    if socket.assigns[:current_user] do
+      {:halt, Phoenix.LiveView.redirect(socket, to: ~p"/")}
+    else
+      {:cont, assign(socket, :current_user, nil)}
+    end
+  end
+end
--- a/lib/mv_web/member_live/index.ex
+++ b/lib/mv_web/member_live/index.ex
@ -1,6 +1,8 @@
 defmodule MvWeb.MemberLive.Index do
  use MvWeb, :live_view

+  on_mount {MvWeb.LiveUserAuth, :live_user_required}
+
  @impl true
  def render(assigns) do
    ~H"""
--- a/lib/mv_web/router.ex
+++ b/lib/mv_web/router.ex
@ -1,6 +1,10 @@
 defmodule MvWeb.Router do
  use MvWeb, :router

+  use AshAuthentication.Phoenix.Router
+
+  import AshAuthentication.Plug.Helpers
+
  pipeline :browser do
    plug :accepts, ["html"]
    plug :fetch_session
@ -8,22 +12,46 @@ defmodule MvWeb.Router do
    plug :put_root_layout, html: {MvWeb.Layouts, :root}
    plug :protect_from_forgery
    plug :put_secure_browser_headers
+    plug :load_from_session
    plug :set_locale
  end

  pipeline :api do
    plug :accepts, ["json"]
+    plug :load_from_bearer
+    plug :set_actor, :user
+  end
+
+  scope "/", MvWeb do
+    pipe_through :browser
+
+    ash_authentication_live_session :authenticated_routes do
+      # in each liveview, add one of the following at the top of the module:
+      #
+      # If an authenticated user must be present:
+      # on_mount {MvWeb.LiveUserAuth, :live_user_required}
+      #
+      # If an authenticated user *may* be present:
+      # on_mount {MvWeb.LiveUserAuth, :live_user_optional}
+      #
+      # If an authenticated user must *not* be present:
+      # on_mount {MvWeb.LiveUserAuth, :live_no_user}
+    end
  end

  scope "/", MvWeb do
    pipe_through :browser

    get "/", PageController, :home
-    live "/members", MemberLive.Index, :index
-    live "/members/new", MemberLive.Index, :new
-    live "/members/:id/edit", MemberLive.Index, :edit
-    live "/members/:id", MemberLive.Show, :show
-    live "/members/:id/show/edit", MemberLive.Show, :edit
+
+    ash_authentication_live_session :session_name do
+      live "/members", MemberLive.Index, :index
+      live "/members/new", MemberLive.Index, :new
+      live "/members/:id/edit", MemberLive.Index, :edit
+      live "/members/:id", MemberLive.Show, :show
+      live "/members/:id/show/edit", MemberLive.Show, :edit
+    end
+

    live "/property_types", PropertyTypeLive.Index, :index
    live "/property_types/new", PropertyTypeLive.Index, :new
@ -38,6 +66,30 @@ defmodule MvWeb.Router do
    live "/properties/:id/show/edit", PropertyLive.Show, :edit

    post "/set_locale", LocaleController, :set_locale
+    auth_routes AuthController, Mv.Accounts.User, path: "/auth"
+    sign_out_route AuthController
+
+    # Remove these if you'd like to use your own authentication views
+    sign_in_route register_path: "/register",
+                  reset_path: "/reset",
+                  auth_routes_prefix: "/auth",
+                  on_mount: [{MvWeb.LiveUserAuth, :live_no_user}],
+                  overrides: [MvWeb.AuthOverrides, AshAuthentication.Phoenix.Overrides.Default]
+
+    # Remove this if you do not want to use the reset password feature
+    reset_route auth_routes_prefix: "/auth",
+                overrides: [MvWeb.AuthOverrides, AshAuthentication.Phoenix.Overrides.Default]
+
+    # Remove this if you do not use the confirmation strategy
+    confirm_route Mv.Accounts.User, :confirm_new_user,
+      auth_routes_prefix: "/auth",
+      overrides: [MvWeb.AuthOverrides, AshAuthentication.Phoenix.Overrides.Default]
+
+    # Remove this if you do not use the magic link strategy.
+    # magic_sign_in_route(Mv.Accounts.User, :magic_link,
+    #   auth_routes_prefix: "/auth",
+    #   overrides: [MvWeb.AuthOverrides, AshAuthentication.Phoenix.Overrides.Default]
+    # )
  end

  # Other scopes may use custom stacks.