From c1385df0f91dae01c4899a9200fee7595ca1bb96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?William=20Herg=C3=A8s?= Date: Thu, 14 Aug 2025 20:49:11 +0200 Subject: [PATCH] feat(user): use gen auth for users --- AGENTS.md | 60 +++ config/config.exs | 13 + config/test.exs | 3 + lib/learning_phoenix/accounts.ex | 297 +++++++++++++ lib/learning_phoenix/accounts/scope.ex | 33 ++ lib/learning_phoenix/accounts/user.ex | 132 ++++++ .../accounts/user_notifier.ex | 84 ++++ lib/learning_phoenix/accounts/user_token.ex | 156 +++++++ lib/learning_phoenix/user.ex | 24 -- .../components/layouts/root.html.heex | 20 + .../controllers/user_controller.ex | 36 -- .../controllers/user_html.ex | 10 - .../controllers/user_html/edit.html.heex | 9 - .../controllers/user_html/index.html.heex | 18 - .../controllers/user_html/new.html.heex | 9 - .../controllers/user_html/show.html.heex | 9 - .../controllers/user_session_controller.ex | 67 +++ .../live/user_live/confirmation.ex | 94 +++++ .../live/user_live/login.ex | 131 ++++++ .../live/user_live/registration.ex | 88 ++++ .../live/user_live/settings.ex | 157 +++++++ lib/learning_phoenix_web/router.ex | 32 +- lib/learning_phoenix_web/user_auth.ex | 287 +++++++++++++ mix.exs | 1 + mix.lock | 2 + .../20250812135200_create_users.exs | 13 - ...0250814184559_create_users_auth_tables.exs | 28 ++ test/learning_phoenix/accounts_test.exs | 397 ++++++++++++++++++ .../user_session_controller_test.exs | 147 +++++++ .../live/user_live/confirmation_test.exs | 105 +++++ .../live/user_live/login_test.exs | 109 +++++ .../live/user_live/registration_test.exs | 82 ++++ .../live/user_live/settings_test.exs | 212 ++++++++++ test/learning_phoenix_web/user_auth_test.exs | 390 +++++++++++++++++ test/support/conn_case.ex | 41 ++ test/support/fixtures/accounts_fixtures.ex | 89 ++++ 36 files changed, 3256 insertions(+), 129 deletions(-) create mode 100644 lib/learning_phoenix/accounts.ex create mode 100644 lib/learning_phoenix/accounts/scope.ex create mode 100644 lib/learning_phoenix/accounts/user.ex create mode 100644 lib/learning_phoenix/accounts/user_notifier.ex create mode 100644 lib/learning_phoenix/accounts/user_token.ex delete mode 100644 lib/learning_phoenix/user.ex delete mode 100644 lib/learning_phoenix_web/controllers/user_controller.ex delete mode 100644 lib/learning_phoenix_web/controllers/user_html.ex delete mode 100644 lib/learning_phoenix_web/controllers/user_html/edit.html.heex delete mode 100644 lib/learning_phoenix_web/controllers/user_html/index.html.heex delete mode 100644 lib/learning_phoenix_web/controllers/user_html/new.html.heex delete mode 100644 lib/learning_phoenix_web/controllers/user_html/show.html.heex create mode 100644 lib/learning_phoenix_web/controllers/user_session_controller.ex create mode 100644 lib/learning_phoenix_web/live/user_live/confirmation.ex create mode 100644 lib/learning_phoenix_web/live/user_live/login.ex create mode 100644 lib/learning_phoenix_web/live/user_live/registration.ex create mode 100644 lib/learning_phoenix_web/live/user_live/settings.ex create mode 100644 lib/learning_phoenix_web/user_auth.ex delete mode 100644 priv/repo/migrations/20250812135200_create_users.exs create mode 100644 priv/repo/migrations/20250814184559_create_users_auth_tables.exs create mode 100644 test/learning_phoenix/accounts_test.exs create mode 100644 test/learning_phoenix_web/controllers/user_session_controller_test.exs create mode 100644 test/learning_phoenix_web/live/user_live/confirmation_test.exs create mode 100644 test/learning_phoenix_web/live/user_live/login_test.exs create mode 100644 test/learning_phoenix_web/live/user_live/registration_test.exs create mode 100644 test/learning_phoenix_web/live/user_live/settings_test.exs create mode 100644 test/learning_phoenix_web/user_auth_test.exs create mode 100644 test/support/fixtures/accounts_fixtures.ex diff --git a/AGENTS.md b/AGENTS.md index 7952511..9880356 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -17,6 +17,66 @@ This is a web application written using the Phoenix web framework. - If you override the default input classes (`<.input class="myclass px-2 py-1 rounded-lg">)`) class with your own values, no default classes are inherited, so your custom classes must fully style the input + +## Authentication + +- **Always** handle authentication flow at the router level with proper redirects +- **Always** be mindful of where to place routes. `phx.gen.auth` creates multiple router plugs and `live_session` scopes: + - A plug `:fetch_current_user` that is included in the default browser pipeline + - A plug `:require_authenticated_user` that redirects to the log in page when the user is not authenticated + - A `live_session :current_user` scope - For routes that need the current user but don't require authentication, similar to `:fetch_current_user` + - A `live_session :require_authenticated_user` scope - For routes that require authentication, similar to the plug with the same name + - In both cases, a `@current_scope` is assigned to the Plug connection and LiveView socket + - A plug `redirect_if_user_is_authenticated` that redirects to a default path in case the user is authenticated - useful for a registration page that should only be shown to unauthenticated users +- **Always let the user know in which router scopes, `live_session`, and pipeline you are placing the route, AND SAY WHY** +- `phx.gen.auth` assigns the `current_scope` assign - it **does not assign a `current_user` assign**. +- To derive/access `current_user`, **always use the `current_scope.user` assign**, never use **`@current_user`** in templates or LiveViews +- **Never** duplicate `live_session` names. A `live_session :current_user` can only be defined __once__ in the router, so all routes for the `live_session :current_user` must be grouped in a single block +- Anytime you hit `current_scope` errors or the logged in session isn't displaying the right content, **always double check the router and ensure you are using the correct plug and `live_session` as described below** + +### Routes that require authentication + +LiveViews that require login should **always be placed inside the __existing__ `live_session :require_authenticated_user` block**: + + scope "/", AppWeb do + pipe_through [:browser, :require_authenticated_user] + + live_session :require_authenticated_user, + on_mount: [{LearningPhoenixWeb.UserAuth, :require_authenticated}] do + # phx.gen.auth generated routes + live "/users/settings", UserLive.Settings, :edit + live "/users/settings/confirm-email/:token", UserLive.Settings, :confirm_email + # our own routes that require logged in user + live "/", MyLiveThatRequiresAuth, :index + end + end + +Controller routes must be placed in a scope that sets the `:require_authenticated_user` plug: + + scope "/", AppWeb do + pipe_through [:browser, :require_authenticated_user] + + get "/", MyControllerThatRequiresAuth, :index + end + +### Routes that work with or without authentication + +LiveViews that can work with or without authentication, **always use the __existing__ `:current_user` scope**, ie: + + scope "/", MyAppWeb do + pipe_through [:browser] + + live_session :current_user, + on_mount: [{LearningPhoenixWeb.UserAuth, :mount_current_scope}] do + # our own routes that work with or without authentication + live "/", PublicLive + end + end + +Controllers automatically have the `current_scope` available if they use the `:browser` pipeline. + + + ## Elixir guidelines diff --git a/config/config.exs b/config/config.exs index c126fae..b5c019b 100644 --- a/config/config.exs +++ b/config/config.exs @@ -7,6 +7,19 @@ # General application configuration import Config +config :learning_phoenix, :scopes, + user: [ + default: true, + module: LearningPhoenix.Accounts.Scope, + assign_key: :current_scope, + access_path: [:user, :id], + schema_key: :user_id, + schema_type: :id, + schema_table: :users, + test_data_fixture: LearningPhoenix.AccountsFixtures, + test_setup_helper: :register_and_log_in_user + ] + config :learning_phoenix, ecto_repos: [LearningPhoenix.Repo], generators: [timestamp_type: :utc_datetime] diff --git a/config/test.exs b/config/test.exs index 882882c..82b80f7 100644 --- a/config/test.exs +++ b/config/test.exs @@ -1,5 +1,8 @@ import Config +# Only in tests, remove the complexity from the password hashing algorithm +config :bcrypt_elixir, :log_rounds, 1 + # Configure your database # # The MIX_TEST_PARTITION environment variable can be used diff --git a/lib/learning_phoenix/accounts.ex b/lib/learning_phoenix/accounts.ex new file mode 100644 index 0000000..a2ffc7a --- /dev/null +++ b/lib/learning_phoenix/accounts.ex @@ -0,0 +1,297 @@ +defmodule LearningPhoenix.Accounts do + @moduledoc """ + The Accounts context. + """ + + import Ecto.Query, warn: false + alias LearningPhoenix.Repo + + alias LearningPhoenix.Accounts.{User, UserToken, UserNotifier} + + ## Database getters + + @doc """ + Gets a user by email. + + ## Examples + + iex> get_user_by_email("foo@example.com") + %User{} + + iex> get_user_by_email("unknown@example.com") + nil + + """ + def get_user_by_email(email) when is_binary(email) do + Repo.get_by(User, email: email) + end + + @doc """ + Gets a user by email and password. + + ## Examples + + iex> get_user_by_email_and_password("foo@example.com", "correct_password") + %User{} + + iex> get_user_by_email_and_password("foo@example.com", "invalid_password") + nil + + """ + def get_user_by_email_and_password(email, password) + when is_binary(email) and is_binary(password) do + user = Repo.get_by(User, email: email) + if User.valid_password?(user, password), do: user + end + + @doc """ + Gets a single user. + + Raises `Ecto.NoResultsError` if the User does not exist. + + ## Examples + + iex> get_user!(123) + %User{} + + iex> get_user!(456) + ** (Ecto.NoResultsError) + + """ + def get_user!(id), do: Repo.get!(User, id) + + ## User registration + + @doc """ + Registers a user. + + ## Examples + + iex> register_user(%{field: value}) + {:ok, %User{}} + + iex> register_user(%{field: bad_value}) + {:error, %Ecto.Changeset{}} + + """ + def register_user(attrs) do + %User{} + |> User.email_changeset(attrs) + |> Repo.insert() + end + + ## Settings + + @doc """ + Checks whether the user is in sudo mode. + + The user is in sudo mode when the last authentication was done no further + than 20 minutes ago. The limit can be given as second argument in minutes. + """ + def sudo_mode?(user, minutes \\ -20) + + def sudo_mode?(%User{authenticated_at: ts}, minutes) when is_struct(ts, DateTime) do + DateTime.after?(ts, DateTime.utc_now() |> DateTime.add(minutes, :minute)) + end + + def sudo_mode?(_user, _minutes), do: false + + @doc """ + Returns an `%Ecto.Changeset{}` for changing the user email. + + See `LearningPhoenix.Accounts.User.email_changeset/3` for a list of supported options. + + ## Examples + + iex> change_user_email(user) + %Ecto.Changeset{data: %User{}} + + """ + def change_user_email(user, attrs \\ %{}, opts \\ []) do + User.email_changeset(user, attrs, opts) + end + + @doc """ + Updates the user email using the given token. + + If the token matches, the user email is updated and the token is deleted. + """ + def update_user_email(user, token) do + context = "change:#{user.email}" + + Repo.transact(fn -> + with {:ok, query} <- UserToken.verify_change_email_token_query(token, context), + %UserToken{sent_to: email} <- Repo.one(query), + {:ok, user} <- Repo.update(User.email_changeset(user, %{email: email})), + {_count, _result} <- + Repo.delete_all(from(UserToken, where: [user_id: ^user.id, context: ^context])) do + {:ok, user} + else + _ -> {:error, :transaction_aborted} + end + end) + end + + @doc """ + Returns an `%Ecto.Changeset{}` for changing the user password. + + See `LearningPhoenix.Accounts.User.password_changeset/3` for a list of supported options. + + ## Examples + + iex> change_user_password(user) + %Ecto.Changeset{data: %User{}} + + """ + def change_user_password(user, attrs \\ %{}, opts \\ []) do + User.password_changeset(user, attrs, opts) + end + + @doc """ + Updates the user password. + + Returns a tuple with the updated user, as well as a list of expired tokens. + + ## Examples + + iex> update_user_password(user, %{password: ...}) + {:ok, {%User{}, [...]}} + + iex> update_user_password(user, %{password: "too short"}) + {:error, %Ecto.Changeset{}} + + """ + def update_user_password(user, attrs) do + user + |> User.password_changeset(attrs) + |> update_user_and_delete_all_tokens() + end + + ## Session + + @doc """ + Generates a session token. + """ + def generate_user_session_token(user) do + {token, user_token} = UserToken.build_session_token(user) + Repo.insert!(user_token) + token + end + + @doc """ + Gets the user with the given signed token. + + If the token is valid `{user, token_inserted_at}` is returned, otherwise `nil` is returned. + """ + def get_user_by_session_token(token) do + {:ok, query} = UserToken.verify_session_token_query(token) + Repo.one(query) + end + + @doc """ + Gets the user with the given magic link token. + """ + def get_user_by_magic_link_token(token) do + with {:ok, query} <- UserToken.verify_magic_link_token_query(token), + {user, _token} <- Repo.one(query) do + user + else + _ -> nil + end + end + + @doc """ + Logs the user in by magic link. + + There are three cases to consider: + + 1. The user has already confirmed their email. They are logged in + and the magic link is expired. + + 2. The user has not confirmed their email and no password is set. + In this case, the user gets confirmed, logged in, and all tokens - + including session ones - are expired. In theory, no other tokens + exist but we delete all of them for best security practices. + + 3. The user has not confirmed their email but a password is set. + This cannot happen in the default implementation but may be the + source of security pitfalls. See the "Mixing magic link and password registration" section of + `mix help phx.gen.auth`. + """ + def login_user_by_magic_link(token) do + {:ok, query} = UserToken.verify_magic_link_token_query(token) + + case Repo.one(query) do + # Prevent session fixation attacks by disallowing magic links for unconfirmed users with password + {%User{confirmed_at: nil, hashed_password: hash}, _token} when not is_nil(hash) -> + raise """ + magic link log in is not allowed for unconfirmed users with a password set! + + This cannot happen with the default implementation, which indicates that you + might have adapted the code to a different use case. Please make sure to read the + "Mixing magic link and password registration" section of `mix help phx.gen.auth`. + """ + + {%User{confirmed_at: nil} = user, _token} -> + user + |> User.confirm_changeset() + |> update_user_and_delete_all_tokens() + + {user, token} -> + Repo.delete!(token) + {:ok, {user, []}} + + nil -> + {:error, :not_found} + end + end + + @doc ~S""" + Delivers the update email instructions to the given user. + + ## Examples + + iex> deliver_user_update_email_instructions(user, current_email, &url(~p"/users/settings/confirm-email/#{&1}")) + {:ok, %{to: ..., body: ...}} + + """ + def deliver_user_update_email_instructions(%User{} = user, current_email, update_email_url_fun) + when is_function(update_email_url_fun, 1) do + {encoded_token, user_token} = UserToken.build_email_token(user, "change:#{current_email}") + + Repo.insert!(user_token) + UserNotifier.deliver_update_email_instructions(user, update_email_url_fun.(encoded_token)) + end + + @doc """ + Delivers the magic link login instructions to the given user. + """ + def deliver_login_instructions(%User{} = user, magic_link_url_fun) + when is_function(magic_link_url_fun, 1) do + {encoded_token, user_token} = UserToken.build_email_token(user, "login") + Repo.insert!(user_token) + UserNotifier.deliver_login_instructions(user, magic_link_url_fun.(encoded_token)) + end + + @doc """ + Deletes the signed token with the given context. + """ + def delete_user_session_token(token) do + Repo.delete_all(from(UserToken, where: [token: ^token, context: "session"])) + :ok + end + + ## Token helper + + defp update_user_and_delete_all_tokens(changeset) do + Repo.transact(fn -> + with {:ok, user} <- Repo.update(changeset) do + tokens_to_expire = Repo.all_by(UserToken, user_id: user.id) + + Repo.delete_all(from(t in UserToken, where: t.id in ^Enum.map(tokens_to_expire, & &1.id))) + + {:ok, {user, tokens_to_expire}} + end + end) + end +end diff --git a/lib/learning_phoenix/accounts/scope.ex b/lib/learning_phoenix/accounts/scope.ex new file mode 100644 index 0000000..6337359 --- /dev/null +++ b/lib/learning_phoenix/accounts/scope.ex @@ -0,0 +1,33 @@ +defmodule LearningPhoenix.Accounts.Scope do + @moduledoc """ + Defines the scope of the caller to be used throughout the app. + + The `LearningPhoenix.Accounts.Scope` allows public interfaces to receive + information about the caller, such as if the call is initiated from an + end-user, and if so, which user. Additionally, such a scope can carry fields + such as "super user" or other privileges for use as authorization, or to + ensure specific code paths can only be access for a given scope. + + It is useful for logging as well as for scoping pubsub subscriptions and + broadcasts when a caller subscribes to an interface or performs a particular + action. + + Feel free to extend the fields on this struct to fit the needs of + growing application requirements. + """ + + alias LearningPhoenix.Accounts.User + + defstruct user: nil + + @doc """ + Creates a scope for the given user. + + Returns nil if no user is given. + """ + def for_user(%User{} = user) do + %__MODULE__{user: user} + end + + def for_user(nil), do: nil +end diff --git a/lib/learning_phoenix/accounts/user.ex b/lib/learning_phoenix/accounts/user.ex new file mode 100644 index 0000000..83a9651 --- /dev/null +++ b/lib/learning_phoenix/accounts/user.ex @@ -0,0 +1,132 @@ +defmodule LearningPhoenix.Accounts.User do + use Ecto.Schema + import Ecto.Changeset + + schema "users" do + field :email, :string + field :password, :string, virtual: true, redact: true + field :hashed_password, :string, redact: true + field :confirmed_at, :utc_datetime + field :authenticated_at, :utc_datetime, virtual: true + + timestamps(type: :utc_datetime) + end + + @doc """ + A user changeset for registering or changing the email. + + It requires the email to change otherwise an error is added. + + ## Options + + * `:validate_unique` - Set to false if you don't want to validate the + uniqueness of the email, useful when displaying live validations. + Defaults to `true`. + """ + def email_changeset(user, attrs, opts \\ []) do + user + |> cast(attrs, [:email]) + |> validate_email(opts) + end + + defp validate_email(changeset, opts) do + changeset = + changeset + |> validate_required([:email]) + |> validate_format(:email, ~r/^[^@,;\s]+@[^@,;\s]+$/, + message: "must have the @ sign and no spaces" + ) + |> validate_length(:email, max: 160) + + if Keyword.get(opts, :validate_unique, true) do + changeset + |> unsafe_validate_unique(:email, LearningPhoenix.Repo) + |> unique_constraint(:email) + |> validate_email_changed() + else + changeset + end + end + + defp validate_email_changed(changeset) do + if get_field(changeset, :email) && get_change(changeset, :email) == nil do + add_error(changeset, :email, "did not change") + else + changeset + end + end + + @doc """ + A user changeset for changing the password. + + It is important to validate the length of the password, as long passwords may + be very expensive to hash for certain algorithms. + + ## Options + + * `:hash_password` - Hashes the password so it can be stored securely + in the database and ensures the password field is cleared to prevent + leaks in the logs. If password hashing is not needed and clearing the + password field is not desired (like when using this changeset for + validations on a LiveView form), this option can be set to `false`. + Defaults to `true`. + """ + def password_changeset(user, attrs, opts \\ []) do + user + |> cast(attrs, [:password]) + |> validate_confirmation(:password, message: "does not match password") + |> validate_password(opts) + end + + defp validate_password(changeset, opts) do + changeset + |> validate_required([:password]) + |> validate_length(:password, min: 12, max: 72) + # Examples of additional password validation: + # |> validate_format(:password, ~r/[a-z]/, message: "at least one lower case character") + # |> validate_format(:password, ~r/[A-Z]/, message: "at least one upper case character") + # |> validate_format(:password, ~r/[!?@#$%^&*_0-9]/, message: "at least one digit or punctuation character") + |> maybe_hash_password(opts) + end + + defp maybe_hash_password(changeset, opts) do + hash_password? = Keyword.get(opts, :hash_password, true) + password = get_change(changeset, :password) + + if hash_password? && password && changeset.valid? do + changeset + # If using Bcrypt, then further validate it is at most 72 bytes long + |> validate_length(:password, max: 72, count: :bytes) + # Hashing could be done with `Ecto.Changeset.prepare_changes/2`, but that + # would keep the database transaction open longer and hurt performance. + |> put_change(:hashed_password, Bcrypt.hash_pwd_salt(password)) + |> delete_change(:password) + else + changeset + end + end + + @doc """ + Confirms the account by setting `confirmed_at`. + """ + def confirm_changeset(user) do + now = DateTime.utc_now(:second) + change(user, confirmed_at: now) + end + + @doc """ + Verifies the password. + + If there is no user or the user doesn't have a password, we call + `Bcrypt.no_user_verify/0` to avoid timing attacks. + """ + def valid_password?(%LearningPhoenix.Accounts.User{hashed_password: hashed_password}, password) + when is_binary(hashed_password) and byte_size(password) > 0 do + Bcrypt.verify_pass(password, hashed_password) + end + + def valid_password?(_, _) do + Bcrypt.no_user_verify() + false + end +end diff --git a/lib/learning_phoenix/accounts/user_notifier.ex b/lib/learning_phoenix/accounts/user_notifier.ex new file mode 100644 index 0000000..efd4881 --- /dev/null +++ b/lib/learning_phoenix/accounts/user_notifier.ex @@ -0,0 +1,84 @@ +defmodule LearningPhoenix.Accounts.UserNotifier do + import Swoosh.Email + + alias LearningPhoenix.Mailer + alias LearningPhoenix.Accounts.User + + # Delivers the email using the application mailer. + defp deliver(recipient, subject, body) do + email = + new() + |> to(recipient) + |> from({"LearningPhoenix", "contact@example.com"}) + |> subject(subject) + |> text_body(body) + + with {:ok, _metadata} <- Mailer.deliver(email) do + {:ok, email} + end + end + + @doc """ + Deliver instructions to update a user email. + """ + def deliver_update_email_instructions(user, url) do + deliver(user.email, "Update email instructions", """ + + ============================== + + Hi #{user.email}, + + You can change your email by visiting the URL below: + + #{url} + + If you didn't request this change, please ignore this. + + ============================== + """) + end + + @doc """ + Deliver instructions to log in with a magic link. + """ + def deliver_login_instructions(user, url) do + case user do + %User{confirmed_at: nil} -> deliver_confirmation_instructions(user, url) + _ -> deliver_magic_link_instructions(user, url) + end + end + + defp deliver_magic_link_instructions(user, url) do + deliver(user.email, "Log in instructions", """ + + ============================== + + Hi #{user.email}, + + You can log into your account by visiting the URL below: + + #{url} + + If you didn't request this email, please ignore this. + + ============================== + """) + end + + defp deliver_confirmation_instructions(user, url) do + deliver(user.email, "Confirmation instructions", """ + + ============================== + + Hi #{user.email}, + + You can confirm your account by visiting the URL below: + + #{url} + + If you didn't create an account with us, please ignore this. + + ============================== + """) + end +end diff --git a/lib/learning_phoenix/accounts/user_token.ex b/lib/learning_phoenix/accounts/user_token.ex new file mode 100644 index 0000000..31dbf0f --- /dev/null +++ b/lib/learning_phoenix/accounts/user_token.ex @@ -0,0 +1,156 @@ +defmodule LearningPhoenix.Accounts.UserToken do + use Ecto.Schema + import Ecto.Query + alias LearningPhoenix.Accounts.UserToken + + @hash_algorithm :sha256 + @rand_size 32 + + # It is very important to keep the magic link token expiry short, + # since someone with access to the email may take over the account. + @magic_link_validity_in_minutes 15 + @change_email_validity_in_days 7 + @session_validity_in_days 14 + + schema "users_tokens" do + field :token, :binary + field :context, :string + field :sent_to, :string + field :authenticated_at, :utc_datetime + belongs_to :user, LearningPhoenix.Accounts.User + + timestamps(type: :utc_datetime, updated_at: false) + end + + @doc """ + Generates a token that will be stored in a signed place, + such as session or cookie. As they are signed, those + tokens do not need to be hashed. + + The reason why we store session tokens in the database, even + though Phoenix already provides a session cookie, is because + Phoenix' default session cookies are not persisted, they are + simply signed and potentially encrypted. This means they are + valid indefinitely, unless you change the signing/encryption + salt. + + Therefore, storing them allows individual user + sessions to be expired. The token system can also be extended + to store additional data, such as the device used for logging in. + You could then use this information to display all valid sessions + and devices in the UI and allow users to explicitly expire any + session they deem invalid. + """ + def build_session_token(user) do + token = :crypto.strong_rand_bytes(@rand_size) + dt = user.authenticated_at || DateTime.utc_now(:second) + {token, %UserToken{token: token, context: "session", user_id: user.id, authenticated_at: dt}} + end + + @doc """ + Checks if the token is valid and returns its underlying lookup query. + + The query returns the user found by the token, if any, along with the token's creation time. + + The token is valid if it matches the value in the database and it has + not expired (after @session_validity_in_days). + """ + def verify_session_token_query(token) do + query = + from token in by_token_and_context_query(token, "session"), + join: user in assoc(token, :user), + where: token.inserted_at > ago(@session_validity_in_days, "day"), + select: {%{user | authenticated_at: token.authenticated_at}, token.inserted_at} + + {:ok, query} + end + + @doc """ + Builds a token and its hash to be delivered to the user's email. + + The non-hashed token is sent to the user email while the + hashed part is stored in the database. The original token cannot be reconstructed, + which means anyone with read-only access to the database cannot directly use + the token in the application to gain access. Furthermore, if the user changes + their email in the system, the tokens sent to the previous email are no longer + valid. + + Users can easily adapt the existing code to provide other types of delivery methods, + for example, by phone numbers. + """ + def build_email_token(user, context) do + build_hashed_token(user, context, user.email) + end + + defp build_hashed_token(user, context, sent_to) do + token = :crypto.strong_rand_bytes(@rand_size) + hashed_token = :crypto.hash(@hash_algorithm, token) + + {Base.url_encode64(token, padding: false), + %UserToken{ + token: hashed_token, + context: context, + sent_to: sent_to, + user_id: user.id + }} + end + + @doc """ + Checks if the token is valid and returns its underlying lookup query. + + If found, the query returns a tuple of the form `{user, token}`. + + The given token is valid if it matches its hashed counterpart in the + database. This function also checks if the token is being used within + 15 minutes. The context of a magic link token is always "login". + """ + def verify_magic_link_token_query(token) do + case Base.url_decode64(token, padding: false) do + {:ok, decoded_token} -> + hashed_token = :crypto.hash(@hash_algorithm, decoded_token) + + query = + from token in by_token_and_context_query(hashed_token, "login"), + join: user in assoc(token, :user), + where: token.inserted_at > ago(^@magic_link_validity_in_minutes, "minute"), + where: token.sent_to == user.email, + select: {user, token} + + {:ok, query} + + :error -> + :error + end + end + + @doc """ + Checks if the token is valid and returns its underlying lookup query. + + The query returns the user_token found by the token, if any. + + This is used to validate requests to change the user + email. + The given token is valid if it matches its hashed counterpart in the + database and if it has not expired (after @change_email_validity_in_days). + The context must always start with "change:". + """ + def verify_change_email_token_query(token, "change:" <> _ = context) do + case Base.url_decode64(token, padding: false) do + {:ok, decoded_token} -> + hashed_token = :crypto.hash(@hash_algorithm, decoded_token) + + query = + from token in by_token_and_context_query(hashed_token, context), + where: token.inserted_at > ago(@change_email_validity_in_days, "day") + + {:ok, query} + + :error -> + :error + end + end + + defp by_token_and_context_query(token, context) do + from UserToken, where: [token: ^token, context: ^context] + end +end diff --git a/lib/learning_phoenix/user.ex b/lib/learning_phoenix/user.ex deleted file mode 100644 index 0d230c3..0000000 --- a/lib/learning_phoenix/user.ex +++ /dev/null @@ -1,24 +0,0 @@ -defmodule LearningPhoenix.User do - use Ecto.Schema - import Ecto.Changeset - - schema "users" do - field :name, :string - field :email, :string - field :password, :string - - timestamps(type: :utc_datetime) - end - - @doc false - def changeset(user, attrs) do - IO.puts("called") - user - |> cast(attrs, [:name, :email, :password]) - |> validate_required([:name, :email, :password]) - |> validate_length(:name, min: 2) - |> validate_length(:name, max: 30) - |> validate_format(:email, ~r/.+@.+\.[a-z]+/) - |> unique_constraint(:email) - end -end diff --git a/lib/learning_phoenix_web/components/layouts/root.html.heex b/lib/learning_phoenix_web/components/layouts/root.html.heex index 1b0b123..222d4e2 100644 --- a/lib/learning_phoenix_web/components/layouts/root.html.heex +++ b/lib/learning_phoenix_web/components/layouts/root.html.heex @@ -31,6 +31,26 @@ + {@inner_content} diff --git a/lib/learning_phoenix_web/controllers/user_controller.ex b/lib/learning_phoenix_web/controllers/user_controller.ex deleted file mode 100644 index fb11a46..0000000 --- a/lib/learning_phoenix_web/controllers/user_controller.ex +++ /dev/null @@ -1,36 +0,0 @@ -defmodule LearningPhoenixWeb.UserController do - use LearningPhoenixWeb, :controller - alias LearningPhoenix.{Repo, User} - - def index(conn, _params) do - conn - |> assign(:test, Repo.all(User)) - |> render(:index) - end - - def edit(conn, _params) do - render(conn, :edit) - end - - def new(conn, _params) do - render(conn, :new) - end - - def show(conn, _params) do - render(conn, :show) - end - - def create(conn, _params) do - #redirect(conn, url(~p"/users/#{id}")) - redirect(conn, url(~p"/users")) - end - - def update(conn, _params) do - #redirect(conn, url(~p"/users/#{id}")) - redirect(conn, url(~p"/users")) - end - - def delete(conn, _params) do - redirect(conn, url(~p"/users")) - end -end diff --git a/lib/learning_phoenix_web/controllers/user_html.ex b/lib/learning_phoenix_web/controllers/user_html.ex deleted file mode 100644 index 66e7351..0000000 --- a/lib/learning_phoenix_web/controllers/user_html.ex +++ /dev/null @@ -1,10 +0,0 @@ -defmodule LearningPhoenixWeb.UserHTML do - @moduledoc """ - This module contains pages rendered by PageController. - - See the `page_html` directory for all templates available. - """ - use LearningPhoenixWeb, :html - - embed_templates "user_html/*" -end diff --git a/lib/learning_phoenix_web/controllers/user_html/edit.html.heex b/lib/learning_phoenix_web/controllers/user_html/edit.html.heex deleted file mode 100644 index 740586d..0000000 --- a/lib/learning_phoenix_web/controllers/user_html/edit.html.heex +++ /dev/null @@ -1,9 +0,0 @@ - -
-

- Page d'edit des utilisateurs -

-

- Cette page permet de modifier un utilisateur -

-
diff --git a/lib/learning_phoenix_web/controllers/user_html/index.html.heex b/lib/learning_phoenix_web/controllers/user_html/index.html.heex deleted file mode 100644 index 0d1eea6..0000000 --- a/lib/learning_phoenix_web/controllers/user_html/index.html.heex +++ /dev/null @@ -1,18 +0,0 @@ - -
-

- Liste de tous les utilisateurs -

-

- Cette page contient la liste de tous les utilisateurs -

-
- <%= for user <- @test do %> -
-

Hello {user.name}!

-

Your email is {user.email}

-

And your hashed password is {user.password}.

-
- <% end %> -
-
diff --git a/lib/learning_phoenix_web/controllers/user_html/new.html.heex b/lib/learning_phoenix_web/controllers/user_html/new.html.heex deleted file mode 100644 index 5e39b9c..0000000 --- a/lib/learning_phoenix_web/controllers/user_html/new.html.heex +++ /dev/null @@ -1,9 +0,0 @@ - -
-

- Création d'utilisateur -

-

- Cette page permet de créer un utilisateur. -

-
diff --git a/lib/learning_phoenix_web/controllers/user_html/show.html.heex b/lib/learning_phoenix_web/controllers/user_html/show.html.heex deleted file mode 100644 index ae00824..0000000 --- a/lib/learning_phoenix_web/controllers/user_html/show.html.heex +++ /dev/null @@ -1,9 +0,0 @@ - -
-

- Info sur un utilisateur en particulier -

-

- Cette page donne les info sur un utilisateur en particulier -

-
diff --git a/lib/learning_phoenix_web/controllers/user_session_controller.ex b/lib/learning_phoenix_web/controllers/user_session_controller.ex new file mode 100644 index 0000000..07486a5 --- /dev/null +++ b/lib/learning_phoenix_web/controllers/user_session_controller.ex @@ -0,0 +1,67 @@ +defmodule LearningPhoenixWeb.UserSessionController do + use LearningPhoenixWeb, :controller + + alias LearningPhoenix.Accounts + alias LearningPhoenixWeb.UserAuth + + def create(conn, %{"_action" => "confirmed"} = params) do + create(conn, params, "User confirmed successfully.") + end + + def create(conn, params) do + create(conn, params, "Welcome back!") + end + + # magic link login + defp create(conn, %{"user" => %{"token" => token} = user_params}, info) do + case Accounts.login_user_by_magic_link(token) do + {:ok, {user, tokens_to_disconnect}} -> + UserAuth.disconnect_sessions(tokens_to_disconnect) + + conn + |> put_flash(:info, info) + |> UserAuth.log_in_user(user, user_params) + + _ -> + conn + |> put_flash(:error, "The link is invalid or it has expired.") + |> redirect(to: ~p"/users/log-in") + end + end + + # email + password login + defp create(conn, %{"user" => user_params}, info) do + %{"email" => email, "password" => password} = user_params + + if user = Accounts.get_user_by_email_and_password(email, password) do + conn + |> put_flash(:info, info) + |> UserAuth.log_in_user(user, user_params) + else + # In order to prevent user enumeration attacks, don't disclose whether the email is registered. + conn + |> put_flash(:error, "Invalid email or password") + |> put_flash(:email, String.slice(email, 0, 160)) + |> redirect(to: ~p"/users/log-in") + end + end + + def update_password(conn, %{"user" => user_params} = params) do + user = conn.assigns.current_scope.user + true = Accounts.sudo_mode?(user) + {:ok, {_user, expired_tokens}} = Accounts.update_user_password(user, user_params) + + # disconnect all existing LiveViews with old sessions + UserAuth.disconnect_sessions(expired_tokens) + + conn + |> put_session(:user_return_to, ~p"/users/settings") + |> create(params, "Password updated successfully!") + end + + def delete(conn, _params) do + conn + |> put_flash(:info, "Logged out successfully.") + |> UserAuth.log_out_user() + end +end diff --git a/lib/learning_phoenix_web/live/user_live/confirmation.ex b/lib/learning_phoenix_web/live/user_live/confirmation.ex new file mode 100644 index 0000000..c7c3fac --- /dev/null +++ b/lib/learning_phoenix_web/live/user_live/confirmation.ex @@ -0,0 +1,94 @@ +defmodule LearningPhoenixWeb.UserLive.Confirmation do + use LearningPhoenixWeb, :live_view + + alias LearningPhoenix.Accounts + + @impl true + def render(assigns) do + ~H""" + +
+
+ <.header>Welcome {@user.email} +
+ + <.form + :if={!@user.confirmed_at} + for={@form} + id="confirmation_form" + phx-mounted={JS.focus_first()} + phx-submit="submit" + action={~p"/users/log-in?_action=confirmed"} + phx-trigger-action={@trigger_submit} + > + + <.button + name={@form[:remember_me].name} + value="true" + phx-disable-with="Confirming..." + class="btn btn-primary w-full" + > + Confirm and stay logged in + + <.button phx-disable-with="Confirming..." class="btn btn-primary btn-soft w-full mt-2"> + Confirm and log in only this time + + + + <.form + :if={@user.confirmed_at} + for={@form} + id="login_form" + phx-submit="submit" + phx-mounted={JS.focus_first()} + action={~p"/users/log-in"} + phx-trigger-action={@trigger_submit} + > + + <%= if @current_scope do %> + <.button phx-disable-with="Logging in..." class="btn btn-primary w-full"> + Log in + + <% else %> + <.button + name={@form[:remember_me].name} + value="true" + phx-disable-with="Logging in..." + class="btn btn-primary w-full" + > + Keep me logged in on this device + + <.button phx-disable-with="Logging in..." class="btn btn-primary btn-soft w-full mt-2"> + Log me in only this time + + <% end %> + + +

+ Tip: If you prefer passwords, you can enable them in the user settings. +

+
+ + """ + end + + @impl true + def mount(%{"token" => token}, _session, socket) do + if user = Accounts.get_user_by_magic_link_token(token) do + form = to_form(%{"token" => token}, as: "user") + + {:ok, assign(socket, user: user, form: form, trigger_submit: false), + temporary_assigns: [form: nil]} + else + {:ok, + socket + |> put_flash(:error, "Magic link is invalid or it has expired.") + |> push_navigate(to: ~p"/users/log-in")} + end + end + + @impl true + def handle_event("submit", %{"user" => params}, socket) do + {:noreply, assign(socket, form: to_form(params, as: "user"), trigger_submit: true)} + end +end diff --git a/lib/learning_phoenix_web/live/user_live/login.ex b/lib/learning_phoenix_web/live/user_live/login.ex new file mode 100644 index 0000000..0063e78 --- /dev/null +++ b/lib/learning_phoenix_web/live/user_live/login.ex @@ -0,0 +1,131 @@ +defmodule LearningPhoenixWeb.UserLive.Login do + use LearningPhoenixWeb, :live_view + + alias LearningPhoenix.Accounts + + @impl true + def render(assigns) do + ~H""" + +
+
+ <.header> +

Log in

+ <:subtitle> + <%= if @current_scope do %> + You need to reauthenticate to perform sensitive actions on your account. + <% else %> + Don't have an account? <.link + navigate={~p"/users/register"} + class="font-semibold text-brand hover:underline" + phx-no-format + >Sign up for an account now. + <% end %> + + +
+ +
+ <.icon name="hero-information-circle" class="size-6 shrink-0" /> +
+

You are running the local mail adapter.

+

+ To see sent emails, visit <.link href="/dev/mailbox" class="underline">the mailbox page. +

+
+
+ + <.form + :let={f} + for={@form} + id="login_form_magic" + action={~p"/users/log-in"} + phx-submit="submit_magic" + > + <.input + readonly={!!@current_scope} + field={f[:email]} + type="email" + label="Email" + autocomplete="username" + required + phx-mounted={JS.focus()} + /> + <.button class="btn btn-primary w-full"> + Log in with email + + + +
or
+ + <.form + :let={f} + for={@form} + id="login_form_password" + action={~p"/users/log-in"} + phx-submit="submit_password" + phx-trigger-action={@trigger_submit} + > + <.input + readonly={!!@current_scope} + field={f[:email]} + type="email" + label="Email" + autocomplete="username" + required + /> + <.input + field={@form[:password]} + type="password" + label="Password" + autocomplete="current-password" + /> + <.button class="btn btn-primary w-full" name={@form[:remember_me].name} value="true"> + Log in and stay logged in + + <.button class="btn btn-primary btn-soft w-full mt-2"> + Log in only this time + + +
+ + """ + end + + @impl true + def mount(_params, _session, socket) do + email = + Phoenix.Flash.get(socket.assigns.flash, :email) || + get_in(socket.assigns, [:current_scope, Access.key(:user), Access.key(:email)]) + + form = to_form(%{"email" => email}, as: "user") + + {:ok, assign(socket, form: form, trigger_submit: false)} + end + + @impl true + def handle_event("submit_password", _params, socket) do + {:noreply, assign(socket, :trigger_submit, true)} + end + + def handle_event("submit_magic", %{"user" => %{"email" => email}}, socket) do + if user = Accounts.get_user_by_email(email) do + Accounts.deliver_login_instructions( + user, + &url(~p"/users/log-in/#{&1}") + ) + end + + info = + "If your email is in our system, you will receive instructions for logging in shortly." + + {:noreply, + socket + |> put_flash(:info, info) + |> push_navigate(to: ~p"/users/log-in")} + end + + defp local_mail_adapter? do + Application.get_env(:learning_phoenix, LearningPhoenix.Mailer)[:adapter] == Swoosh.Adapters.Local + end +end diff --git a/lib/learning_phoenix_web/live/user_live/registration.ex b/lib/learning_phoenix_web/live/user_live/registration.ex new file mode 100644 index 0000000..02cff4d --- /dev/null +++ b/lib/learning_phoenix_web/live/user_live/registration.ex @@ -0,0 +1,88 @@ +defmodule LearningPhoenixWeb.UserLive.Registration do + use LearningPhoenixWeb, :live_view + + alias LearningPhoenix.Accounts + alias LearningPhoenix.Accounts.User + + @impl true + def render(assigns) do + ~H""" + +
+
+ <.header> + Register for an account + <:subtitle> + Already registered? + <.link navigate={~p"/users/log-in"} class="font-semibold text-brand hover:underline"> + Log in + + to your account now. + + +
+ + <.form for={@form} id="registration_form" phx-submit="save" phx-change="validate"> + <.input + field={@form[:email]} + type="email" + label="Email" + autocomplete="username" + required + phx-mounted={JS.focus()} + /> + + <.button phx-disable-with="Creating account..." class="btn btn-primary w-full"> + Create an account + + +
+ + """ + end + + @impl true + def mount(_params, _session, %{assigns: %{current_scope: %{user: user}}} = socket) + when not is_nil(user) do + {:ok, redirect(socket, to: LearningPhoenixWeb.UserAuth.signed_in_path(socket))} + end + + def mount(_params, _session, socket) do + changeset = Accounts.change_user_email(%User{}, %{}, validate_unique: false) + + {:ok, assign_form(socket, changeset), temporary_assigns: [form: nil]} + end + + @impl true + def handle_event("save", %{"user" => user_params}, socket) do + case Accounts.register_user(user_params) do + {:ok, user} -> + {:ok, _} = + Accounts.deliver_login_instructions( + user, + &url(~p"/users/log-in/#{&1}") + ) + + {:noreply, + socket + |> put_flash( + :info, + "An email was sent to #{user.email}, please access it to confirm your account." + ) + |> push_navigate(to: ~p"/users/log-in")} + + {:error, %Ecto.Changeset{} = changeset} -> + {:noreply, assign_form(socket, changeset)} + end + end + + def handle_event("validate", %{"user" => user_params}, socket) do + changeset = Accounts.change_user_email(%User{}, user_params, validate_unique: false) + {:noreply, assign_form(socket, Map.put(changeset, :action, :validate))} + end + + defp assign_form(socket, %Ecto.Changeset{} = changeset) do + form = to_form(changeset, as: "user") + assign(socket, form: form) + end +end diff --git a/lib/learning_phoenix_web/live/user_live/settings.ex b/lib/learning_phoenix_web/live/user_live/settings.ex new file mode 100644 index 0000000..d1d4272 --- /dev/null +++ b/lib/learning_phoenix_web/live/user_live/settings.ex @@ -0,0 +1,157 @@ +defmodule LearningPhoenixWeb.UserLive.Settings do + use LearningPhoenixWeb, :live_view + + on_mount {LearningPhoenixWeb.UserAuth, :require_sudo_mode} + + alias LearningPhoenix.Accounts + + @impl true + def render(assigns) do + ~H""" + +
+ <.header> + Account Settings + <:subtitle>Manage your account email address and password settings + +
+ + <.form for={@email_form} id="email_form" phx-submit="update_email" phx-change="validate_email"> + <.input + field={@email_form[:email]} + type="email" + label="Email" + autocomplete="username" + required + /> + <.button variant="primary" phx-disable-with="Changing...">Change Email + + +
+ + <.form + for={@password_form} + id="password_form" + action={~p"/users/update-password"} + method="post" + phx-change="validate_password" + phx-submit="update_password" + phx-trigger-action={@trigger_submit} + > + + <.input + field={@password_form[:password]} + type="password" + label="New password" + autocomplete="new-password" + required + /> + <.input + field={@password_form[:password_confirmation]} + type="password" + label="Confirm new password" + autocomplete="new-password" + /> + <.button variant="primary" phx-disable-with="Saving..."> + Save Password + + + + """ + end + + @impl true + def mount(%{"token" => token}, _session, socket) do + socket = + case Accounts.update_user_email(socket.assigns.current_scope.user, token) do + {:ok, _user} -> + put_flash(socket, :info, "Email changed successfully.") + + {:error, _} -> + put_flash(socket, :error, "Email change link is invalid or it has expired.") + end + + {:ok, push_navigate(socket, to: ~p"/users/settings")} + end + + def mount(_params, _session, socket) do + user = socket.assigns.current_scope.user + email_changeset = Accounts.change_user_email(user, %{}, validate_unique: false) + password_changeset = Accounts.change_user_password(user, %{}, hash_password: false) + + socket = + socket + |> assign(:current_email, user.email) + |> assign(:email_form, to_form(email_changeset)) + |> assign(:password_form, to_form(password_changeset)) + |> assign(:trigger_submit, false) + + {:ok, socket} + end + + @impl true + def handle_event("validate_email", params, socket) do + %{"user" => user_params} = params + + email_form = + socket.assigns.current_scope.user + |> Accounts.change_user_email(user_params, validate_unique: false) + |> Map.put(:action, :validate) + |> to_form() + + {:noreply, assign(socket, email_form: email_form)} + end + + def handle_event("update_email", params, socket) do + %{"user" => user_params} = params + user = socket.assigns.current_scope.user + true = Accounts.sudo_mode?(user) + + case Accounts.change_user_email(user, user_params) do + %{valid?: true} = changeset -> + Accounts.deliver_user_update_email_instructions( + Ecto.Changeset.apply_action!(changeset, :insert), + user.email, + &url(~p"/users/settings/confirm-email/#{&1}") + ) + + info = "A link to confirm your email change has been sent to the new address." + {:noreply, socket |> put_flash(:info, info)} + + changeset -> + {:noreply, assign(socket, :email_form, to_form(changeset, action: :insert))} + end + end + + def handle_event("validate_password", params, socket) do + %{"user" => user_params} = params + + password_form = + socket.assigns.current_scope.user + |> Accounts.change_user_password(user_params, hash_password: false) + |> Map.put(:action, :validate) + |> to_form() + + {:noreply, assign(socket, password_form: password_form)} + end + + def handle_event("update_password", params, socket) do + %{"user" => user_params} = params + user = socket.assigns.current_scope.user + true = Accounts.sudo_mode?(user) + + case Accounts.change_user_password(user, user_params) do + %{valid?: true} = changeset -> + {:noreply, assign(socket, trigger_submit: true, password_form: to_form(changeset))} + + changeset -> + {:noreply, assign(socket, password_form: to_form(changeset, action: :insert))} + end + end +end diff --git a/lib/learning_phoenix_web/router.ex b/lib/learning_phoenix_web/router.ex index 60dbb53..77f4e96 100644 --- a/lib/learning_phoenix_web/router.ex +++ b/lib/learning_phoenix_web/router.ex @@ -1,6 +1,8 @@ defmodule LearningPhoenixWeb.Router do use LearningPhoenixWeb, :router + import LearningPhoenixWeb.UserAuth + pipeline :browser do plug :accepts, ["html"] plug :fetch_session @@ -8,6 +10,7 @@ defmodule LearningPhoenixWeb.Router do plug :put_root_layout, html: {LearningPhoenixWeb.Layouts, :root} plug :protect_from_forgery plug :put_secure_browser_headers + plug :fetch_current_scope_for_user end pipeline :api do @@ -18,7 +21,6 @@ defmodule LearningPhoenixWeb.Router do pipe_through :browser get "/", PageController, :home - resources "/users", UserController end # Other scopes may use custom stacks. @@ -42,4 +44,32 @@ defmodule LearningPhoenixWeb.Router do forward "/mailbox", Plug.Swoosh.MailboxPreview end end + + ## Authentication routes + + scope "/", LearningPhoenixWeb do + pipe_through [:browser, :require_authenticated_user] + + live_session :require_authenticated_user, + on_mount: [{LearningPhoenixWeb.UserAuth, :require_authenticated}] do + live "/users/settings", UserLive.Settings, :edit + live "/users/settings/confirm-email/:token", UserLive.Settings, :confirm_email + end + + post "/users/update-password", UserSessionController, :update_password + end + + scope "/", LearningPhoenixWeb do + pipe_through [:browser] + + live_session :current_user, + on_mount: [{LearningPhoenixWeb.UserAuth, :mount_current_scope}] do + live "/users/register", UserLive.Registration, :new + live "/users/log-in", UserLive.Login, :new + live "/users/log-in/:token", UserLive.Confirmation, :new + end + + post "/users/log-in", UserSessionController, :create + delete "/users/log-out", UserSessionController, :delete + end end diff --git a/lib/learning_phoenix_web/user_auth.ex b/lib/learning_phoenix_web/user_auth.ex new file mode 100644 index 0000000..31b86f5 --- /dev/null +++ b/lib/learning_phoenix_web/user_auth.ex @@ -0,0 +1,287 @@ +defmodule LearningPhoenixWeb.UserAuth do + use LearningPhoenixWeb, :verified_routes + + import Plug.Conn + import Phoenix.Controller + + alias LearningPhoenix.Accounts + alias LearningPhoenix.Accounts.Scope + + # Make the remember me cookie valid for 14 days. This should match + # the session validity setting in UserToken. + @max_cookie_age_in_days 14 + @remember_me_cookie "_learning_phoenix_web_user_remember_me" + @remember_me_options [ + sign: true, + max_age: @max_cookie_age_in_days * 24 * 60 * 60, + same_site: "Lax" + ] + + # How old the session token should be before a new one is issued. When a request is made + # with a session token older than this value, then a new session token will be created + # and the session and remember-me cookies (if set) will be updated with the new token. + # Lowering this value will result in more tokens being created by active users. Increasing + # it will result in less time before a session token expires for a user to get issued a new + # token. This can be set to a value greater than `@max_cookie_age_in_days` to disable + # the reissuing of tokens completely. + @session_reissue_age_in_days 7 + + @doc """ + Logs the user in. + + Redirects to the session's `:user_return_to` path + or falls back to the `signed_in_path/1`. + """ + def log_in_user(conn, user, params \\ %{}) do + user_return_to = get_session(conn, :user_return_to) + + conn + |> create_or_extend_session(user, params) + |> redirect(to: user_return_to || signed_in_path(conn)) + end + + @doc """ + Logs the user out. + + It clears all session data for safety. See renew_session. + """ + def log_out_user(conn) do + user_token = get_session(conn, :user_token) + user_token && Accounts.delete_user_session_token(user_token) + + if live_socket_id = get_session(conn, :live_socket_id) do + LearningPhoenixWeb.Endpoint.broadcast(live_socket_id, "disconnect", %{}) + end + + conn + |> renew_session(nil) + |> delete_resp_cookie(@remember_me_cookie) + |> redirect(to: ~p"/") + end + + @doc """ + Authenticates the user by looking into the session and remember me token. + + Will reissue the session token if it is older than the configured age. + """ + def fetch_current_scope_for_user(conn, _opts) do + with {token, conn} <- ensure_user_token(conn), + {user, token_inserted_at} <- Accounts.get_user_by_session_token(token) do + conn + |> assign(:current_scope, Scope.for_user(user)) + |> maybe_reissue_user_session_token(user, token_inserted_at) + else + nil -> assign(conn, :current_scope, Scope.for_user(nil)) + end + end + + defp ensure_user_token(conn) do + if token = get_session(conn, :user_token) do + {token, conn} + else + conn = fetch_cookies(conn, signed: [@remember_me_cookie]) + + if token = conn.cookies[@remember_me_cookie] do + {token, conn |> put_token_in_session(token) |> put_session(:user_remember_me, true)} + else + nil + end + end + end + + # Reissue the session token if it is older than the configured reissue age. + defp maybe_reissue_user_session_token(conn, user, token_inserted_at) do + token_age = DateTime.diff(DateTime.utc_now(:second), token_inserted_at, :day) + + if token_age >= @session_reissue_age_in_days do + create_or_extend_session(conn, user, %{}) + else + conn + end + end + + # This function is the one responsible for creating session tokens + # and storing them safely in the session and cookies. It may be called + # either when logging in, during sudo mode, or to renew a session which + # will soon expire. + # + # When the session is created, rather than extended, the renew_session + # function will clear the session to avoid fixation attacks. See the + # renew_session function to customize this behaviour. + defp create_or_extend_session(conn, user, params) do + token = Accounts.generate_user_session_token(user) + remember_me = get_session(conn, :user_remember_me) + + conn + |> renew_session(user) + |> put_token_in_session(token) + |> maybe_write_remember_me_cookie(token, params, remember_me) + end + + # Do not renew session if the user is already logged in + # to prevent CSRF errors or data being lost in tabs that are still open + defp renew_session(conn, user) when conn.assigns.current_scope.user.id == user.id do + conn + end + + # This function renews the session ID and erases the whole + # session to avoid fixation attacks. If there is any data + # in the session you may want to preserve after log in/log out, + # you must explicitly fetch the session data before clearing + # and then immediately set it after clearing, for example: + # + # defp renew_session(conn, _user) do + # delete_csrf_token() + # preferred_locale = get_session(conn, :preferred_locale) + # + # conn + # |> configure_session(renew: true) + # |> clear_session() + # |> put_session(:preferred_locale, preferred_locale) + # end + # + defp renew_session(conn, _user) do + delete_csrf_token() + + conn + |> configure_session(renew: true) + |> clear_session() + end + + defp maybe_write_remember_me_cookie(conn, token, %{"remember_me" => "true"}, _), + do: write_remember_me_cookie(conn, token) + + defp maybe_write_remember_me_cookie(conn, token, _params, true), + do: write_remember_me_cookie(conn, token) + + defp maybe_write_remember_me_cookie(conn, _token, _params, _), do: conn + + defp write_remember_me_cookie(conn, token) do + conn + |> put_session(:user_remember_me, true) + |> put_resp_cookie(@remember_me_cookie, token, @remember_me_options) + end + + defp put_token_in_session(conn, token) do + conn + |> put_session(:user_token, token) + |> put_session(:live_socket_id, user_session_topic(token)) + end + + @doc """ + Disconnects existing sockets for the given tokens. + """ + def disconnect_sessions(tokens) do + Enum.each(tokens, fn %{token: token} -> + LearningPhoenixWeb.Endpoint.broadcast(user_session_topic(token), "disconnect", %{}) + end) + end + + defp user_session_topic(token), do: "users_sessions:#{Base.url_encode64(token)}" + + @doc """ + Handles mounting and authenticating the current_scope in LiveViews. + + ## `on_mount` arguments + + * `:mount_current_scope` - Assigns current_scope + to socket assigns based on user_token, or nil if + there's no user_token or no matching user. + + * `:require_authenticated` - Authenticates the user from the session, + and assigns the current_scope to socket assigns based + on user_token. + Redirects to login page if there's no logged user. + + ## Examples + + Use the `on_mount` lifecycle macro in LiveViews to mount or authenticate + the `current_scope`: + + defmodule LearningPhoenixWeb.PageLive do + use LearningPhoenixWeb, :live_view + + on_mount {LearningPhoenixWeb.UserAuth, :mount_current_scope} + ... + end + + Or use the `live_session` of your router to invoke the on_mount callback: + + live_session :authenticated, on_mount: [{LearningPhoenixWeb.UserAuth, :require_authenticated}] do + live "/profile", ProfileLive, :index + end + """ + def on_mount(:mount_current_scope, _params, session, socket) do + {:cont, mount_current_scope(socket, session)} + end + + def on_mount(:require_authenticated, _params, session, socket) do + socket = mount_current_scope(socket, session) + + if socket.assigns.current_scope && socket.assigns.current_scope.user do + {:cont, socket} + else + socket = + socket + |> Phoenix.LiveView.put_flash(:error, "You must log in to access this page.") + |> Phoenix.LiveView.redirect(to: ~p"/users/log-in") + + {:halt, socket} + end + end + + def on_mount(:require_sudo_mode, _params, session, socket) do + socket = mount_current_scope(socket, session) + + if Accounts.sudo_mode?(socket.assigns.current_scope.user, -10) do + {:cont, socket} + else + socket = + socket + |> Phoenix.LiveView.put_flash(:error, "You must re-authenticate to access this page.") + |> Phoenix.LiveView.redirect(to: ~p"/users/log-in") + + {:halt, socket} + end + end + + defp mount_current_scope(socket, session) do + Phoenix.Component.assign_new(socket, :current_scope, fn -> + {user, _} = + if user_token = session["user_token"] do + Accounts.get_user_by_session_token(user_token) + end || {nil, nil} + + Scope.for_user(user) + end) + end + + @doc "Returns the path to redirect to after log in." + # the user was already logged in, redirect to settings + def signed_in_path(%Plug.Conn{assigns: %{current_scope: %Scope{user: %Accounts.User{}}}}) do + ~p"/users/settings" + end + + def signed_in_path(_), do: ~p"/" + + @doc """ + Plug for routes that require the user to be authenticated. + """ + def require_authenticated_user(conn, _opts) do + if conn.assigns.current_scope && conn.assigns.current_scope.user do + conn + else + conn + |> put_flash(:error, "You must log in to access this page.") + |> maybe_store_return_to() + |> redirect(to: ~p"/users/log-in") + |> halt() + end + end + + defp maybe_store_return_to(%{method: "GET"} = conn) do + put_session(conn, :user_return_to, current_path(conn)) + end + + defp maybe_store_return_to(conn), do: conn +end diff --git a/mix.exs b/mix.exs index 20c4b00..fc0ccaa 100644 --- a/mix.exs +++ b/mix.exs @@ -40,6 +40,7 @@ defmodule LearningPhoenix.MixProject do # Type `mix help deps` for examples and options. defp deps do [ + {:bcrypt_elixir, "~> 3.0"}, {:phoenix, "~> 1.8.0"}, {:phoenix_ecto, "~> 4.5"}, {:ecto_sql, "~> 3.13"}, diff --git a/mix.lock b/mix.lock index 176c653..f7a2073 100644 --- a/mix.lock +++ b/mix.lock @@ -1,6 +1,8 @@ %{ "bandit": {:hex, :bandit, "1.7.0", "d1564f30553c97d3e25f9623144bb8df11f3787a26733f00b21699a128105c0c", [:mix], [{:hpax, "~> 1.0", [hex: :hpax, repo: "hexpm", optional: false]}, {:plug, "~> 1.18", [hex: :plug, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}, {:thousand_island, "~> 1.0", [hex: :thousand_island, repo: "hexpm", optional: false]}, {:websock, "~> 0.5", [hex: :websock, repo: "hexpm", optional: false]}], "hexpm", "3e2f7a98c7a11f48d9d8c037f7177cd39778e74d55c7af06fe6227c742a8168a"}, + "bcrypt_elixir": {:hex, :bcrypt_elixir, "3.3.2", "d50091e3c9492d73e17fc1e1619a9b09d6a5ef99160eb4d736926fd475a16ca3", [:make, :mix], [{:comeonin, "~> 5.3", [hex: :comeonin, repo: "hexpm", optional: false]}, {:elixir_make, "~> 0.6", [hex: :elixir_make, repo: "hexpm", optional: false]}], "hexpm", "471be5151874ae7931911057d1467d908955f93554f7a6cd1b7d804cac8cef53"}, "cc_precompiler": {:hex, :cc_precompiler, "0.1.11", "8c844d0b9fb98a3edea067f94f616b3f6b29b959b6b3bf25fee94ffe34364768", [:mix], [{:elixir_make, "~> 0.7", [hex: :elixir_make, repo: "hexpm", optional: false]}], "hexpm", "3427232caf0835f94680e5bcf082408a70b48ad68a5f5c0b02a3bea9f3a075b9"}, + "comeonin": {:hex, :comeonin, "5.5.1", "5113e5f3800799787de08a6e0db307133850e635d34e9fab23c70b6501669510", [:mix], [], "hexpm", "65aac8f19938145377cee73973f192c5645873dcf550a8a6b18187d17c13ccdb"}, "db_connection": {:hex, :db_connection, "2.8.0", "64fd82cfa6d8e25ec6660cea73e92a4cbc6a18b31343910427b702838c4b33b2", [:mix], [{:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "008399dae5eee1bf5caa6e86d204dcb44242c82b1ed5e22c881f2c34da201b15"}, "decimal": {:hex, :decimal, "2.3.0", "3ad6255aa77b4a3c4f818171b12d237500e63525c2fd056699967a3e7ea20f62", [:mix], [], "hexpm", "a4d66355cb29cb47c3cf30e71329e58361cfcb37c34235ef3bf1d7bf3773aeac"}, "dns_cluster": {:hex, :dns_cluster, "0.2.0", "aa8eb46e3bd0326bd67b84790c561733b25c5ba2fe3c7e36f28e88f384ebcb33", [:mix], [], "hexpm", "ba6f1893411c69c01b9e8e8f772062535a4cf70f3f35bcc964a324078d8c8240"}, diff --git a/priv/repo/migrations/20250812135200_create_users.exs b/priv/repo/migrations/20250812135200_create_users.exs deleted file mode 100644 index 2851a56..0000000 --- a/priv/repo/migrations/20250812135200_create_users.exs +++ /dev/null @@ -1,13 +0,0 @@ -defmodule LearningPhoenix.Repo.Migrations.CreateUsers do - use Ecto.Migration - - def change do - create table(:users) do - add :name, :string - add :email, :string - add :password, :string - - timestamps(type: :utc_datetime) - end - end -end diff --git a/priv/repo/migrations/20250814184559_create_users_auth_tables.exs b/priv/repo/migrations/20250814184559_create_users_auth_tables.exs new file mode 100644 index 0000000..5867a1b --- /dev/null +++ b/priv/repo/migrations/20250814184559_create_users_auth_tables.exs @@ -0,0 +1,28 @@ +defmodule LearningPhoenix.Repo.Migrations.CreateUsersAuthTables do + use Ecto.Migration + + def change do + create table(:users) do + add :email, :string, null: false, collate: :nocase + add :hashed_password, :string + add :confirmed_at, :utc_datetime + + timestamps(type: :utc_datetime) + end + + create unique_index(:users, [:email]) + + create table(:users_tokens) do + add :user_id, references(:users, on_delete: :delete_all), null: false + add :token, :binary, null: false, size: 32 + add :context, :string, null: false + add :sent_to, :string + add :authenticated_at, :utc_datetime + + timestamps(type: :utc_datetime, updated_at: false) + end + + create index(:users_tokens, [:user_id]) + create unique_index(:users_tokens, [:context, :token]) + end +end diff --git a/test/learning_phoenix/accounts_test.exs b/test/learning_phoenix/accounts_test.exs new file mode 100644 index 0000000..f8c56a1 --- /dev/null +++ b/test/learning_phoenix/accounts_test.exs @@ -0,0 +1,397 @@ +defmodule LearningPhoenix.AccountsTest do + use LearningPhoenix.DataCase + + alias LearningPhoenix.Accounts + + import LearningPhoenix.AccountsFixtures + alias LearningPhoenix.Accounts.{User, UserToken} + + describe "get_user_by_email/1" do + test "does not return the user if the email does not exist" do + refute Accounts.get_user_by_email("unknown@example.com") + end + + test "returns the user if the email exists" do + %{id: id} = user = user_fixture() + assert %User{id: ^id} = Accounts.get_user_by_email(user.email) + end + end + + describe "get_user_by_email_and_password/2" do + test "does not return the user if the email does not exist" do + refute Accounts.get_user_by_email_and_password("unknown@example.com", "hello world!") + end + + test "does not return the user if the password is not valid" do + user = user_fixture() |> set_password() + refute Accounts.get_user_by_email_and_password(user.email, "invalid") + end + + test "returns the user if the email and password are valid" do + %{id: id} = user = user_fixture() |> set_password() + + assert %User{id: ^id} = + Accounts.get_user_by_email_and_password(user.email, valid_user_password()) + end + end + + describe "get_user!/1" do + test "raises if id is invalid" do + assert_raise Ecto.NoResultsError, fn -> + Accounts.get_user!(-1) + end + end + + test "returns the user with the given id" do + %{id: id} = user = user_fixture() + assert %User{id: ^id} = Accounts.get_user!(user.id) + end + end + + describe "register_user/1" do + test "requires email to be set" do + {:error, changeset} = Accounts.register_user(%{}) + + assert %{email: ["can't be blank"]} = errors_on(changeset) + end + + test "validates email when given" do + {:error, changeset} = Accounts.register_user(%{email: "not valid"}) + + assert %{email: ["must have the @ sign and no spaces"]} = errors_on(changeset) + end + + test "validates maximum values for email for security" do + too_long = String.duplicate("db", 100) + {:error, changeset} = Accounts.register_user(%{email: too_long}) + assert "should be at most 160 character(s)" in errors_on(changeset).email + end + + test "validates email uniqueness" do + %{email: email} = user_fixture() + {:error, changeset} = Accounts.register_user(%{email: email}) + assert "has already been taken" in errors_on(changeset).email + + # Now try with the upper cased email too, to check that email case is ignored. + {:error, changeset} = Accounts.register_user(%{email: String.upcase(email)}) + assert "has already been taken" in errors_on(changeset).email + end + + test "registers users without password" do + email = unique_user_email() + {:ok, user} = Accounts.register_user(valid_user_attributes(email: email)) + assert user.email == email + assert is_nil(user.hashed_password) + assert is_nil(user.confirmed_at) + assert is_nil(user.password) + end + end + + describe "sudo_mode?/2" do + test "validates the authenticated_at time" do + now = DateTime.utc_now() + + assert Accounts.sudo_mode?(%User{authenticated_at: DateTime.utc_now()}) + assert Accounts.sudo_mode?(%User{authenticated_at: DateTime.add(now, -19, :minute)}) + refute Accounts.sudo_mode?(%User{authenticated_at: DateTime.add(now, -21, :minute)}) + + # minute override + refute Accounts.sudo_mode?( + %User{authenticated_at: DateTime.add(now, -11, :minute)}, + -10 + ) + + # not authenticated + refute Accounts.sudo_mode?(%User{}) + end + end + + describe "change_user_email/3" do + test "returns a user changeset" do + assert %Ecto.Changeset{} = changeset = Accounts.change_user_email(%User{}) + assert changeset.required == [:email] + end + end + + describe "deliver_user_update_email_instructions/3" do + setup do + %{user: user_fixture()} + end + + test "sends token through notification", %{user: user} do + token = + extract_user_token(fn url -> + Accounts.deliver_user_update_email_instructions(user, "current@example.com", url) + end) + + {:ok, token} = Base.url_decode64(token, padding: false) + assert user_token = Repo.get_by(UserToken, token: :crypto.hash(:sha256, token)) + assert user_token.user_id == user.id + assert user_token.sent_to == user.email + assert user_token.context == "change:current@example.com" + end + end + + describe "update_user_email/2" do + setup do + user = unconfirmed_user_fixture() + email = unique_user_email() + + token = + extract_user_token(fn url -> + Accounts.deliver_user_update_email_instructions(%{user | email: email}, user.email, url) + end) + + %{user: user, token: token, email: email} + end + + test "updates the email with a valid token", %{user: user, token: token, email: email} do + assert {:ok, %{email: ^email}} = Accounts.update_user_email(user, token) + changed_user = Repo.get!(User, user.id) + assert changed_user.email != user.email + assert changed_user.email == email + refute Repo.get_by(UserToken, user_id: user.id) + end + + test "does not update email with invalid token", %{user: user} do + assert Accounts.update_user_email(user, "oops") == + {:error, :transaction_aborted} + + assert Repo.get!(User, user.id).email == user.email + assert Repo.get_by(UserToken, user_id: user.id) + end + + test "does not update email if user email changed", %{user: user, token: token} do + assert Accounts.update_user_email(%{user | email: "current@example.com"}, token) == + {:error, :transaction_aborted} + + assert Repo.get!(User, user.id).email == user.email + assert Repo.get_by(UserToken, user_id: user.id) + end + + test "does not update email if token expired", %{user: user, token: token} do + {1, nil} = Repo.update_all(UserToken, set: [inserted_at: ~N[2020-01-01 00:00:00]]) + + assert Accounts.update_user_email(user, token) == + {:error, :transaction_aborted} + + assert Repo.get!(User, user.id).email == user.email + assert Repo.get_by(UserToken, user_id: user.id) + end + end + + describe "change_user_password/3" do + test "returns a user changeset" do + assert %Ecto.Changeset{} = changeset = Accounts.change_user_password(%User{}) + assert changeset.required == [:password] + end + + test "allows fields to be set" do + changeset = + Accounts.change_user_password( + %User{}, + %{ + "password" => "new valid password" + }, + hash_password: false + ) + + assert changeset.valid? + assert get_change(changeset, :password) == "new valid password" + assert is_nil(get_change(changeset, :hashed_password)) + end + end + + describe "update_user_password/2" do + setup do + %{user: user_fixture()} + end + + test "validates password", %{user: user} do + {:error, changeset} = + Accounts.update_user_password(user, %{ + password: "not valid", + password_confirmation: "another" + }) + + assert %{ + password: ["should be at least 12 character(s)"], + password_confirmation: ["does not match password"] + } = errors_on(changeset) + end + + test "validates maximum values for password for security", %{user: user} do + too_long = String.duplicate("db", 100) + + {:error, changeset} = + Accounts.update_user_password(user, %{password: too_long}) + + assert "should be at most 72 character(s)" in errors_on(changeset).password + end + + test "updates the password", %{user: user} do + {:ok, {user, expired_tokens}} = + Accounts.update_user_password(user, %{ + password: "new valid password" + }) + + assert expired_tokens == [] + assert is_nil(user.password) + assert Accounts.get_user_by_email_and_password(user.email, "new valid password") + end + + test "deletes all tokens for the given user", %{user: user} do + _ = Accounts.generate_user_session_token(user) + + {:ok, {_, _}} = + Accounts.update_user_password(user, %{ + password: "new valid password" + }) + + refute Repo.get_by(UserToken, user_id: user.id) + end + end + + describe "generate_user_session_token/1" do + setup do + %{user: user_fixture()} + end + + test "generates a token", %{user: user} do + token = Accounts.generate_user_session_token(user) + assert user_token = Repo.get_by(UserToken, token: token) + assert user_token.context == "session" + assert user_token.authenticated_at != nil + + # Creating the same token for another user should fail + assert_raise Ecto.ConstraintError, fn -> + Repo.insert!(%UserToken{ + token: user_token.token, + user_id: user_fixture().id, + context: "session" + }) + end + end + + test "duplicates the authenticated_at of given user in new token", %{user: user} do + user = %{user | authenticated_at: DateTime.add(DateTime.utc_now(:second), -3600)} + token = Accounts.generate_user_session_token(user) + assert user_token = Repo.get_by(UserToken, token: token) + assert user_token.authenticated_at == user.authenticated_at + assert DateTime.compare(user_token.inserted_at, user.authenticated_at) == :gt + end + end + + describe "get_user_by_session_token/1" do + setup do + user = user_fixture() + token = Accounts.generate_user_session_token(user) + %{user: user, token: token} + end + + test "returns user by token", %{user: user, token: token} do + assert {session_user, token_inserted_at} = Accounts.get_user_by_session_token(token) + assert session_user.id == user.id + assert session_user.authenticated_at != nil + assert token_inserted_at != nil + end + + test "does not return user for invalid token" do + refute Accounts.get_user_by_session_token("oops") + end + + test "does not return user for expired token", %{token: token} do + dt = ~N[2020-01-01 00:00:00] + {1, nil} = Repo.update_all(UserToken, set: [inserted_at: dt, authenticated_at: dt]) + refute Accounts.get_user_by_session_token(token) + end + end + + describe "get_user_by_magic_link_token/1" do + setup do + user = user_fixture() + {encoded_token, _hashed_token} = generate_user_magic_link_token(user) + %{user: user, token: encoded_token} + end + + test "returns user by token", %{user: user, token: token} do + assert session_user = Accounts.get_user_by_magic_link_token(token) + assert session_user.id == user.id + end + + test "does not return user for invalid token" do + refute Accounts.get_user_by_magic_link_token("oops") + end + + test "does not return user for expired token", %{token: token} do + {1, nil} = Repo.update_all(UserToken, set: [inserted_at: ~N[2020-01-01 00:00:00]]) + refute Accounts.get_user_by_magic_link_token(token) + end + end + + describe "login_user_by_magic_link/1" do + test "confirms user and expires tokens" do + user = unconfirmed_user_fixture() + refute user.confirmed_at + {encoded_token, hashed_token} = generate_user_magic_link_token(user) + + assert {:ok, {user, [%{token: ^hashed_token}]}} = + Accounts.login_user_by_magic_link(encoded_token) + + assert user.confirmed_at + end + + test "returns user and (deleted) token for confirmed user" do + user = user_fixture() + assert user.confirmed_at + {encoded_token, _hashed_token} = generate_user_magic_link_token(user) + assert {:ok, {^user, []}} = Accounts.login_user_by_magic_link(encoded_token) + # one time use only + assert {:error, :not_found} = Accounts.login_user_by_magic_link(encoded_token) + end + + test "raises when unconfirmed user has password set" do + user = unconfirmed_user_fixture() + {1, nil} = Repo.update_all(User, set: [hashed_password: "hashed"]) + {encoded_token, _hashed_token} = generate_user_magic_link_token(user) + + assert_raise RuntimeError, ~r/magic link log in is not allowed/, fn -> + Accounts.login_user_by_magic_link(encoded_token) + end + end + end + + describe "delete_user_session_token/1" do + test "deletes the token" do + user = user_fixture() + token = Accounts.generate_user_session_token(user) + assert Accounts.delete_user_session_token(token) == :ok + refute Accounts.get_user_by_session_token(token) + end + end + + describe "deliver_login_instructions/2" do + setup do + %{user: unconfirmed_user_fixture()} + end + + test "sends token through notification", %{user: user} do + token = + extract_user_token(fn url -> + Accounts.deliver_login_instructions(user, url) + end) + + {:ok, token} = Base.url_decode64(token, padding: false) + assert user_token = Repo.get_by(UserToken, token: :crypto.hash(:sha256, token)) + assert user_token.user_id == user.id + assert user_token.sent_to == user.email + assert user_token.context == "login" + end + end + + describe "inspect/2 for the User module" do + test "does not include password" do + refute inspect(%User{password: "123456"}) =~ "password: \"123456\"" + end + end +end diff --git a/test/learning_phoenix_web/controllers/user_session_controller_test.exs b/test/learning_phoenix_web/controllers/user_session_controller_test.exs new file mode 100644 index 0000000..e79dc72 --- /dev/null +++ b/test/learning_phoenix_web/controllers/user_session_controller_test.exs @@ -0,0 +1,147 @@ +defmodule LearningPhoenixWeb.UserSessionControllerTest do + use LearningPhoenixWeb.ConnCase + + import LearningPhoenix.AccountsFixtures + alias LearningPhoenix.Accounts + + setup do + %{unconfirmed_user: unconfirmed_user_fixture(), user: user_fixture()} + end + + describe "POST /users/log-in - email and password" do + test "logs the user in", %{conn: conn, user: user} do + user = set_password(user) + + conn = + post(conn, ~p"/users/log-in", %{ + "user" => %{"email" => user.email, "password" => valid_user_password()} + }) + + assert get_session(conn, :user_token) + assert redirected_to(conn) == ~p"/" + + # Now do a logged in request and assert on the menu + conn = get(conn, ~p"/") + response = html_response(conn, 200) + assert response =~ user.email + assert response =~ ~p"/users/settings" + assert response =~ ~p"/users/log-out" + end + + test "logs the user in with remember me", %{conn: conn, user: user} do + user = set_password(user) + + conn = + post(conn, ~p"/users/log-in", %{ + "user" => %{ + "email" => user.email, + "password" => valid_user_password(), + "remember_me" => "true" + } + }) + + assert conn.resp_cookies["_learning_phoenix_web_user_remember_me"] + assert redirected_to(conn) == ~p"/" + end + + test "logs the user in with return to", %{conn: conn, user: user} do + user = set_password(user) + + conn = + conn + |> init_test_session(user_return_to: "/foo/bar") + |> post(~p"/users/log-in", %{ + "user" => %{ + "email" => user.email, + "password" => valid_user_password() + } + }) + + assert redirected_to(conn) == "/foo/bar" + assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ "Welcome back!" + end + + test "redirects to login page with invalid credentials", %{conn: conn, user: user} do + conn = + post(conn, ~p"/users/log-in?mode=password", %{ + "user" => %{"email" => user.email, "password" => "invalid_password"} + }) + + assert Phoenix.Flash.get(conn.assigns.flash, :error) == "Invalid email or password" + assert redirected_to(conn) == ~p"/users/log-in" + end + end + + describe "POST /users/log-in - magic link" do + test "logs the user in", %{conn: conn, user: user} do + {token, _hashed_token} = generate_user_magic_link_token(user) + + conn = + post(conn, ~p"/users/log-in", %{ + "user" => %{"token" => token} + }) + + assert get_session(conn, :user_token) + assert redirected_to(conn) == ~p"/" + + # Now do a logged in request and assert on the menu + conn = get(conn, ~p"/") + response = html_response(conn, 200) + assert response =~ user.email + assert response =~ ~p"/users/settings" + assert response =~ ~p"/users/log-out" + end + + test "confirms unconfirmed user", %{conn: conn, unconfirmed_user: user} do + {token, _hashed_token} = generate_user_magic_link_token(user) + refute user.confirmed_at + + conn = + post(conn, ~p"/users/log-in", %{ + "user" => %{"token" => token}, + "_action" => "confirmed" + }) + + assert get_session(conn, :user_token) + assert redirected_to(conn) == ~p"/" + assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ "User confirmed successfully." + + assert Accounts.get_user!(user.id).confirmed_at + + # Now do a logged in request and assert on the menu + conn = get(conn, ~p"/") + response = html_response(conn, 200) + assert response =~ user.email + assert response =~ ~p"/users/settings" + assert response =~ ~p"/users/log-out" + end + + test "redirects to login page when magic link is invalid", %{conn: conn} do + conn = + post(conn, ~p"/users/log-in", %{ + "user" => %{"token" => "invalid"} + }) + + assert Phoenix.Flash.get(conn.assigns.flash, :error) == + "The link is invalid or it has expired." + + assert redirected_to(conn) == ~p"/users/log-in" + end + end + + describe "DELETE /users/log-out" do + test "logs the user out", %{conn: conn, user: user} do + conn = conn |> log_in_user(user) |> delete(~p"/users/log-out") + assert redirected_to(conn) == ~p"/" + refute get_session(conn, :user_token) + assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ "Logged out successfully" + end + + test "succeeds even if the user is not logged in", %{conn: conn} do + conn = delete(conn, ~p"/users/log-out") + assert redirected_to(conn) == ~p"/" + refute get_session(conn, :user_token) + assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ "Logged out successfully" + end + end +end diff --git a/test/learning_phoenix_web/live/user_live/confirmation_test.exs b/test/learning_phoenix_web/live/user_live/confirmation_test.exs new file mode 100644 index 0000000..7ed1fc1 --- /dev/null +++ b/test/learning_phoenix_web/live/user_live/confirmation_test.exs @@ -0,0 +1,105 @@ +defmodule LearningPhoenixWeb.UserLive.ConfirmationTest do + use LearningPhoenixWeb.ConnCase + + import Phoenix.LiveViewTest + import LearningPhoenix.AccountsFixtures + + alias LearningPhoenix.Accounts + + setup do + %{unconfirmed_user: unconfirmed_user_fixture(), confirmed_user: user_fixture()} + end + + describe "Confirm user" do + test "renders confirmation page for unconfirmed user", %{conn: conn, unconfirmed_user: user} do + token = + extract_user_token(fn url -> + Accounts.deliver_login_instructions(user, url) + end) + + {:ok, _lv, html} = live(conn, ~p"/users/log-in/#{token}") + assert html =~ "Confirm and stay logged in" + end + + test "renders login page for confirmed user", %{conn: conn, confirmed_user: user} do + token = + extract_user_token(fn url -> + Accounts.deliver_login_instructions(user, url) + end) + + {:ok, _lv, html} = live(conn, ~p"/users/log-in/#{token}") + refute html =~ "Confirm my account" + assert html =~ "Log in" + end + + test "confirms the given token once", %{conn: conn, unconfirmed_user: user} do + token = + extract_user_token(fn url -> + Accounts.deliver_login_instructions(user, url) + end) + + {:ok, lv, _html} = live(conn, ~p"/users/log-in/#{token}") + + form = form(lv, "#confirmation_form", %{"user" => %{"token" => token}}) + render_submit(form) + + conn = follow_trigger_action(form, conn) + + assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ + "User confirmed successfully" + + assert Accounts.get_user!(user.id).confirmed_at + # we are logged in now + assert get_session(conn, :user_token) + assert redirected_to(conn) == ~p"/" + + # log out, new conn + conn = build_conn() + + {:ok, _lv, html} = + live(conn, ~p"/users/log-in/#{token}") + |> follow_redirect(conn, ~p"/users/log-in") + + assert html =~ "Magic link is invalid or it has expired" + end + + test "logs confirmed user in without changing confirmed_at", %{ + conn: conn, + confirmed_user: user + } do + token = + extract_user_token(fn url -> + Accounts.deliver_login_instructions(user, url) + end) + + {:ok, lv, _html} = live(conn, ~p"/users/log-in/#{token}") + + form = form(lv, "#login_form", %{"user" => %{"token" => token}}) + render_submit(form) + + conn = follow_trigger_action(form, conn) + + assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ + "Welcome back!" + + assert Accounts.get_user!(user.id).confirmed_at == user.confirmed_at + + # log out, new conn + conn = build_conn() + + {:ok, _lv, html} = + live(conn, ~p"/users/log-in/#{token}") + |> follow_redirect(conn, ~p"/users/log-in") + + assert html =~ "Magic link is invalid or it has expired" + end + + test "raises error for invalid token", %{conn: conn} do + {:ok, _lv, html} = + live(conn, ~p"/users/log-in/invalid-token") + |> follow_redirect(conn, ~p"/users/log-in") + + assert html =~ "Magic link is invalid or it has expired" + end + end +end diff --git a/test/learning_phoenix_web/live/user_live/login_test.exs b/test/learning_phoenix_web/live/user_live/login_test.exs new file mode 100644 index 0000000..66ed9db --- /dev/null +++ b/test/learning_phoenix_web/live/user_live/login_test.exs @@ -0,0 +1,109 @@ +defmodule LearningPhoenixWeb.UserLive.LoginTest do + use LearningPhoenixWeb.ConnCase + + import Phoenix.LiveViewTest + import LearningPhoenix.AccountsFixtures + + describe "login page" do + test "renders login page", %{conn: conn} do + {:ok, _lv, html} = live(conn, ~p"/users/log-in") + + assert html =~ "Log in" + assert html =~ "Register" + assert html =~ "Log in with email" + end + end + + describe "user login - magic link" do + test "sends magic link email when user exists", %{conn: conn} do + user = user_fixture() + + {:ok, lv, _html} = live(conn, ~p"/users/log-in") + + {:ok, _lv, html} = + form(lv, "#login_form_magic", user: %{email: user.email}) + |> render_submit() + |> follow_redirect(conn, ~p"/users/log-in") + + assert html =~ "If your email is in our system" + + assert LearningPhoenix.Repo.get_by!(LearningPhoenix.Accounts.UserToken, user_id: user.id).context == + "login" + end + + test "does not disclose if user is registered", %{conn: conn} do + {:ok, lv, _html} = live(conn, ~p"/users/log-in") + + {:ok, _lv, html} = + form(lv, "#login_form_magic", user: %{email: "idonotexist@example.com"}) + |> render_submit() + |> follow_redirect(conn, ~p"/users/log-in") + + assert html =~ "If your email is in our system" + end + end + + describe "user login - password" do + test "redirects if user logs in with valid credentials", %{conn: conn} do + user = user_fixture() |> set_password() + + {:ok, lv, _html} = live(conn, ~p"/users/log-in") + + form = + form(lv, "#login_form_password", + user: %{email: user.email, password: valid_user_password(), remember_me: true} + ) + + conn = submit_form(form, conn) + + assert redirected_to(conn) == ~p"/" + end + + test "redirects to login page with a flash error if credentials are invalid", %{ + conn: conn + } do + {:ok, lv, _html} = live(conn, ~p"/users/log-in") + + form = + form(lv, "#login_form_password", user: %{email: "test@email.com", password: "123456"}) + + render_submit(form, %{user: %{remember_me: true}}) + + conn = follow_trigger_action(form, conn) + assert Phoenix.Flash.get(conn.assigns.flash, :error) == "Invalid email or password" + assert redirected_to(conn) == ~p"/users/log-in" + end + end + + describe "login navigation" do + test "redirects to registration page when the Register button is clicked", %{conn: conn} do + {:ok, lv, _html} = live(conn, ~p"/users/log-in") + + {:ok, _login_live, login_html} = + lv + |> element("main a", "Sign up") + |> render_click() + |> follow_redirect(conn, ~p"/users/register") + + assert login_html =~ "Register" + end + end + + describe "re-authentication (sudo mode)" do + setup %{conn: conn} do + user = user_fixture() + %{user: user, conn: log_in_user(conn, user)} + end + + test "shows login page with email filled in", %{conn: conn, user: user} do + {:ok, _lv, html} = live(conn, ~p"/users/log-in") + + assert html =~ "You need to reauthenticate" + refute html =~ "Register" + assert html =~ "Log in with email" + + assert html =~ + ~s( log_in_user(user_fixture()) + |> live(~p"/users/register") + |> follow_redirect(conn, ~p"/") + + assert {:ok, _conn} = result + end + + test "renders errors for invalid data", %{conn: conn} do + {:ok, lv, _html} = live(conn, ~p"/users/register") + + result = + lv + |> element("#registration_form") + |> render_change(user: %{"email" => "with spaces"}) + + assert result =~ "Register" + assert result =~ "must have the @ sign and no spaces" + end + end + + describe "register user" do + test "creates account but does not log in", %{conn: conn} do + {:ok, lv, _html} = live(conn, ~p"/users/register") + + email = unique_user_email() + form = form(lv, "#registration_form", user: valid_user_attributes(email: email)) + + {:ok, _lv, html} = + render_submit(form) + |> follow_redirect(conn, ~p"/users/log-in") + + assert html =~ + ~r/An email was sent to .*, please access it to confirm your account/ + end + + test "renders errors for duplicated email", %{conn: conn} do + {:ok, lv, _html} = live(conn, ~p"/users/register") + + user = user_fixture(%{email: "test@email.com"}) + + result = + lv + |> form("#registration_form", + user: %{"email" => user.email} + ) + |> render_submit() + + assert result =~ "has already been taken" + end + end + + describe "registration navigation" do + test "redirects to login page when the Log in button is clicked", %{conn: conn} do + {:ok, lv, _html} = live(conn, ~p"/users/register") + + {:ok, _login_live, login_html} = + lv + |> element("main a", "Log in") + |> render_click() + |> follow_redirect(conn, ~p"/users/log-in") + + assert login_html =~ "Log in" + end + end +end diff --git a/test/learning_phoenix_web/live/user_live/settings_test.exs b/test/learning_phoenix_web/live/user_live/settings_test.exs new file mode 100644 index 0000000..c87f25f --- /dev/null +++ b/test/learning_phoenix_web/live/user_live/settings_test.exs @@ -0,0 +1,212 @@ +defmodule LearningPhoenixWeb.UserLive.SettingsTest do + use LearningPhoenixWeb.ConnCase + + alias LearningPhoenix.Accounts + import Phoenix.LiveViewTest + import LearningPhoenix.AccountsFixtures + + describe "Settings page" do + test "renders settings page", %{conn: conn} do + {:ok, _lv, html} = + conn + |> log_in_user(user_fixture()) + |> live(~p"/users/settings") + + assert html =~ "Change Email" + assert html =~ "Save Password" + end + + test "redirects if user is not logged in", %{conn: conn} do + assert {:error, redirect} = live(conn, ~p"/users/settings") + + assert {:redirect, %{to: path, flash: flash}} = redirect + assert path == ~p"/users/log-in" + assert %{"error" => "You must log in to access this page."} = flash + end + + test "redirects if user is not in sudo mode", %{conn: conn} do + {:ok, conn} = + conn + |> log_in_user(user_fixture(), + token_authenticated_at: DateTime.add(DateTime.utc_now(:second), -11, :minute) + ) + |> live(~p"/users/settings") + |> follow_redirect(conn, ~p"/users/log-in") + + assert conn.resp_body =~ "You must re-authenticate to access this page." + end + end + + describe "update email form" do + setup %{conn: conn} do + user = user_fixture() + %{conn: log_in_user(conn, user), user: user} + end + + test "updates the user email", %{conn: conn, user: user} do + new_email = unique_user_email() + + {:ok, lv, _html} = live(conn, ~p"/users/settings") + + result = + lv + |> form("#email_form", %{ + "user" => %{"email" => new_email} + }) + |> render_submit() + + assert result =~ "A link to confirm your email" + assert Accounts.get_user_by_email(user.email) + end + + test "renders errors with invalid data (phx-change)", %{conn: conn} do + {:ok, lv, _html} = live(conn, ~p"/users/settings") + + result = + lv + |> element("#email_form") + |> render_change(%{ + "action" => "update_email", + "user" => %{"email" => "with spaces"} + }) + + assert result =~ "Change Email" + assert result =~ "must have the @ sign and no spaces" + end + + test "renders errors with invalid data (phx-submit)", %{conn: conn, user: user} do + {:ok, lv, _html} = live(conn, ~p"/users/settings") + + result = + lv + |> form("#email_form", %{ + "user" => %{"email" => user.email} + }) + |> render_submit() + + assert result =~ "Change Email" + assert result =~ "did not change" + end + end + + describe "update password form" do + setup %{conn: conn} do + user = user_fixture() + %{conn: log_in_user(conn, user), user: user} + end + + test "updates the user password", %{conn: conn, user: user} do + new_password = valid_user_password() + + {:ok, lv, _html} = live(conn, ~p"/users/settings") + + form = + form(lv, "#password_form", %{ + "user" => %{ + "email" => user.email, + "password" => new_password, + "password_confirmation" => new_password + } + }) + + render_submit(form) + + new_password_conn = follow_trigger_action(form, conn) + + assert redirected_to(new_password_conn) == ~p"/users/settings" + + assert get_session(new_password_conn, :user_token) != get_session(conn, :user_token) + + assert Phoenix.Flash.get(new_password_conn.assigns.flash, :info) =~ + "Password updated successfully" + + assert Accounts.get_user_by_email_and_password(user.email, new_password) + end + + test "renders errors with invalid data (phx-change)", %{conn: conn} do + {:ok, lv, _html} = live(conn, ~p"/users/settings") + + result = + lv + |> element("#password_form") + |> render_change(%{ + "user" => %{ + "password" => "too short", + "password_confirmation" => "does not match" + } + }) + + assert result =~ "Save Password" + assert result =~ "should be at least 12 character(s)" + assert result =~ "does not match password" + end + + test "renders errors with invalid data (phx-submit)", %{conn: conn} do + {:ok, lv, _html} = live(conn, ~p"/users/settings") + + result = + lv + |> form("#password_form", %{ + "user" => %{ + "password" => "too short", + "password_confirmation" => "does not match" + } + }) + |> render_submit() + + assert result =~ "Save Password" + assert result =~ "should be at least 12 character(s)" + assert result =~ "does not match password" + end + end + + describe "confirm email" do + setup %{conn: conn} do + user = user_fixture() + email = unique_user_email() + + token = + extract_user_token(fn url -> + Accounts.deliver_user_update_email_instructions(%{user | email: email}, user.email, url) + end) + + %{conn: log_in_user(conn, user), token: token, email: email, user: user} + end + + test "updates the user email once", %{conn: conn, user: user, token: token, email: email} do + {:error, redirect} = live(conn, ~p"/users/settings/confirm-email/#{token}") + + assert {:live_redirect, %{to: path, flash: flash}} = redirect + assert path == ~p"/users/settings" + assert %{"info" => message} = flash + assert message == "Email changed successfully." + refute Accounts.get_user_by_email(user.email) + assert Accounts.get_user_by_email(email) + + # use confirm token again + {:error, redirect} = live(conn, ~p"/users/settings/confirm-email/#{token}") + assert {:live_redirect, %{to: path, flash: flash}} = redirect + assert path == ~p"/users/settings" + assert %{"error" => message} = flash + assert message == "Email change link is invalid or it has expired." + end + + test "does not update email with invalid token", %{conn: conn, user: user} do + {:error, redirect} = live(conn, ~p"/users/settings/confirm-email/oops") + assert {:live_redirect, %{to: path, flash: flash}} = redirect + assert path == ~p"/users/settings" + assert %{"error" => message} = flash + assert message == "Email change link is invalid or it has expired." + assert Accounts.get_user_by_email(user.email) + end + + test "redirects if user is not logged in", %{token: token} do + conn = build_conn() + {:error, redirect} = live(conn, ~p"/users/settings/confirm-email/#{token}") + assert {:redirect, %{to: path, flash: flash}} = redirect + assert path == ~p"/users/log-in" + assert %{"error" => message} = flash + assert message == "You must log in to access this page." + end + end +end diff --git a/test/learning_phoenix_web/user_auth_test.exs b/test/learning_phoenix_web/user_auth_test.exs new file mode 100644 index 0000000..220ec7a --- /dev/null +++ b/test/learning_phoenix_web/user_auth_test.exs @@ -0,0 +1,390 @@ +defmodule LearningPhoenixWeb.UserAuthTest do + use LearningPhoenixWeb.ConnCase + + alias Phoenix.LiveView + alias LearningPhoenix.Accounts + alias LearningPhoenix.Accounts.Scope + alias LearningPhoenixWeb.UserAuth + + import LearningPhoenix.AccountsFixtures + + @remember_me_cookie "_learning_phoenix_web_user_remember_me" + @remember_me_cookie_max_age 60 * 60 * 24 * 14 + + setup %{conn: conn} do + conn = + conn + |> Map.replace!(:secret_key_base, LearningPhoenixWeb.Endpoint.config(:secret_key_base)) + |> init_test_session(%{}) + + %{user: %{user_fixture() | authenticated_at: DateTime.utc_now(:second)}, conn: conn} + end + + describe "log_in_user/3" do + test "stores the user token in the session", %{conn: conn, user: user} do + conn = UserAuth.log_in_user(conn, user) + assert token = get_session(conn, :user_token) + assert get_session(conn, :live_socket_id) == "users_sessions:#{Base.url_encode64(token)}" + assert redirected_to(conn) == ~p"/" + assert Accounts.get_user_by_session_token(token) + end + + test "clears everything previously stored in the session", %{conn: conn, user: user} do + conn = conn |> put_session(:to_be_removed, "value") |> UserAuth.log_in_user(user) + refute get_session(conn, :to_be_removed) + end + + test "keeps session when re-authenticating", %{conn: conn, user: user} do + conn = + conn + |> assign(:current_scope, Scope.for_user(user)) + |> put_session(:to_be_removed, "value") + |> UserAuth.log_in_user(user) + + assert get_session(conn, :to_be_removed) + end + + test "clears session when user does not match when re-authenticating", %{ + conn: conn, + user: user + } do + other_user = user_fixture() + + conn = + conn + |> assign(:current_scope, Scope.for_user(other_user)) + |> put_session(:to_be_removed, "value") + |> UserAuth.log_in_user(user) + + refute get_session(conn, :to_be_removed) + end + + test "redirects to the configured path", %{conn: conn, user: user} do + conn = conn |> put_session(:user_return_to, "/hello") |> UserAuth.log_in_user(user) + assert redirected_to(conn) == "/hello" + end + + test "writes a cookie if remember_me is configured", %{conn: conn, user: user} do + conn = conn |> fetch_cookies() |> UserAuth.log_in_user(user, %{"remember_me" => "true"}) + assert get_session(conn, :user_token) == conn.cookies[@remember_me_cookie] + assert get_session(conn, :user_remember_me) == true + + assert %{value: signed_token, max_age: max_age} = conn.resp_cookies[@remember_me_cookie] + assert signed_token != get_session(conn, :user_token) + assert max_age == @remember_me_cookie_max_age + end + + test "redirects to settings when user is already logged in", %{conn: conn, user: user} do + conn = + conn + |> assign(:current_scope, Scope.for_user(user)) + |> UserAuth.log_in_user(user) + + assert redirected_to(conn) == ~p"/users/settings" + end + + test "writes a cookie if remember_me was set in previous session", %{conn: conn, user: user} do + conn = conn |> fetch_cookies() |> UserAuth.log_in_user(user, %{"remember_me" => "true"}) + assert get_session(conn, :user_token) == conn.cookies[@remember_me_cookie] + assert get_session(conn, :user_remember_me) == true + + conn = + conn + |> recycle() + |> Map.replace!(:secret_key_base, LearningPhoenixWeb.Endpoint.config(:secret_key_base)) + |> fetch_cookies() + |> init_test_session(%{user_remember_me: true}) + + # the conn is already logged in and has the remember_me cookie set, + # now we log in again and even without explicitly setting remember_me, + # the cookie should be set again + conn = conn |> UserAuth.log_in_user(user, %{}) + assert %{value: signed_token, max_age: max_age} = conn.resp_cookies[@remember_me_cookie] + assert signed_token != get_session(conn, :user_token) + assert max_age == @remember_me_cookie_max_age + assert get_session(conn, :user_remember_me) == true + end + end + + describe "logout_user/1" do + test "erases session and cookies", %{conn: conn, user: user} do + user_token = Accounts.generate_user_session_token(user) + + conn = + conn + |> put_session(:user_token, user_token) + |> put_req_cookie(@remember_me_cookie, user_token) + |> fetch_cookies() + |> UserAuth.log_out_user() + + refute get_session(conn, :user_token) + refute conn.cookies[@remember_me_cookie] + assert %{max_age: 0} = conn.resp_cookies[@remember_me_cookie] + assert redirected_to(conn) == ~p"/" + refute Accounts.get_user_by_session_token(user_token) + end + + test "broadcasts to the given live_socket_id", %{conn: conn} do + live_socket_id = "users_sessions:abcdef-token" + LearningPhoenixWeb.Endpoint.subscribe(live_socket_id) + + conn + |> put_session(:live_socket_id, live_socket_id) + |> UserAuth.log_out_user() + + assert_receive %Phoenix.Socket.Broadcast{event: "disconnect", topic: ^live_socket_id} + end + + test "works even if user is already logged out", %{conn: conn} do + conn = conn |> fetch_cookies() |> UserAuth.log_out_user() + refute get_session(conn, :user_token) + assert %{max_age: 0} = conn.resp_cookies[@remember_me_cookie] + assert redirected_to(conn) == ~p"/" + end + end + + describe "fetch_current_scope_for_user/2" do + test "authenticates user from session", %{conn: conn, user: user} do + user_token = Accounts.generate_user_session_token(user) + + conn = + conn |> put_session(:user_token, user_token) |> UserAuth.fetch_current_scope_for_user([]) + + assert conn.assigns.current_scope.user.id == user.id + assert conn.assigns.current_scope.user.authenticated_at == user.authenticated_at + assert get_session(conn, :user_token) == user_token + end + + test "authenticates user from cookies", %{conn: conn, user: user} do + logged_in_conn = + conn |> fetch_cookies() |> UserAuth.log_in_user(user, %{"remember_me" => "true"}) + + user_token = logged_in_conn.cookies[@remember_me_cookie] + %{value: signed_token} = logged_in_conn.resp_cookies[@remember_me_cookie] + + conn = + conn + |> put_req_cookie(@remember_me_cookie, signed_token) + |> UserAuth.fetch_current_scope_for_user([]) + + assert conn.assigns.current_scope.user.id == user.id + assert conn.assigns.current_scope.user.authenticated_at == user.authenticated_at + assert get_session(conn, :user_token) == user_token + assert get_session(conn, :user_remember_me) + + assert get_session(conn, :live_socket_id) == + "users_sessions:#{Base.url_encode64(user_token)}" + end + + test "does not authenticate if data is missing", %{conn: conn, user: user} do + _ = Accounts.generate_user_session_token(user) + conn = UserAuth.fetch_current_scope_for_user(conn, []) + refute get_session(conn, :user_token) + refute conn.assigns.current_scope + end + + test "reissues a new token after a few days and refreshes cookie", %{conn: conn, user: user} do + logged_in_conn = + conn |> fetch_cookies() |> UserAuth.log_in_user(user, %{"remember_me" => "true"}) + + token = logged_in_conn.cookies[@remember_me_cookie] + %{value: signed_token} = logged_in_conn.resp_cookies[@remember_me_cookie] + + offset_user_token(token, -10, :day) + {user, _} = Accounts.get_user_by_session_token(token) + + conn = + conn + |> put_session(:user_token, token) + |> put_session(:user_remember_me, true) + |> put_req_cookie(@remember_me_cookie, signed_token) + |> UserAuth.fetch_current_scope_for_user([]) + + assert conn.assigns.current_scope.user.id == user.id + assert conn.assigns.current_scope.user.authenticated_at == user.authenticated_at + assert new_token = get_session(conn, :user_token) + assert new_token != token + assert %{value: new_signed_token, max_age: max_age} = conn.resp_cookies[@remember_me_cookie] + assert new_signed_token != signed_token + assert max_age == @remember_me_cookie_max_age + end + end + + describe "on_mount :mount_current_scope" do + setup %{conn: conn} do + %{conn: UserAuth.fetch_current_scope_for_user(conn, [])} + end + + test "assigns current_scope based on a valid user_token", %{conn: conn, user: user} do + user_token = Accounts.generate_user_session_token(user) + session = conn |> put_session(:user_token, user_token) |> get_session() + + {:cont, updated_socket} = + UserAuth.on_mount(:mount_current_scope, %{}, session, %LiveView.Socket{}) + + assert updated_socket.assigns.current_scope.user.id == user.id + end + + test "assigns nil to current_scope assign if there isn't a valid user_token", %{conn: conn} do + user_token = "invalid_token" + session = conn |> put_session(:user_token, user_token) |> get_session() + + {:cont, updated_socket} = + UserAuth.on_mount(:mount_current_scope, %{}, session, %LiveView.Socket{}) + + assert updated_socket.assigns.current_scope == nil + end + + test "assigns nil to current_scope assign if there isn't a user_token", %{conn: conn} do + session = conn |> get_session() + + {:cont, updated_socket} = + UserAuth.on_mount(:mount_current_scope, %{}, session, %LiveView.Socket{}) + + assert updated_socket.assigns.current_scope == nil + end + end + + describe "on_mount :require_authenticated" do + test "authenticates current_scope based on a valid user_token", %{conn: conn, user: user} do + user_token = Accounts.generate_user_session_token(user) + session = conn |> put_session(:user_token, user_token) |> get_session() + + {:cont, updated_socket} = + UserAuth.on_mount(:require_authenticated, %{}, session, %LiveView.Socket{}) + + assert updated_socket.assigns.current_scope.user.id == user.id + end + + test "redirects to login page if there isn't a valid user_token", %{conn: conn} do + user_token = "invalid_token" + session = conn |> put_session(:user_token, user_token) |> get_session() + + socket = %LiveView.Socket{ + endpoint: LearningPhoenixWeb.Endpoint, + assigns: %{__changed__: %{}, flash: %{}} + } + + {:halt, updated_socket} = UserAuth.on_mount(:require_authenticated, %{}, session, socket) + assert updated_socket.assigns.current_scope == nil + end + + test "redirects to login page if there isn't a user_token", %{conn: conn} do + session = conn |> get_session() + + socket = %LiveView.Socket{ + endpoint: LearningPhoenixWeb.Endpoint, + assigns: %{__changed__: %{}, flash: %{}} + } + + {:halt, updated_socket} = UserAuth.on_mount(:require_authenticated, %{}, session, socket) + assert updated_socket.assigns.current_scope == nil + end + end + + describe "on_mount :require_sudo_mode" do + test "allows users that have authenticated in the last 10 minutes", %{conn: conn, user: user} do + user_token = Accounts.generate_user_session_token(user) + session = conn |> put_session(:user_token, user_token) |> get_session() + + socket = %LiveView.Socket{ + endpoint: LearningPhoenixWeb.Endpoint, + assigns: %{__changed__: %{}, flash: %{}} + } + + assert {:cont, _updated_socket} = + UserAuth.on_mount(:require_sudo_mode, %{}, session, socket) + end + + test "redirects when authentication is too old", %{conn: conn, user: user} do + eleven_minutes_ago = DateTime.utc_now(:second) |> DateTime.add(-11, :minute) + user = %{user | authenticated_at: eleven_minutes_ago} + user_token = Accounts.generate_user_session_token(user) + {user, token_inserted_at} = Accounts.get_user_by_session_token(user_token) + assert DateTime.compare(token_inserted_at, user.authenticated_at) == :gt + session = conn |> put_session(:user_token, user_token) |> get_session() + + socket = %LiveView.Socket{ + endpoint: LearningPhoenixWeb.Endpoint, + assigns: %{__changed__: %{}, flash: %{}} + } + + assert {:halt, _updated_socket} = + UserAuth.on_mount(:require_sudo_mode, %{}, session, socket) + end + end + + describe "require_authenticated_user/2" do + setup %{conn: conn} do + %{conn: UserAuth.fetch_current_scope_for_user(conn, [])} + end + + test "redirects if user is not authenticated", %{conn: conn} do + conn = conn |> fetch_flash() |> UserAuth.require_authenticated_user([]) + assert conn.halted + + assert redirected_to(conn) == ~p"/users/log-in" + + assert Phoenix.Flash.get(conn.assigns.flash, :error) == + "You must log in to access this page." + end + + test "stores the path to redirect to on GET", %{conn: conn} do + halted_conn = + %{conn | path_info: ["foo"], query_string: ""} + |> fetch_flash() + |> UserAuth.require_authenticated_user([]) + + assert halted_conn.halted + assert get_session(halted_conn, :user_return_to) == "/foo" + + halted_conn = + %{conn | path_info: ["foo"], query_string: "bar=baz"} + |> fetch_flash() + |> UserAuth.require_authenticated_user([]) + + assert halted_conn.halted + assert get_session(halted_conn, :user_return_to) == "/foo?bar=baz" + + halted_conn = + %{conn | path_info: ["foo"], query_string: "bar", method: "POST"} + |> fetch_flash() + |> UserAuth.require_authenticated_user([]) + + assert halted_conn.halted + refute get_session(halted_conn, :user_return_to) + end + + test "does not redirect if user is authenticated", %{conn: conn, user: user} do + conn = + conn + |> assign(:current_scope, Scope.for_user(user)) + |> UserAuth.require_authenticated_user([]) + + refute conn.halted + refute conn.status + end + end + + describe "disconnect_sessions/1" do + test "broadcasts disconnect messages for each token" do + tokens = [%{token: "token1"}, %{token: "token2"}] + + for %{token: token} <- tokens do + LearningPhoenixWeb.Endpoint.subscribe("users_sessions:#{Base.url_encode64(token)}") + end + + UserAuth.disconnect_sessions(tokens) + + assert_receive %Phoenix.Socket.Broadcast{ + event: "disconnect", + topic: "users_sessions:dG9rZW4x" + } + + assert_receive %Phoenix.Socket.Broadcast{ + event: "disconnect", + topic: "users_sessions:dG9rZW4y" + } + end + end +end diff --git a/test/support/conn_case.ex b/test/support/conn_case.ex index b337e03..cfb5b4f 100644 --- a/test/support/conn_case.ex +++ b/test/support/conn_case.ex @@ -35,4 +35,45 @@ defmodule LearningPhoenixWeb.ConnCase do LearningPhoenix.DataCase.setup_sandbox(tags) {:ok, conn: Phoenix.ConnTest.build_conn()} end + + @doc """ + Setup helper that registers and logs in users. + + setup :register_and_log_in_user + + It stores an updated connection and a registered user in the + test context. + """ + def register_and_log_in_user(%{conn: conn} = context) do + user = LearningPhoenix.AccountsFixtures.user_fixture() + scope = LearningPhoenix.Accounts.Scope.for_user(user) + + opts = + context + |> Map.take([:token_authenticated_at]) + |> Enum.into([]) + + %{conn: log_in_user(conn, user, opts), user: user, scope: scope} + end + + @doc """ + Logs the given `user` into the `conn`. + + It returns an updated `conn`. + """ + def log_in_user(conn, user, opts \\ []) do + token = LearningPhoenix.Accounts.generate_user_session_token(user) + + maybe_set_token_authenticated_at(token, opts[:token_authenticated_at]) + + conn + |> Phoenix.ConnTest.init_test_session(%{}) + |> Plug.Conn.put_session(:user_token, token) + end + + defp maybe_set_token_authenticated_at(_token, nil), do: nil + + defp maybe_set_token_authenticated_at(token, authenticated_at) do + LearningPhoenix.AccountsFixtures.override_token_authenticated_at(token, authenticated_at) + end end diff --git a/test/support/fixtures/accounts_fixtures.ex b/test/support/fixtures/accounts_fixtures.ex new file mode 100644 index 0000000..f8b5ef9 --- /dev/null +++ b/test/support/fixtures/accounts_fixtures.ex @@ -0,0 +1,89 @@ +defmodule LearningPhoenix.AccountsFixtures do + @moduledoc """ + This module defines test helpers for creating + entities via the `LearningPhoenix.Accounts` context. + """ + + import Ecto.Query + + alias LearningPhoenix.Accounts + alias LearningPhoenix.Accounts.Scope + + def unique_user_email, do: "user#{System.unique_integer()}@example.com" + def valid_user_password, do: "hello world!" + + def valid_user_attributes(attrs \\ %{}) do + Enum.into(attrs, %{ + email: unique_user_email() + }) + end + + def unconfirmed_user_fixture(attrs \\ %{}) do + {:ok, user} = + attrs + |> valid_user_attributes() + |> Accounts.register_user() + + user + end + + def user_fixture(attrs \\ %{}) do + user = unconfirmed_user_fixture(attrs) + + token = + extract_user_token(fn url -> + Accounts.deliver_login_instructions(user, url) + end) + + {:ok, {user, _expired_tokens}} = + Accounts.login_user_by_magic_link(token) + + user + end + + def user_scope_fixture do + user = user_fixture() + user_scope_fixture(user) + end + + def user_scope_fixture(user) do + Scope.for_user(user) + end + + def set_password(user) do + {:ok, {user, _expired_tokens}} = + Accounts.update_user_password(user, %{password: valid_user_password()}) + + user + end + + def extract_user_token(fun) do + {:ok, captured_email} = fun.(&"[TOKEN]#{&1}[TOKEN]") + [_, token | _] = String.split(captured_email.text_body, "[TOKEN]") + token + end + + def override_token_authenticated_at(token, authenticated_at) when is_binary(token) do + LearningPhoenix.Repo.update_all( + from(t in Accounts.UserToken, + where: t.token == ^token + ), + set: [authenticated_at: authenticated_at] + ) + end + + def generate_user_magic_link_token(user) do + {encoded_token, user_token} = Accounts.UserToken.build_email_token(user, "login") + LearningPhoenix.Repo.insert!(user_token) + {encoded_token, user_token.token} + end + + def offset_user_token(token, amount_to_add, unit) do + dt = DateTime.add(DateTime.utc_now(:second), amount_to_add, unit) + + LearningPhoenix.Repo.update_all( + from(ut in Accounts.UserToken, where: ut.token == ^token), + set: [inserted_at: dt, authenticated_at: dt] + ) + end +end