kmx.io/kmxgit/lib/kmxgit_web/controllers/user_confirmation_controller.ex
-
Show log
Commit
-
Hash : e800e02b
Author :
Thomas de Grivel
Date : 2021-12-08T16:24:53
mix phx.gen.auth
-
lib/kmxgit_web/controllers/user_confirmation_controller.ex
-
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57
defmodule KmxgitWeb.UserConfirmationController do use KmxgitWeb, :controller alias Kmxgit.UserManager def new(conn, _params) do render(conn, "new.html") end def create(conn, %{"user" => %{"email" => email}}) do if user = UserManager.get_user_by_email(email) do UserManager.deliver_user_confirmation_instructions( user, &Routes.user_confirmation_url(conn, :edit, &1) ) end # In order to prevent user enumeration attacks, regardless of the outcome, show an impartial success/error message. conn |> put_flash( :info, "If your email is in our system and it has not been confirmed yet, " <> "you will receive an email with instructions shortly." ) |> redirect(to: "/") end def edit(conn, %{"token" => token}) do render(conn, "edit.html", token: token) end # Do not log in the user after confirmation to avoid a # leaked token giving the user access to the account. def update(conn, %{"token" => token}) do case UserManager.confirm_user(token) do {:ok, _} -> conn |> put_flash(:info, "User confirmed successfully.") |> redirect(to: "/") :error -> # If there is a current user and the account was already confirmed, # then odds are that the confirmation link was already visited, either # by some automation or by the user themselves, so we redirect without # a warning message. case conn.assigns do %{current_user: %{confirmed_at: confirmed_at}} when not is_nil(confirmed_at) -> redirect(conn, to: "/") %{} -> conn |> put_flash(:error, "User confirmation link is invalid or it has expired.") |> redirect(to: "/") end end end end