hostas/lib/hostas_web/controllers/auth/token_controller.ex

defmodule HostasWeb.Auth.TokenController do
  import Ecto.Query, only: [from: 2]
  use HostasWeb, :controller

  alias Hostas.Repo
  alias Hostas.Denizen
  alias Hostas.Token

  @doc """
  Generates an API token. Responds with the token if the user
  provides the correct password
  """
  def create(conn, %{"handle" => handle, "password" => given_password}) do
    case Repo.one(from d in Denizen,
                  where: d.handle == ^handle,
                  select: %{id: d.id, password: d.password}) do
      nil ->
        conn
        |> put_status(404)
        |> json(%{"error" => "No user with handle #{handle}"})

      denizen ->
        %{id: denizen_id, password: real_password_hash} = denizen

        if Bcrypt.verify_pass(given_password, real_password_hash) do
          {:ok, token_struct} = Token.new(denizen_id)

          conn
          |> put_status(201)
          |> json(Map.take(token_struct, [:token, :expires]))
        else
          # Reject the request, as passwords don't match
          conn
          |> put_status(401)
          |> json(%{"error" => "Password mismatch"})
        end
    end
  end

  def create(conn, _params) do
    conn
    |> put_status(422)
    |> json(%{"error" => "Missing required parameters"})
  end

  @doc """
  Responds with 200 OK if the requester's `Bearing` header
  contains a valid, non-expired API token
  """
  def verify(_conn, _params) do
    :ok
  end

  @doc """
  Deletes the token the requester used in the `Bearing` header
  """
  def revoke(_conn, _params) do
    :ok
  end

  @doc """
  Deletes the token the requester used in the `Bearing` header
  and responds with a new one if the old one was valid and unexpired
  """
  def renew(_conn, _params) do
    :ok
  end
end
Scaffhold token interface 2023-06-06 16:38:52 +00:00			`defmodule HostasWeb.Auth.TokenController do`
Implement POST /hostapi/auth/token 2023-06-07 17:12:33 +00:00			`import Ecto.Query, only: [from: 2]`
Scaffhold token interface 2023-06-06 16:38:52 +00:00			`use HostasWeb, :controller`

Implement POST /hostapi/auth/token 2023-06-07 17:12:33 +00:00			`alias Hostas.Repo`
			`alias Hostas.Denizen`
			`alias Hostas.Token`

			`@doc """`
			`Generates an API token. Responds with the token if the user`
			`provides the correct password`
			`"""`
			`def create(conn, %{"handle" => handle, "password" => given_password}) do`
			`case Repo.one(from d in Denizen,`
			`where: d.handle == ^handle,`
			`select: %{id: d.id, password: d.password}) do`
			`nil ->`
			`conn`
			`\|> put_status(404)`
			`\|> json(%{"error" => "No user with handle #{handle}"})`

			`denizen ->`
			`%{id: denizen_id, password: real_password_hash} = denizen`

			`if Bcrypt.verify_pass(given_password, real_password_hash) do`
Separate token creation action into Hostas.Token 2023-06-09 01:01:47 +00:00			`{:ok, token_struct} = Token.new(denizen_id)`
Implement POST /hostapi/auth/token 2023-06-07 17:12:33 +00:00
			`conn`
			`\|> put_status(201)`
			`\|> json(Map.take(token_struct, [:token, :expires]))`
			`else`
			`# Reject the request, as passwords don't match`
			`conn`
			`\|> put_status(401)`
			`\|> json(%{"error" => "Password mismatch"})`
			`end`
			`end`
			`end`

Separate token creation action into Hostas.Token 2023-06-09 01:01:47 +00:00			`def create(conn, _params) do`
Implement POST /hostapi/auth/token 2023-06-07 17:12:33 +00:00			`conn`
			`\|> put_status(422)`
Implement tests for token creation 2023-06-08 16:41:02 +00:00			`\|> json(%{"error" => "Missing required parameters"})`
Implement POST /hostapi/auth/token 2023-06-07 17:12:33 +00:00			`end`

			`@doc """`
			Responds with 200 OK if the requester's `Bearing` header
			`contains a valid, non-expired API token`
			`"""`
			`def verify(_conn, _params) do`
			`:ok`
			`end`

			`@doc """`
			Deletes the token the requester used in the `Bearing` header
			`"""`
			`def revoke(_conn, _params) do`
			`:ok`
			`end`

			`@doc """`
			Deletes the token the requester used in the `Bearing` header
			`and responds with a new one if the old one was valid and unexpired`
			`"""`
			`def renew(_conn, _params) do`
Scaffhold token interface 2023-06-06 16:38:52 +00:00			`:ok`
			`end`
			`end`